Cyber Security Advisor
Cyber Security Advisor
Duration : 6 months initially
We are currently recruiting for a Cyber Security Advisor for an initial 6 month contract role based in East Kilbride. Initially, there will be a requirement for in-office induction in East Kilbride.
Subsequently, a minimum 2 days per week in Glasgow (East Kilbride) office location.
Pending satisfactory demonstration of performance and skills, time in office vs remote working may be negotiable. Occasional travel to central London site may be required, and infrequent travel to partner sites around the UK.
You will be providing cyber security and risk management advice and guidance to support change programmes, projects, procurement of services, and general customer cyber security enquiries.
- Working closely with the Delivery Mangers, Product Owner and Solutions Architects on Security Risks within technical solution projects.
- Delivering and presenting high-quality risk assessments and supporting documentation to the Security Governance Authority. Justifying decisions characterised by high levels of risk, impact and complexity.
- Responding clearly and concisely to fair challenge and review, taking on board feedback and working collaboratively with the wider team to successfully deliver approved risk assessments that can be managed.
- Working with Product Managers, Delivery Managers and Engineers and Architects to produce accurate security documentation for the delivery and ongoing maintenance and support of products and services. This includes but is not limited to solution technology costs, ongoing licencing, technical resource requirements, and total cost of ownership.
- Assessing the robustness of third party and supply chain cyber risk arrangements.
- Creating and maintaining security documentation.
- Providing advice and guidance on security strategies, architectures, policies and standards.
- Contributing to the development of policies, standards, and guidelines.
- Keeping abreast of new ICT technologies and security best practices.
- Contributing to continually improving the security posture within the PMO and wider Security Group services.
- Collaborating with other Security Group teams
- Demonstratable ICT related knowledge and skills to be able to identify the most appropriate security solutions in any given situation, with an awareness of how security architecture enables and guides the design and development of integrated solutions that meet current and future business needs would also be desirable.
- Demonstrable experience of threat modelling system solutions.
- Demonstrable experience of working with different cyber threat intelligence feeds and turning the intelligence into actionable reports.
- Working knowledge of potential threats such as social engineering, phishing, network access, lateral movement, and persistence and how they can cause harm.
- Demonstrable experience of providing advice, guidance and assuring documentation against security standards such as NIST, ISO27001, Cyber Essentials, CAF, HMG GovS 007 and NPSA Regulations.
- Experience of working in multiple projects and initiatives with limited supervision; working effectively across multiple internal and external stakeholders groups including senior officials, customers, and suppliers; and demonstrating good written and verbal communication skills.
- Demonstrable experience of managing the internal and external cyber security risks to IT systems, services and data storage, particularly within Digital Cloud services.
- Microsoft Visio, Atlassian Jira / Confluence, Standard Microsoft Office applications (PowerPoint, Word, Excel, Outlook)
- Broad understanding of a wide range of industry standard IT technologies across Business, Data, Application, Technology, and associated security risks.
If you feel you have the skills and experience needed for this role; please do apply now.