Cyber and Fraud Centre Scotland – Edinburgh – with some travel
Who we are
The Cyber and Fraud Centre is Scotland’s only cyber social enterprise. Our mission as a socially driven organisation is to deliver accessible, affordable, and relevant cyber and fraud services. With our dedicated team, we protect organisations all over Scotland by offering professional services, skills, and community building. The Cyber and Fraud Centre has established itself as an authoritative voice in the realm of cyber safety and resilience ensuring a safer and more robust business landscape in Scotland.
We reinvest in our cyber and fraud community, and ensure that all private, public and third sector organisations we work with have access to our people and resources, to stay secure. We are dedicated to promoting cybersecurity and providing comprehensive support within the business sector. We achieve this through the delivery of education and preventative training, as well as actively raising awareness of threats throughout the business community and providing support in the event of an incident. It is our intention that organisations have the skills and knowledge to protect themselves against online attacks.
We are a small, high performing team with a focus on genuine care and respect for one another as we work to bring cyber safety to organisations around Scotland. The threat landscape is constantly evolving, and this is an exciting time to join us as we continue to grow and expand our services. We have an internal culture and well-being group, and we meet to discuss what we have been doing, and what new things we can do to further enhance the experience for employees. This has led to us implementing a 4-day working week.
About the role
This role is key in making the businesses of Scotland more secure by providing guidance to improve their cyber controls, and other elements that contribute to building a healthy and mature cybersecurity posture.
You will achieve this by leading and delivering the Centre’s cyber division and by providing a range of comprehensive cyber security advice and high-quality services to business, including corporate footprints, internal and remote testing, tabletop exercises and cyber awareness training. This role requires a deep understanding of cyber security principles, excellent client-facing skills, and the ability to drive security initiatives from conception to completion.
This role manages our team of talented Ethical Hackers, dedicated to identifying and reporting vulnerabilities within client systems and recommending remediation in a confidential and timely manner. Our team of Ethical Hackers play a vital role in delivering our ongoing projects.
Your key responsibilities will include:
1. Being strategic lead and product owner of the Centre’s Professional Services
2. Assisting in the generation of new and management of existing business
3. Lead and mentor our team of Ethical Hackers
4. Liaising with clients directly, ensuring strong relationships are built and maintained
5. Developing and delivering cyber awareness presentations at events, conferences and to our members
6. Identifying emerging security trends and technologies to keep the company’s offerings current and competitive
7. Designing and delivering cyber training and support to our members and clients
8. Attending any relevant meetings, events, and networking opportunities
9. Ensuring projects are delivered on time and on budget
About you
1. Hold a relevant certification: CREST Registered Tester (CRT)
2. Proficiency with Python or similar language
3. Proficiency with Nessus Tenable
4. Deep understanding of industry standard frameworks including the MITRE ATT&CK framework and the OWASP standard.
5. OSCP (or OSCE) certified
6. Experience with cloud security assessments (AWS, Azure, or GCP)
7. Knowledge of container security (Docker, Kubernetes)
You will:
1. Have a degree in a Cyber related subject
2. Be enthusiastic about delivering best-in-class services
3. Have comprehensive knowledge and experience in cyber security
4. Be able to demonstrate a proven record as a successful leader
5. Have extensive commercial experience
6. Have the ability to quickly learn and understand new skills and technologies specific to the Cyber Security industry
7. Have extensive experience in penetration testing, including network, web application and internal penetration testing – 3 years’ experience is desirable
8. Be experienced in leading customer engagements on-site
9. Be experienced in working as the solo penetration tester on jobs and of working in teams
10. Have outstanding verbal communication skills with the ability to explain things in a clear and non-technical way
11. Have excellent technical writing skills with a good capacity to adjust your report summary to non-technical people
12. Have Security Cleared status or ability to obtain Security Clearance
13. Have the ability to lead penetration test teams, develop and provide training courses
14. Be able to mentor your peers
15. Be proactive at writing technical documents and improving processes
For further information on the role, visit our website - Cyber Fraud Centre Careers
You must be eligible to work in the UK.
To apply send an up-to-date CV and cover letter setting out your suitability for the role to Kara.McLaughlin@cyberfraudcentre.com
Application deadline: 13th February 2025
#J-18808-Ljbffr