ASA Recruitment’s client, a Public Sector organisation in Edinburgh are currently looking to recruit a Cyber Security Specialist, for an initial 12 month contract (with potential extensions) on a rate c.£650-£700/day inside of IR35 (based on experience).
Responsibilities
* Be aware of the current cyber threat landscape and industry best practices and standards.
* Draft new cyber security standards where new technology is proposed or assurance frameworks adopted
* Interpret security best practice and accreditation controls to determine security requirements
* Coordinate secure change service to ensure future needs are anticipated and advice given is consistent.
* Carry out and review threat modelling and risk assessments carried out by others
* Maintain a security design assessment process for change initiatives
* Review high- and low-level designs drafted by solution architects.
* Carry out basic hands‑on security assessments and review of vulnerability scans (e.g. config or CSP evaluator, not including full pen testing)
* Provide recommendations for stage gating and go live decisions
* Own completion and accuracy of all security related product delivery evidence
* Provide recommendations for SecOps processes and automation for new systems
Technical scope
* Security products (email filtering, AV, firewalls, WAFs, MS Defender)
* Security Testing (SAST, DAST)
* Virtualisation platforms and operating systems, including Hyper‑V and Windows Server
* Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
* Application platforms (MS Dynamics, Power Platform)
* Cloud platforms (Azure)
* Standards (Zero Trust, CAF)
Essential Skills & Experience
* Design processes for and carry out Security and Risk assessments
* In depth understanding of and experience with enterprise scale digital service provision
* Demonstrable recent record making security contribution during the development of a new digital service
* Ability to work well in an agile project team with internal colleagues and suppliers
* Ability to self‑start, accept ownership and see through security aspects of project start to finish
* Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
* Experience with MS Dynamics, Power Platform and Azure
* Experience managing independent testing (scope, pre‑test config, triage findings)
* Experience with MCSE Certified or equivalent experience
* ITIL certification
#J-18808-Ljbffr