Cyber Security Specialist - Inside IR35 - Public Sector - Edinburgh (Hybrid)
Day Rate - Market Rates
Duration - 12 months
Harvey Nash's Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.
Key Responsibilities
* Be aware of the current cyber threat landscape and industry best practices and standards.
* Support initial scoping and risk assessment of a change project.
* Interpret security best practice and accreditation requirements to determine security requirements
* Adapt existing cyber security standards and controls to fit specific change projects
* Carry out threat modelling and risk assessments
* Review high- and low-level designs drafted by solution architects.
* Maintain a security design assessment for new services
* Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
* Plan and co-ordinate independent pen testing
* Provide recommendations for stage gating and go live decisions
* Own completion and accuracy of all security related product delivery evidence
* Provide recommendations for SecOps processes and automation for new systems
Technical scope
* Security products (email filtering, AV, firewalls, WAFs, MS Defender)
* Security Testing (SAST, DAST)
* Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
* Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
* Application platforms (MS Dynamics, Power Platform)
* Cloud platforms (Azure)
Skills Required
* Security and Risk assessment
* In depth understanding of and experience with enterprise scale digital service provision
* Demonstrable recent record making security contribution during the development of a new digital service
* Ability to work well in an agile project team with internal colleagues and suppliers
* Ability to self-start, accept ownership and see through security aspects of project start to finish
* Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
* Experience with MS Dynamics, Power Platform and Azure
* Experience managing independent testing (scope, pre-test config, triage findings)
* Experience with MCSE Certified or equivalent experience
* ITIL certification
Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.
To
From
Record Yes No
Always use these settings
JBRP1_UKTJ