Security Risk Specialist
Venesky-Brown’s client, a public sector organisation in Edinburgh, is currently looking to recruit a Security Risk Specialist for an initial 12 month contract with option to extend on a rate of £500-£550/day (Outside IR35). This role will be based onsite in Edinburgh – home working will be considered subject to attendance where needed.
Responsibilities:
– Be aware of the current cyber threat landscape and industry best practices and standards.
– Support initial scoping and risk assessment of a change project.
– Interpret security best practice and accreditation requirements to assess security posture
– Understand existing cyber security standards and controls to assess security posture
– Carry out risk assessments and threat modelling
– Review high- and low-level designs to identify risk.
– Develop risk management processes to ensure risk data is captured and maintained.
– Interpret vulnerability scan and pen test output and capture in risk management processes
– Provide recommendations for risk treatment
– Scope of management to cover both cyber and wider technical risks
– Develop risk data model
– Support development of risk management tooling
Essential Skills:
– Security and Risk assessment
– In depth understanding of and experience with enterprise scale digital service provision
– Demonstrable recent contribution to the development of risk processes and ongoing risk management
– Ability to work well in an agile environment with internal colleagues and suppliers
– Ability to self-start, accept ownership and see through improvements and benefits realisation
– Ability to share knowledge and experience with colleagues and collaborate with business and technical colleagues
Desirable Skills:
– Experience with Azure, O365 and Power Platform
– Experience with common risk management frameworks
– Formal IT risk accreditation beneficial
If you would like to hear more about this opportunity please get in touch.
Responsibilities:
– Be aware of the current cyber threat landscape and industry best practices and standards.
– Support initial scoping and risk assessment of a change project.
– Interpret security best practice and accreditation requirements to assess security posture
– Understand existing cyber security standards and controls to assess security posture
– Carry out risk assessments and threat modelling
– Review high- and low-level designs to identify risk.
– Develop risk management processes to ensure risk data is captured and maintained.
– Interpret vulnerability scan and pen test output and capture in risk management processes
– Provide recommendations for risk treatment
– Scope of management to cover both cyber and wider technical risks
– Develop risk data model
– Support development of risk management tooling
Essential Skills:
– Security and Risk assessment
– In depth understanding of and experience with enterprise scale digital service provision
– Demonstrable recent contribution to the development of risk processes and ongoing risk management
– Ability to work well in an agile environment with internal colleagues and suppliers
– Ability to self-start, accept ownership and see through improvements and benefits realisation
– Ability to share knowledge and experience with colleagues and collaborate with business and technical colleagues
Desirable Skills:
– Experience with Azure, O365 and Power Platform
– Experience with common risk management frameworks
– Formal IT risk accreditation beneficial
If you would like to hear more about this opportunity please get in touch.