Cyber Security Analyst

Detailed Description From Employer:

Cyber Security Risk Analyst - Inside IR35 - Edinburgh (Hybrid) - Public Sector

Day Rate - Market Rates

Duration - 12 months

Harvey Nash's Public Sector Client are looking to bring in a contract Cyber Security Risk Analyst to their cyber security team and work closely across with the digital department and with business process owners. You will be expected to get up to speed with core business priorities and digital services and contribute to the development and population of new cost-effective, objective, and where possible, automated risk management processes. The goal is to support data-driven security decisions through maintaining accurate and up-to-date risk information. This includes supporting the development of risk management tools and integration with relevant data sources. You will collaborate closely with product owners, architects, developers, and engineers, as well as security consultants, operations teams, and senior security leadership.

Key Responsibilities

• Maintain an awareness current industry risk management standards and best practices to support gathering accurate detailed data related to risk.
• Conduct assessments of risks related to projects, changes, and digital services - with a focus on digital risks - through structured conversations and checking system configuration reports.
• Contribute to the development and improvement of risk management processes and ensure risk data is accurately captured and maintained.
• Interpret outputs from assurance activities (eg, vulnerability scans, audits, or penetration tests) and incorporate findings into the risk management process.
• Support generations of clear, prioritised recommendations for risk treatment and mitigation and tracker application of treatments.
• Support the design and enhancement of risk data models and tools to enable consistent, efficient risk tracking - such as PowerBI dashboards or similar
• Work collaboratively across business and technical teams with ability to bridge business and technical language differences and priorities.

Technical Scope

• Office suite (Excel, Word, etc...)
• Cloud platforms (Azure)
• M365 (eg Microsoft form)
• Power Platform (desirable but not required)

Skills Required

• Risk Assessment or Audit with Digital/Cyber experience
• Understanding of and experience of business processes mapping and documenting digital service reliance
• Ability to work well in an agile environment with internal colleagues and suppliers
• Ability to self-start and see through deadlines, improvements and benefits realisation
• Ability to explain context and goals with colleagues and collaborate with business and technical colleagues

Desirable Skills

• Risk Assessment or Audit with Digital/Cyber experience
• Understanding of and experience of business processes mapping and documenting digital service reliance
• Ability to work well in an agile environment with internal colleagues and suppliers
• Ability to self-start and see through deadlines, improvements and benefits realisation
• Ability to explain context and goals with colleagues and collaborate with business and technical colleagues

Please note that you must be eligible for BPSS clearance to commence this contract.