Our Government Client based in Glasgow are looking for a Cyber Security Specialist to support their journey towards CE+ accreditation. The client has recently completed a CE+ Maturity Audit and is looking to progress to CE+ accreditation towards the end of the year. To do this, they need a specialist to support the development and implementation of their action plan to secure and maintain accreditation at level 3 - effective application of controls - across their systems and development across their organisation. The Role: Will support the development and implementation of CE+ Implementation Plan to secure accreditation. Primarily the role will initially focus on:1. Information Governance - this will include the relevant policies and procedures required and will work alongside our DPI Governance Officer 2. Technical Development - this will include the requirements for our Solutions Architects, DevOps and QA teams to meet CE+ standards 3. Policies and Procedures related to the secure management of our services - this will include both our existing services as well as the approach to new services including guidance for the procurement of goods and services.Key Skills/ExperienceExperience and strong understanding and appreciation of a digital services design and development cycleExpert knowledge of cyber security and cyber security technologies and experience of the Cyber Essentials Plus standards in digital service design and deliveryProven track record and experience in developing cyber security policies and procedures, as well as successfully executing programs that meet business objectivesEstablishing the requirements for ongoing service monitoring of threats and vulnerabilitiesExcellent communication and engagement skills working at all levels from senior stakeholders to technical teamsStrong team playerAble to respectfully challenge and advise on ways to improve business practices where this impacts the effectiveness and security of ongoing service deliveryExcellent problems solving and analytical skills and able to collect information, analyse, report and advise on evidence-based changesStrong risk management approach to delivery and able to apply risk methodologies within an agile development environmentExperience and strong understanding and appreciation of Azure Cloud based environments and inbuilt security toolsExperience of the Umbraco web platformExperience of Microsoft DynamicsUnderstanding of Enterprise Architecture implications of information security controlsExperience of the preparation of security focussed procurement requests for goods and servicesExperience of incident management processesKnowledge of Digital First Service Assessment standardsSound understanding of business objectives, processes and structure etcKnowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity FrameworkProfessional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials Cyber Security Specialist, Cyber Essentials Plus, CE+, Maturity Audit, Accreditation, Development, Implementation, Agile, Security Controls, Information Governance, Policies, Procedures, Governance, Procurement, Digital Service Design, Development Cycle, Cyber Security, Requirements, Threat Monitoring, Vulnerabilities, Communication, Engagement, Stakeholder, Consult, Consultant, Advise, Security, Risk Management, Risk, Azure Cloud, Umbraco, Microsoft Dynamics, MS Dynamics, Enterprise Architecture, Information Security, Incident Management, Digital First Service Assessment, Business Objectives, ISO, IEC, 27001, ITIL, COBIT, NIST, 800-53, Cybersecurity Framework, Certified Information Systems Security Professional, CISSP, Certified Information Security Manager, CISM, Certified Information Systems Auditor, CISA, Public Sector, Government, Glasgow, Scotland.