Summary: The Cyber Security Specialist role involves providing hands-on security advice and guidance within a public sector client's digital transformation programme. The position requires expertise in risk assessment, threat modelling, and security best practices across various projects. The role is hybrid, based in Edinburgh, and offers a competitive daily rate. This is a 12-month contract classified as outside IR35.
Key Responsibilities:
- Support risk assessment and threat modelling for change projects
- Interpret security best practice and accreditation requirements
- Review high/low level designs from solution architects
- Carry out basic security assessments (eg SSL Labs, CSP evaluator)
- Plan and coordinate independent penetration testing
- Own security-related delivery evidence and provide go-live recommendations
- Support handover to SecOps with process/automation input
Key Skills:
- Proven track record delivering security input on enterprise-scale digital services
- Strong risk assessment and threat modelling experience
- Comfortable working in agile teams with internal staff and suppliers
- Self-starter, able to own security workstreams end-to-end
- Power Platform/Dynamics/Azure experience, MCSE or equivalent, ITIL (desirable)
Salary (Rate): £500/day
City: Edinburgh
Country: UK
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Cyber Security Specialist - 12 Month Contract (Outside IR35)
Edinburgh (Hybrid) | Up to £500/day | 12 Months
We're recruiting on behalf of a major public sector client for an experienced Cyber Security Specialist to join their digital transformation programme.
The Role
You'll sit within the client's cyber security team, providing hands-on security advice and guidance across a portfolio of digital transformation projects - covering everything from initial risk assessment through to go-live and SecOps handover.
Key Responsibilities
- Support risk assessment and threat modelling for change projects
- Interpret security best practice and accreditation requirements
- Review high/low level designs from solution architects
- Carry out basic security assessments (eg SSL Labs, CSP evaluator)
- Plan and coordinate independent penetration testing
- Own security-related delivery evidence and provide go-live recommendations
- Support handover to SecOps with process/automation input
Technical Environment
Azure (Entra, Intune), M365, AD/GP/SCCM, Windows Server/Hyper-V, Power Platform/Dynamics, SAST/DAST, standard security tooling (Firewalls, WAF, AV, Defender).
What We're Looking For
- Proven track record delivering security input on enterprise-scale digital services
- Strong risk assessment and threat modelling experience
- Comfortable working in agile teams with internal staff and suppliers
- Self-starter, able to own security workstreams end-to-end
Desirable:
- Power Platform/Dynamics/Azure experience, MCSE or equivalent, ITIL
Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.