Cyber Security Specialist - Inside IR35 - Public Sector - Edinburgh (Hybrid) Day Rate - Market Rates Duration - 12 months Harvey Nashs Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle. Key Responsibilities Be aware of the current cyber threat landscape and industry best practices and standards. Support initial scoping and risk assessment of a change project. Interpret security best practice and accreditation requirements to determine security requirements Adapt existing cyber security standards and controls to fit specific change projects Carry out threat modelling and risk assessments Review high- and low-level designs drafted by solution architects. Maintain a security design assessment for new services Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing) Plan and co-ordinate independent pen testing Provide recommendations for stage gating and go live decisions Own completion and accuracy of all security related product delivery evidence Provide recommendations for SecOps processes and automation for new systems Technical scope Security products (email filtering, AV, firewalls, WAFs, MS Defender) Security Testing (SAST, DAST) Virtualisation platforms and operating systems, including Hyper-V and Windows Server. Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365) Application platforms (MS Dynamics, Power Platform) Cloud platforms (Azure) Skills Required Security and Risk assessment In depth understanding of and experience with enterprise scale digital service provision Demonstrable recent record making security contribution during the development of a new digital service Ability to work well in an agile project team with internal colleagues and suppliers Ability to self-start, accept ownership and see through security aspects of project start to finish Ability to share knowledge and experience with colleagues and effectively hand over to SecOps Desirable Skills Experience with MS Dynamics, Power Platform and Azure Experience managing independent testing (scope, pre-test config, triage findings) Experience with MCSE Certified or equivalent experience ITIL certification Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post. To From Record Yes No Always use these settings