Our Oil & Gas Operator client is currently recruiting for the position of IT Risk Advisor based in Aberdeen 3/2 hybrid workingOnsite Car Parking38 days per annum paid holiday Role overview An IT Risk Assessment advisor that specialises in Technical Security Architecture ‘by design’ to provide technical security oversight and architectural assurance across both delivery projects and business as usual (BAU) operations. The role sits at the heart of the company’s technology governance, ensuring secure design decisions, controlled change, and proportionate risk treatment across cloud, on premises, and hybrid environments. You will work closely with architects, engineers, delivery teams, and operations to keep security embedded without slowing the business. Security architecture governance and interface with enterprise architecture: Define and maintain security architecture patterns, reference designs, and secure configuration baselines (cloud and on-prem)Drive awareness of secure-by-design practices across engineering teams.Attend and contribute to the Architecture Review Board (ARB)Maintain and evolve security architecture patterns and standards (e.g. IAM, network segmentation, cloud security baselines)Review and assess high risk security architecture exceptions, ensuring risks are clearly understood and appropriately managed Provide technical and specialised ‘Secure by design’ and security architecture project advisory: Provide hands-on security architecture advice to delivery teams to ensure secure patterns, reference architectures, and hardening baselines are applied.Perform threat-informed design reviews and ensure appropriate control selectionEnable early engagement to reduce downstream risk and rework Change and Operational security oversight (BAU): Attend Change Advisory Boards (CABs) to provide security approval and challengeReview and approve high risk firewall rule changesReview high risk configuration changes across Azure and on prem environments. Perform targeted reviews of high-risk configurations (e.g. firewall, network, cloud, infrastructure). Identify misconfigurations and exposure risks against defined baselinesRisk prioritise high risk and zero-day vulnerabilities, working with technology and operations teams on remediation approach and urgencyProvide pragmatic security input to IT Teams and Infrastructure Suppliers – aligned to operational and availability requirementsProvide BAU IT teams clear, actionable recommendations to reduce attack surface and improve resilience Skills, experience & attributes of candidate: Strong background in technical security architecture within complex enterprise environmentsExperience across cloud (Azure) and on prem infrastructureComfortable operating in governance forums while remaining technically credibleConfident challenging design and change decisions constructivelyAble to translate technical security risk into clear business impact Advantageous:Bachelor’s in CS, InfoSec, or equivalent experienceCertifications: GICSP, CISSP, or equivalent qualificationExperience working as a security architectUnderstanding of regulatory frameworks e.g. NIS2, Cyber Resilience Act Contract position If you feel that you are well suited to the above opportunity and would like to find out more then please contact Orion Group for more information or apply by forwarding your current CV quoting reference: TR/082348
People are our business worldwide Orion Group was founded in 1987 and is now one of the largest, independent, international recruitment companies. We have a network of 200 employees working from 24 offices, delivering a range of services – Talent Acquisition, Recruitment Outsourcing Services, Retained Search, Global Workforce Solutions, Completions & Commissioning and Materials Management – across 68 countries. As a global leader in workforce solutions, we recruit personnel across the Engineering & Technical, Office & Commercial, Scientific and Skilled Trades disciplines, for sectors including Oil & Gas, Life Science, Power & Utilities, Constructions & Infrastructure, Manufacturing and Renewables.
…