Cyber Security Specialist
12-month contract
£500-550 per day
Outside IR35
Hybrid - Edinburgh (1-2 days per week onsite)
We are currently recruiting for an experienced Cyber Security Specialist to join a busy digital transformation environment on a 12-month contract. This role will play a key part in ensuring robust cyber security practices are embedded across new and evolving digital services.
Working as part of a dedicated cyber security function, you will provide specialist advice and guidance across the full service lifecycle, supporting projects from initial scoping through to go-live and ongoing operational readiness.
Key responsibilities:
1. Provide cyber security advice and guidance to digital and transformation projects throughout their lifecycle.
2. Support early-stage scoping and risk assessment activities for new and evolving services.
3. Interpret security policies, standards, and accreditation requirements to define appropriate controls.
4. Conduct threat modelling and risk assessments to identify and mitigate vulnerabilities.
5. Review solution architecture and detailed designs to ensure alignment with security requirements.
6. Maintain and document security design assessments for new services.
7. Carry out hands-on security checks (. configuration reviews), and coordinate independent penetration testing.
8. Provide recommendations to support stage gate reviews and go-live decisions.
9. Own and manage all security-related delivery evidence required for project assurance.
10. Contribute to the development of secure operational processes, including SecOps practices and automation.
Key requirements:
11. Strong experience in cyber security and risk assessment within enterprise-scale digital environments.
12. Proven track record of contributing to the secure delivery of new digital services.
13. Good understanding of current cyber threat landscape, security standards, and best practice.
14. Experience working within agile delivery teams alongside internal stakeholders and third-party suppliers.
15. Ability to take ownership of security deliverables and drive them through to completion.
16. Strong communication skills, with the ability to translate technical risks and controls to non-technical stakeholders.
17. Technical experience across:
18. Enterprise security tooling such as email filtering, antivirus, firewalls, WAF, and Microsoft Defender
19. Security testing approaches including SAST and DAST
20. Enterprise platforms including Active Directory, PKI, SCCM, Microsoft 365, and Azure (including Entra and Intune)
21. Virtualisation and operating systems, including Windows Server and Hyper-V
22. Cloud environments, particularly Microsoft Azure
23. Application platforms such as Microsoft Dynamics and Power Platform
Desirable experience:
24. Experience working with Azure, Microsoft Dynamics, and Power Platform environments
25. Experience managing external penetration testing activities
26. Relevant certifications (. MCSE, ITIL) or equivalent experience
27. This is an excellent opportunity to join a high-profile programme, contributing to secure and resilient service delivery within a complex and evolving environment.
This role requires someone onsite 1-2 days per week in the Edinburgh office.
Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.