Security Consultant (Central Government Interim Contract) Overview: We are seeking an experienced Security Consultant for an interim contract within the central government sector. This role will focus on security architecture, policy development, cyber and information security, and the implementation of modern security practices across a range of technology platforms, with a strong emphasis on cloud technologies. The ideal candidate will be a subject matter expert on security matters, providing assurance, risk management, and incident response support for a large-scale government programme. Key Responsibilities: Security Architecture: Lead the design and implementation of security frameworks to ensure the protection of government data and systems across multiple platforms. Develop strategies that integrate with existing government infrastructures while adhering to security best practices. Security Policy Development: Draft, review, and enforce security policies and standards that comply with central government regulations and security frameworks. Ensure all security policies align with government guidelines and industry best practices. Primary Point of Contact for Security Matters: Serve as the go-to individual for all security-related issues within the programme, providing advice and expertise to internal teams, stakeholders, and external partners. Be the subject matter expert on all security concerns and recommendations. Cloud Technologies Expertise: Provide security expertise related to the use of cloud technologies (AWS, Azure, Google Cloud), advising on best practices for securing cloud infrastructure, applications, and services in alignment with government security policies. Cybersecurity Expertise: Lead the identification, analysis, and mitigation of cybersecurity risks, ensuring proactive measures are in place to protect government data and systems from emerging threats. Develop incident response strategies and respond to security breaches swiftly and effectively. Information Security Management: Oversee the creation and execution of information security strategies, ensuring the protection of confidential government information from unauthorized access, theft, or loss. Stay Abreast of Modern Security Trends: Continuously update knowledge on the latest security trends, tools, and techniques. Apply cutting-edge security practices to improve the resilience and robustness of government systems and data. Central Government Experience: Apply extensive knowledge of government security regulations, compliance requirements (such as NIST, ISO 27001), and unique challenges faced by public sector organisations. Ensure alignment with government security policies and practices. Assurance and Risk Management: Conduct risk assessments, security audits, and assurance processes to ensure systems are secure and compliant with relevant security standards. Identify potential security risks and work with stakeholders to implement appropriate mitigations. Incident Response and Security Monitoring: Develop and maintain incident response plans, conduct ongoing security monitoring, and ensure quick detection and resolution of potential security incidents or breaches. Essential Skills: Expertise in Security Architecture and Design In-depth Knowledge of Cybersecurity Best Practices Proficiency with Cloud Security Solutions (AWS, Azure, GCP) Experience with Information Security Standards (ISO 27001, NIST) Strong Risk Assessment and Management Skills Ability to Develop and Implement Security Policies Incident Response and Disaster Recovery Planning Experience in Security Auditing and Compliance Familiarity with Modern Security Tools and Techniques Excellent Stakeholder Management and Communication Skills Central Government Security Clearance (or ability to obtain) Knowledge of Regulatory and Legal Frameworks in Government Strong Analytical and Problem-Solving Skills Desirable Qualifications: Certifications: CISSP, CISM, CISA, or equivalent security certifications Experience with Security Automation and DevSecOps Familiarity with Government Digital Service (GDS) standards and frameworks