Cyber Security Operations Lead – Outside IR35
Venesky-Brown’s client, a public sector organisation in Edinburgh, is currently looking to recruit a Cyber Security Operations Lead for an initial 12 month contract with potential to extend on a rate of £550-600/day Outside IR35. This role will be predominantly onsite based with home working to be considered subject to attendance where needed.
Responsibilities:
– Use understanding of digital systems and attack frameworks to apply theory to practice.
– Be aware of the current cyber threat landscape and industry best practices and standards.
– Lead on scope and health of data gathering such as event monitoring and vulnerability scanning
– Interpret threat intelligence and vulnerability data to prioritise findings
– Act as technical escalation for analyst on alerts, incidents, investigations, including hands on experience
– Carry out threat modelling and risk assessments
– Working with architects and interpreting designs to ensure SecOps handover during new service go live.
– Recommendation and implement improvements to SecOps processes and tools (e.g. automation of workloads)
– Carry out basic hands on security assessments (e.g. SSL Labs config or CSP evaluator, not full pen testing)
– Gather security KPIs and support drafting of security management reporting
– Own completion and accuracy of all security related product delivery evidence
– Security products (email filtering (including authentication protocols), AV, firewalls, WAFs, MS 365 Defender, SIEM)
– Security Testing (SAST, DAST)
– Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
– Enterprise Systems (email, PKI, AD, GP, SCCM, Azure, M365, Intune)
– Application platforms (MS Dynamics, Power Platform)
– Cloud platforms (Azure)
– Detection engineering (Log Ingestion, Rule Development, Tuning and Maintenance)
Essential Skills:
– Security and Risk assessment
– Vulnerability detection, prioritisation and reporting.
– Ability to communicate on technical issues with users and senior managers
– Recent experience in incident response
– Ability to work well in small team with internal colleagues and suppliers
– Ability to self-start, accept ownership and oversee organisation wide protective responsibilities
– Ability to share knowledge and experience with colleagues, including mentoring of analysts
Desirable Skills:
– Experience with Qualys, MS 365 Defender, Fortinet, MS Dynamics, Power Platform
– Experience with MCSE Certified or equivalent experience
– Microsoft – on-premise and cloud related engineering level certifications
If you would like to hear more about this opportunity please get in touch.
Responsibilities:
– Use understanding of digital systems and attack frameworks to apply theory to practice.
– Be aware of the current cyber threat landscape and industry best practices and standards.
– Lead on scope and health of data gathering such as event monitoring and vulnerability scanning
– Interpret threat intelligence and vulnerability data to prioritise findings
– Act as technical escalation for analyst on alerts, incidents, investigations, including hands on experience
– Carry out threat modelling and risk assessments
– Working with architects and interpreting designs to ensure SecOps handover during new service go live.
– Recommendation and implement improvements to SecOps processes and tools (e.g. automation of workloads)
– Carry out basic hands on security assessments (e.g. SSL Labs config or CSP evaluator, not full pen testing)
– Gather security KPIs and support drafting of security management reporting
– Own completion and accuracy of all security related product delivery evidence
– Security products (email filtering (including authentication protocols), AV, firewalls, WAFs, MS 365 Defender, SIEM)
– Security Testing (SAST, DAST)
– Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
– Enterprise Systems (email, PKI, AD, GP, SCCM, Azure, M365, Intune)
– Application platforms (MS Dynamics, Power Platform)
– Cloud platforms (Azure)
– Detection engineering (Log Ingestion, Rule Development, Tuning and Maintenance)
Essential Skills:
– Security and Risk assessment
– Vulnerability detection, prioritisation and reporting.
– Ability to communicate on technical issues with users and senior managers
– Recent experience in incident response
– Ability to work well in small team with internal colleagues and suppliers
– Ability to self-start, accept ownership and oversee organisation wide protective responsibilities
– Ability to share knowledge and experience with colleagues, including mentoring of analysts
Desirable Skills:
– Experience with Qualys, MS 365 Defender, Fortinet, MS Dynamics, Power Platform
– Experience with MCSE Certified or equivalent experience
– Microsoft – on-premise and cloud related engineering level certifications
If you would like to hear more about this opportunity please get in touch.
