Cyber Security Specialist - Inside IR35 - Public Sector - Edinburgh (Hybrid)
Day Rate - Market Rates
Duration - 12 months
Harvey Nash's Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.
Key Responsibilities
Be aware of the current cyber threat landscape and industry best practices and standards.
Support initial scoping and risk assessment of a change project.
Interpret security best practice and accreditation requirements to determine security requirements
Adapt existing cyber security standards and controls to fit specific change projects
Carry out threat modelling and risk assessments
Review high- and low-level designs drafted by solution architects.
Maintain a security design assessment for new services
Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
Plan and co-ordinate independent pen testing
Provide recommendations for stage gating and go live decisions
Own completion and accuracy of all security related product delivery evidence
Provide recommendations for SecOps processes and automation for new systems
Technical scope
Security products (email filtering, AV, firewalls, WAFs, MS Defender)
Security Testing (SAST, DAST)
Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
Application platforms (MS Dynamics, Power Platform)
Cloud platforms (Azure)
Skills Required
Security and Risk assessment
In depth understanding of and experience with enterprise scale digital service provision
Demonstrable recent record making security contribution during the development of a new digital service
Ability to work well in an agile project team with internal colleagues and suppliers
Ability to self-start, accept ownership and see through security aspects of project start to finish
Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
Experience with MS Dynamics, Power Platform and Azure
Experience managing independent testing (scope, pre-test config, triage findings)
Experience with MCSE Certified or equivalent experience
ITIL certification
Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.
To
From
Record Yes No
Always use these settings