Cyber Security Specialist (CSC)

Closing date for applications: 13/07/2020
Specialist role
Cyber security consultant
Summary of the work
SE has recently completed a CyberEssentialsPlus(CE+) MaturityAudit and is seeking to progress to CE+accreditation in October2020. You will support the development and implementation of the actionplan to secure and maintain accreditation at level 3 – effective application of controls - across our systems and development across our Organisation
Latest start date
Expected contract length
5 months with an optional 3 month extension
Organisation the work is for
Scottish Enterprise
Maximum day rate
Early market engagement
Who the specialist will work with
Working within an Agile service design, delivery and support team of circa 30 people responsible for digital transformation activities across the organisation. It’s a multidisciplinary team with software developers, testers, designers, user researchers, Dynamics developers, service designers, project managers and product owners. The Cyber Specialist will work on all areas of the security controls required to maintain and secure our real estate
What the specialist will work on
Will support the development and implementation of SE’s CE+ Implementation Plan to secure accreditation in October 2020. Primarily the role will initially focus on: Information Governance – this will include the relevant policies and procedures required and will work alongside our DPI Governance Officer Technical Development – this will include the requirements for our Solutions Architects, DevOps and QA teams to meet CE+ standards Policies and Procedures related to the secure management of our services – this will include both our existing services as well as the approach to new services including guidance for the procurement of goods and services.
Address where the work will take place
Initial work will take place remotely while offices are closed due to the Covid -19 pandemic restrictions. When available work will take place at Scottish Enterprise Atlantic Quay ( Security clearance required) 150 Broomielaw Glasgow G2 8LU Or Scottish Enterprise Atrium Court 50 Waterloo Street Glasgow G2 6HQ
Working arrangements
The supplier is expected to supply a resource to work as part of the Service Assurance team. A core team is based in Glasgow city centre and work standard working hours of 9-5 Mon-Fri. It is expected that the resource would be available for physical (post covid-19 restrictions) and online meetings and co-working at regular scheduled times, but remote working is available as long as delivery is not affected. This role is outwith IR35 (it doesn't apply)
Security clearance
Baseline Personnel Security Standard level clearance is required for this role.
Additional terms and conditions
SE has identified that; the Supplier will be a controller for the purposes of the Data Protection Law, for any and all personal data it provides in support of its bid (including but not limited to contact details and CVs). Suppliers must therefore ensure that it has a lawful ground under the Data Protection Law to share such personal data with SE for the purposes of this bid and provision of the Services. SE will be the controller of any personal data it processes in accordance with this procurement process.
How many specialists to evaluate
Cultural fit criteria
-Work as part of an agile team, helping others with priority tasks as required. -Be transparent and collaborative in decision making -Take responsibility and ownership of tasks -Challenge the status quo
Assessment methods
Evaluation weighting
Technical competence 50% Cultural fit 10% Price 40%
Essential skills and experience
  • Experience and strong understanding and appreciation of a digital services design and development cycle
  • Expert knowledge of cyber security and cyber security technologies and experience of the Cyber Essentials Plus standards in digital service design and delivery
  • Proven track record and experience in developing cyber security policies and procedures, as well as successfully executing programs that meet business objectives
  • Establishing the requirements for ongoing service monitoring of threats and vulnerabilities
  • Excellent communication and engagement skills working at all levels from senior stakeholders to technical teams
  • Strong team player
  • Able to respectfully challenge and advise on ways to improve business practices where this impacts the effectiveness and security of ongoing service delivery
  • Excellent problems solving and analytical skills and able to collect information, analyse, report and advise on evidence-based changes
  • Strong risk management approach to delivery and able to apply risk methodologies within an agile development environment
Nice-to-have skills and experience
  • Experience and strong understanding and appreciation of Azure Cloud based environments and inbuilt security tools
  • Experience of the Umbraco web platform
  • Experience of Microsoft Dynamics
  • Understanding of Enterprise Architecture implications of information security controls
  • Experience of the preparation of security focussed procurement requests for goods and services
  • Experience of incident management processes
  • Knowledge of Digital First Service Assessment standards
  • Sound understanding of SE’s business objectives, processes and structure etc
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
  • Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Closing date for applications: 13/07/2020

Cyber Security Specialist (CSC)

Closing date for applications: 13/07/2020

Specialist role:

Cyber security consultant




Scottish Enterprise

Maximum day rate:


IT Recruitment Marketplace
The Hive Enterprise Centre, Victoria Avenue
Southend-on-Sea, Essex SS2 6EX
© IT Recruitment Marketplace
To change your subscription email us here