Cyber Security Specialist – Inside IR35 – Public Sector – Edinburgh (Hybrid)
Day Rate – Market Rates
Duration – 12 months
Harvey Nash's Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.
Key Responsibilities
- Be aware of the current cyber threat landscape and industry best practices and standards.
- Support initial scoping and risk assessment of a change project.
- Interpret security best practice and accreditation requirements to determine security requirements
- Adapt existing cyber security standards and controls to fit specific change projects
- Carry out threat modelling and risk assessments
- Review high- and low-level designs drafted by solution architects.
- Maintain a security design assessment for new services
- Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
- Plan and co-ordinate independent pen testing
- Provide recommendations for stage gating and go live decisions
- Own completion and accuracy of all security related product delivery evidence
- Provide recommendations for SecOps processes and automation for new systems
Technical scope
- Security products (email filtering, AV, firewalls, WAFs, MS Defender)
- Security Testing (SAST, DAST)
- Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
- Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
- Application platforms (MS Dynamics, Power Platform)
- Cloud platforms (Azure)
Skills Required
- Security and Risk assessment
- In depth understanding of and experience with enterprise scale digital service provision
- Demonstrable recent record making security contribution during the development of a new digital service
- Ability to work well in an agile project team with internal colleagues and suppliers
- Ability to self-start, accept ownership and see through security aspects of project start to finish
- Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
- Experience with MS Dynamics, Power Platform and Azure
- Experience managing independent testing (scope, pre-test config, triage findings)
- Experience with MCSE Certified or equivalent experience
- ITIL certification
Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.
ToFrom
Record Yes No Always use these settings ”, “datePosted”: “2026-05-22”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Harvey Nash”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__438997825__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=1034” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “Edinburgh” } } }
Cyber Security Specialist – Inside IR35 – Public Sector – Edinburgh (Hybrid)
Day Rate – Market Rates
Duration – 12 months
Harvey Nash’s Client have a requirement for within their cyber security team, you will be providing advice and guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle.
Key Responsibilities
- Be aware of the current cyber threat landscape and industry best practices and standards.
- Support initial scoping and risk assessment of a change project.
- Interpret security best practice and accreditation requirements to determine security requirements
- Adapt existing cyber security standards and controls to fit specific change projects
- Carry out threat modelling and risk assessments
- Review high- and low-level designs drafted by solution architects.
- Maintain a security design assessment for new services
- Carry out basic hands-on security assessments (e.g. SSL Labs config or CSP evaluator, not including full pen testing)
- Plan and co-ordinate independent pen testing
- Provide recommendations for stage gating and go live decisions
- Own completion and accuracy of all security related product delivery evidence
- Provide recommendations for SecOps processes and automation for new systems
Technical scope
- Security products (email filtering, AV, firewalls, WAFs, MS Defender)
- Security Testing (SAST, DAST)
- Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
- Enterprise Systems (email, PKI, AD, GP, SCCM, Azure incl. Entra and Intune, M365)
- Application platforms (MS Dynamics, Power Platform)
- Cloud platforms (Azure)
Skills Required
- Security and Risk assessment
- In depth understanding of and experience with enterprise scale digital service provision
- Demonstrable recent record making security contribution during the development of a new digital service
- Ability to work well in an agile project team with internal colleagues and suppliers
- Ability to self-start, accept ownership and see through security aspects of project start to finish
- Ability to share knowledge and experience with colleagues and effectively hand over to SecOps
Desirable Skills
- Experience with MS Dynamics, Power Platform and Azure
- Experience managing independent testing (scope, pre-test config, triage findings)
- Experience with MCSE Certified or equivalent experience
- ITIL certification
Please note that you must be eligible for BPSS and Standard Disclosure Clearance to commence this post.
To From Record Yes No
Always use these settings
…