Job Description
Cyber Security Risk Analyst - Outside IR35 - Edinburgh (Hybrid) - Public SectorDay Rate - £450Duration - 12 monthsHarvey Nash's Public Sector Client are looking to bring in a contract Cyber Security Risk Analyst to their cyber security team and work closely across with the digital department and with business process owners. Note that you must be onsite once per week in Edinburgh. You will be expected to get up to speed with core business priorities and digital services and contribute to the development and population of new cost-effective, objective, and where possible, automated risk management processes.
The goal is to support data-driven security decisions through maintaining accurate and up-to-date risk information. This includes supporting the development of risk management tools and integration with relevant data sources. You will collaborate closely with product owners, architects, developers, and engineers, as well as security consultants, operations teams, and senior security leadership.Key ResponsibilitiesMaintain an awareness current industry risk management standards and best practices to support gathering accurate detailed data related to risk.Conduct assessments of risks related to projects, changes, and digital services - with a focus on digital risks - through structured conversations and checking system configuration reports.Contribute to the development and improvement of risk management processes and ensure risk data is accurately captured and maintained.Interpret outputs from assurance activities (e.g., vulnerability scans, audits, or penetration tests) and incorporate findings into the risk management process.Support generations of clear, prioritised recommendations for risk treatment and mitigation and tracker application of treatments.Support the design and enhancement of risk data models and tools to enable consistent, efficient risk tracking - such as PowerBI dashboards or similarWork collaboratively across business and technical teams with ability to bridge business and technical language differences and priorities.Technical ScopeOffice suite (Excel, Word, etc...)Cloud platforms (Azure)M365 (e.g.
Microsoft form)Power Platform (desirable but not required)Skills RequiredRisk Assessment or Audit with Digital / Cyber experienceUnderstanding of and experience of business processes mapping and documenting digital service relianceAbility to work well in an agile environment with internal colleagues and suppliersAbility to self-start and see through deadlines, improvements and benefits realisationAbility to explain context and goals with colleagues and collaborate with business and technical colleaguesDesirable SkillsRisk Assessment or Audit with Digital / Cyber experienceUnderstanding of and experience of business processes mapping and documenting digital service relianceAbility to work well in an agile environment with internal colleagues and suppliersAbility to self-start and see through deadlines, improvements and benefits realisationAbility to explain context and goals with colleagues and collaborate with business and technical colleaguesPlease note that you must be eligible for BPSS clearance to commence this contract.ToFromRecord Yes NoAlways use these settingsTPBN1_UKTJ