Day rate: 510/day

Harvey Nash are recruiting for a Senior Cyber Security Analyst for a public sector client. This role will be hybrid working, with the office based in Edinburgh.

The rate for this role is 510/day, inside IR35. Role will require candidates hold the Right to Work in the UK and a valid Disclosure Scotland Certificate

This role will involve protecting the confidentiality, integrity, and availability of information and information systems used by the client.

Essential Skills

• High level knowledge and understanding of the internal and external cyber security risks to IT systems, services and data storage.
• Demonstrable experience of working with cyber security technologies such as security monitoring, vulnerability detection, privilege access management, penetration testing, sandboxing etc.
• Knowledge and understanding of Security standards, e.g. HMG Security Policy Framework, and ISO 27001 (Information Security Standard)
• The ability to analyse, interpret and apply complex technical information.

Desirable Skills

• Information Security: Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls. Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate.
• Security Administration: Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures. Provides guidance in defining access rights and privileges. Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
• Vulnerability Management: Maintains current knowledge of malware attacks, and other cyber security threats. Assesses and prioritises vulnerabilities using in-depth technical analysis of risks and typical vulnerabilities. Raises requests through incident management system, detailing the vulnerability, assets impacted and required remediation activity. Works with remediation team to understand the priority and required actions, tracking each vulnerability through to remediation. Reports upon success of vulnerability management through the appropriate risk boards. Recommend service improvements to reduce resource overhead, facilitate quicker remediation of vulnerabilities or reduce risk to the organisation.
• Security Monitoring: Monitors the Security Information and Event Management tool for alerts, investigating and resolving or escalating as appropriate. Support in the on-boarding of new systems into the SIEM solution, identify the use case for the logs, appropriate alerts and the playbooks that will be followed to resolve the alert. Recommend service improvements to reduce resource overhead, facilitate quicker remediation of vulnerabilities or reduce risk to the organisation.
• Technical Specialism: Maintains knowledge of specific specialisms, provides detailed advice regarding their application and executes specialised tasks. The specialism can be any area of information or communication technology, technique, method, product or application area.

To apply for this role, please send your CV using the link.