Key accountabilities:

• Provide cyber security and risk management advice and guidance to support change programmes, projects, procurement and services
• Deliver and present high-quality risk assessments and supporting documentation,
• Work with Product Managers, Delivery Managers and Engineers and Architects to produce accurate security documentation
• Assess the robustness of third party and supply chain cyber risk arrangements.
• Provide advice and guidance on security strategies, architectures, policies and standards.

Key requirements:

• Ability to identify the most appropriate security solutions in any given situation.
• Experience of threat modelling system solutions.
• Experience of working with different cyber threat intelligence feeds and turning the intelligence into actionable reports.
• Working knowledge of potential threats such as social engineering, phishing, network access, lateral movement and persistence and how they can cause harm.
• Experience of providing advice, guidance and assuring documentation against security standards such as NIST, ISO27001, Cyber Essentials, CAF, HMG GovS 007 and NPSA Regulations

Hybrid working in Glasgow - minimum 2 days per week