Cyber Security Specialist

Harvey Nash
Edinburgh, United Kingdom
yesterday

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Edinburgh, United Kingdom

Tech stack

Agile Methodologies
Software System Penetration Testing
Azure
Cloud Computing
Computer Security
Microsoft Dynamics CRM
Email Filtering
Hyper-V
System Center Configuration Manager
Windows Server
Public Key Infrastructure
Virtualization Technology
Transport Layer Security
Enterprise Software Applications
Firewalls (Computer Science)
Microsoft InTune
Static Application Security Testing
Dynamic Application Security Testing

Job description

  • Be aware of the current cyber threat landscape and industry best practices and standards.
  • Support initial scoping and risk assessment of a change project.
  • Interpret security best practice and accreditation requirements to determine security requirements
  • Adapt existing cyber security standards and controls to fit specific change projects
  • Carry out threat modelling and risk assessments
  • Review high- and low-level designs drafted by solution architects.
  • Maintain a security design assessment for new services
  • Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
  • Plan and co-ordinate independent pen testing
  • Provide recommendations for stage gating and go live decisions
  • Own completion and accuracy of all security related product delivery evidence
  • Provide recommendations for SecOps processes and automation for new systems

Technical scope

  • Security products (email filtering, AV, firewalls, WAFs, MS Defender)
  • Security Testing (SAST, DAST)
  • Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
  • Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
  • Application platforms (MS Dynamics, Power Platform)
  • Cloud platforms (Azure)

Requirements

  • Security and Risk assessment
  • In depth understanding of and experience with enterprise scale digital service provision
  • Demonstrable recent record making security contribution during the development of a new digital service
  • Ability to work well in an agile project team with internal colleagues and suppliers
  • Ability to self-start, accept ownership and see through security aspects of project start to finish
  • Ability to share knowledge and experience with colleagues and effectively hand over to SecOps

Desirable Skills

  • Experience with MS Dynamics, Power Platform and Azure
  • Experience managing independent testing (scope, pre-test config, triage findings)
  • Experience with MCSE Certified or equivalent experience
  • ITIL certification

Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.

Apply for this position