Cyber Security Specialist (CISSP, CISM, CISA)

  • Location

    Glasgow, Scotland

  • Sector:


  • Job type:


  • Salary:

    £540 - £640 per day

  • Contact:

    Experis UK

  • Contact email:

  • Job ref:


  • Published:

    5 months ago

  • Duration:

    5 Months

  • Expiry date:


  • Start date:


  • Client:


Our Government Client based in Glasgow are looking for a Cyber Security Specialist to support their journey towards CE+ accreditation.

The client has recently completed a CE+ Maturity Audit and is looking to progress to CE+ accreditation towards the end of the year. To do this, they need a specialist to support the development and implementation of their action plan to secure and maintain accreditation at level 3 - effective application of controls - across their systems and development across their organisation.

The Role:

Will support the development and implementation of CE+ Implementation Plan to secure accreditation. Primarily the role will initially focus on:

1. Information Governance - this will include the relevant policies and procedures required and will work alongside our DPI Governance Officer

2. Technical Development - this will include the requirements for our Solutions Architects, DevOps and QA teams to meet CE+ standards

3. Policies and Procedures related to the secure management of our services - this will include both our existing services as well as the approach to new services including guidance for the procurement of goods and services.

Key Skills/Experience

  • Experience and strong understanding and appreciation of a digital services design and development cycle
  • Expert knowledge of cyber security and cyber security technologies and experience of the Cyber Essentials Plus standards in digital service design and delivery
  • Proven track record and experience in developing cyber security policies and procedures, as well as successfully executing programs that meet business objectives
  • Establishing the requirements for ongoing service monitoring of threats and vulnerabilities
  • Excellent communication and engagement skills working at all levels from senior stakeholders to technical teams
  • Strong team player
  • Able to respectfully challenge and advise on ways to improve business practices where this impacts the effectiveness and security of ongoing service delivery
  • Excellent problems solving and analytical skills and able to collect information, analyse, report and advise on evidence-based changes
  • Strong risk management approach to delivery and able to apply risk methodologies within an agile development environment
  • Experience and strong understanding and appreciation of Azure Cloud based environments and inbuilt security tools
  • Experience of the Umbraco web platform
  • Experience of Microsoft Dynamics
  • Understanding of Enterprise Architecture implications of information security controls
  • Experience of the preparation of security focussed procurement requests for goods and services
  • Experience of incident management processes
  • Knowledge of Digital First Service Assessment standards
  • Sound understanding of business objectives, processes and structure etc
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
  • Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Cyber Security Specialist, Cyber Essentials Plus, CE+, Maturity Audit, Accreditation, Development, Implementation, Agile, Security Controls, Information Governance, Policies, Procedures, Governance, Procurement, Digital Service Design, Development Cycle, Cyber Security, Requirements, Threat Monitoring, Vulnerabilities, Communication, Engagement, Stakeholder, Consult, Consultant, Advise, Security, Risk Management, Risk, Azure Cloud, Umbraco, Microsoft Dynamics, MS Dynamics, Enterprise Architecture, Information Security, Incident Management, Digital First Service Assessment, Business Objectives, ISO, IEC, 27001, ITIL, COBIT, NIST, 800-53, Cybersecurity Framework, Certified Information Systems Security Professional, CISSP, Certified Information Security Manager, CISM, Certified Information Systems Auditor, CISA, Public Sector, Government, Glasgow, Scotland.