Job Description
Cyber Security Specialist| 12 Month Contract | (Outside IR35) | Hybrid | Starting ASAP
Day Rate: Market Rates
Harvey Nash's Public Sector Client are hiring a Cyber Security Specialist, you will work with the cyber security team, providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.
Job Description:
Key Responsibilities
* Be aware of the current cyber threat landscape and industry best practices and standards.
* Support initial scoping and risk assessment of a change project.
* Interpret security best practice and accreditation requirements to determine security requirements
* Adapt existing cyber security standards and controls to fit specific change projects
* Carry out threat modelling and risk assessments
* Review high and low level designs drafted by solution architects.
* Maintain a security design assessment for new services
* Carry out basic hands on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
* Plan and co-ordinate independent pen testing
* Provide recommendations for stage gating and go live decisions
* Own completion and accuracy of all security related product delivery evidence
* Provide recommendations for SecOps processes and automation for new systems
Technical scope
* Security products (email filtering, AV, firewalls, WAFs, MS Defender)
* Security Testing (SAST, DAST)
* Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
* Enterprise Systems (email, PKI, AD, GP, SCCM, Azure, M365)
* Application platforms (MS Dynamics, Power Platform)
* Cloud platforms (Azure)
Skills Required
* Security and Risk assessment
* In depth understanding of and experience with enterprise scale digital service provision
* Demonstrable recent record making security contribution during the development of a new digital service
* Ability to work well in an agile project team with internal colleagues and suppliers
* Ability to self-start, accept ownership and see through security aspects of project start to finish
* Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
* Experience with MS Dynamics, Power Platform and Azure
* Experience managing independent testing (scope, pre-test config, triage findings)
* Experience with MCSE Certified or equivalent experience
* ITIL certification
This role has been deemed Outside IR35 by the client. Applicants must hold, or be happy to apply for, a valid Basic Disclosure Scotland. Please click the link to apply.
JBRP1_UKTJ