Cyber Security Specialist - Glasgow

  • Be-IT
  • Glasgow
  • 07/07/2020
Information Technology

Job Description

Working within an Agile service design, delivery and support team of circa 30 people responsible for digital transformation activities across the organisation. It’s a multidisciplinary team with software developers, testers, designers, user researchers, Dynamics developers, service designers, project managers and product owners. The Cyber Specialist will work on all areas of the security controls required to maintain and secure our real estate

Primarily the role will initially focus on:

Information Governance – this will include the relevant policies and procedures required and will work alongside our DPI Governance Officer

Technical Development – this will include the requirements for our Solutions Architects, DevOps and QA teams to meet CE+ standards

Policies and Procedures related to the secure management of our services – this will include both our existing services as well as the approach to new services including guidance for the procurement of goods and services.

Skills and experience

Experience and strong understanding and appreciation of a digital services design and development cycle
Expert knowledge of cyber security and cyber security technologies and experience of the Cyber Essentials Plus standards in digital service design and delivery
Proven track record and experience in developing cyber security policies and procedures, as well as successfully executing programs that meet business objectives
Establishing the requirements for ongoing service monitoring of threats and vulnerabilities
Excellent communication and engagement skills working at all levels from senior stakeholders to technical teams
Strong team player
Able to respectfully challenge and advise on ways to improve business practices where this impacts the effectiveness and security of ongoing service delivery
Excellent problems solving and analytical skills and able to collect information, analyse, report and advise on evidence-based changes
Strong risk management approach to delivery and able to apply risk methodologies within an agile development environment

Nice-to-have skills and experience    

Experience and strong understanding and appreciation of Azure Cloud based environments and inbuilt security tools
Experience of the Umbraco web platform
Experience of Microsoft Dynamics
Understanding of Enterprise Architecture implications of information security controls
Experience of the preparation of security focussed procurement requests for goods and services
Experience of incident management processes
Knowledge of Digital First Service Assessment standards
Sound understanding of SE’s business objectives, processes and structure etc
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Please Apply online