Cyber Security Specialist - Inside IR35 - Public Sector - Edinburgh (Hybrid)
Day Rate - Market Rates
Duration - 12 months
Harvey Nash's Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.
Key Responsibilities
- Be aware of the current cyber threat landscape and industry best practices and standards.
- Support initial scoping and risk assessment of a change project.
- Interpret security best practice and accreditation requirements to determine security requirements
- Adapt existing cyber security standards and controls to fit specific change projects
- Carry out threat modelling and risk assessments
- Review high- and low-level designs drafted by solution architects.
- Maintain a security design assessment for new services
- Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
- Plan and co-ordinate independent pen testing
- Provide recommendations for stage gating and go live decisions
- Own completion and accuracy of all security related product delivery evidence
- Provide recommendations for SecOps processes and automation for new systems
Technical scope
- Security products (email filtering, AV, firewalls, WAFs, MS Defender)
- Security Testing (SAST, DAST)
- Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
- Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
- Application platforms (MS Dynamics, Power Platform)
- Cloud platforms (Azure)
Skills Required
- Security and Risk assessment
- In depth understanding of and experience with enterprise scale digital service provision
- Demonstrable recent record making security contribution during the development of a new digital service
- Ability to work well in an agile project team with internal colleagues and suppliers
- Ability to self-start, accept ownership and see through security aspects of project start to finish
- Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
- Experience with MS Dynamics, Power Platform and Azure
- Experience managing independent testing (scope, pre-test config, triage findings)
- Experience with MCSE Certified or equivalent experience
- ITIL certification
Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.
