Summary: The Cyber Security Specialist role involves providing expert advice and guidance to digital transformation projects within a public sector client. The position requires a thorough understanding of the cyber threat landscape and the ability to adapt security standards to specific projects. The specialist will conduct risk assessments, threat modeling, and maintain security design assessments throughout the service lifecycle. This is a 12-month contract position that is classified as outside IR35 and offers a hybrid working arrangement.

Key Responsibilities:

• Be aware of the current cyber threat landscape and industry best practices and standards.
• Support initial scoping and risk assessment of a change project.
• Interpret security best practice and accreditation requirements to determine security requirements.
• Adapt existing cyber security standards and controls to fit specific change projects.
• Carry out threat modelling and risk assessments.
• Review high and low level designs drafted by solution architects.
• Maintain a security design assessment for new services.
• Carry out basic hands on security assessments (eg SSL Labs config or CSP evaluator, not including full pen testing).
• Plan and co-ordinate independent pen testing.
• Provide recommendations for stage gating and go live decisions.
• Own completion and accuracy of all security related product delivery evidence.
• Provide recommendations for SecOps processes and automation for new systems.

Key Skills:

• Security and Risk assessment.
• In depth understanding of and experience with enterprise scale digital service provision.
• Demonstrable recent record making security contribution during the development of a new digital service.
• Ability to work well in an agile project team with internal colleagues and suppliers.
• Ability to self-start, accept ownership and see through security aspects of project start to finish.
• Ability to share knowledge and experience with colleagues and effectively hand over to SecOps.

Salary (Rate): undetermined

City: Edinburgh

Country: UK

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT