Cyber Security Specialist (CISSP, CISM, CISA)

  • Contract
  • Glasgow
  • Location: Glasgow
  • Salary: £540 - £640 per day

Experis Ltd

We're Experis. We're the professional resourcing arm of ManpowerGroup and the largest IT recruiter in Europe; placing more than 38,000 experts into IT, Finance and Engineering roles every day. We're a different kind of talent company. Few companies can match our scope, our history of success, or our enviable reputation as the global leader in professional talent and workforce solutions. That's why over 80% of the Fortune Global 500 turns to us for the professional talent that will set their business apart. We pride ourselves on our ability to make a difference to individuals, communities, and organisations. Social responsibility really is at our core; and we are committed to developing socially inclusive work environments for the long term. In fact, our commitment to sustainability has been recognised in a number prestigious organisations, including the Ethisphere Institute, who named us as being one of the World's Most Ethical Companies for seven consecutive years, and Fortune Magazine, who listed us as one of the World's Most Admired Companies for 14 years in a row.

Our Government Client based in Glasgow are looking for a Cyber Security Specialist to support their journey towards CE+ accreditation.

The client has recently completed a CE+ Maturity Audit and is looking to progress to CE+ accreditation towards the end of the year. To do this, they need a specialist to support the development and implementation of their action plan to secure and maintain accreditation at level 3 – effective application of controls – across their systems and development across their organisation.

The Role:

Will support the development and implementation of CE+ Implementation Plan to secure accreditation. Primarily the role will initially focus on:

1. Information Governance – this will include the relevant policies and procedures required and will work alongside our DPI Governance Officer

2. Technical Development – this will include the requirements for our Solutions Architects, DevOps and QA teams to meet CE+ standards

3. Policies and Procedures related to the secure management of our services – this will include both our existing services as well as the approach to new services including guidance for the procurement of goods and services.

Key Skills/Experience

  • Experience and strong understanding and appreciation of a digital services design and development cycle
  • Expert knowledge of cyber security and cyber security technologies and experience of the
  • Cyber Essentials Plus standards in digital service design and delivery
  • Proven track record and experience in developing cyber security policies and procedures, as well as successfully executing programs that meet business objectives
  • Establishing the requirements for ongoing service monitoring of threats and vulnerabilities
  • Excellent communication and engagement skills working at all levels from senior stakeholders to technical teams
  • Strong team player
  • Able to respectfully challenge and advise on ways to improve business practices where this impacts the effectiveness and security of ongoing service delivery
  • Excellent problems solving and analytical skills and able to collect information, analyse, report and advise on evidence-based changes
  • Strong risk management approach to delivery and able to apply risk methodologies within an agile development environment
  • Experience and strong understanding and appreciation of Azure Cloud based environments and inbuilt security tools
  • Experience of the Umbraco web platform
  • Experience of Microsoft Dynamics
  • Understanding of Enterprise Architecture implications of information security controls
  • Experience of the preparation of security focussed procurement requests for goods and services
  • Experience of incident management processes
  • Knowledge of Digital First Service Assessment standards
  • Sound understanding of business objectives, processes and structure etc
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
  • Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Cyber Security Specialist, Cyber Essentials Plus, CE+, Maturity Audit, Accreditation, Development, Implementation, Agile, Security Controls, Information Governance, Policies, Procedures, Governance, Procurement, Digital Service Design, Development Cycle, Cyber Security, Requirements, Threat Monitoring, Vulnerabilities, Communication, Engagement, Stakeholder, Consult, Consultant, Advise, Security, Risk Management, Risk, Azure Cloud, Umbraco, Microsoft Dynamics, MS Dynamics, Enterprise Architecture, Information Security, Incident Management, Digital First Service Assessment, Business Objectives, ISO, IEC, 27001, ITIL, COBIT, NIST, 800-53, Cybersecurity Framework, Certified Information Systems Security Professional, CISSP, Certified Information Security Manager, CISM, Certified Information Systems Auditor, CISA, Public Sector, Government, Glasgow, Scotland.

You must register to apply for this job.