Cyber Security Architecture Consultant
| Posting date: | 05 April 2024 |
|---|---|
| Hours: | Full time |
| Closing date: | 05 May 2024 |
| Location: | G2 5AD |
| Company: | Morson Talent |
| Job type: | Contract |
| Job reference: | 230347NFO-44957 |
Summary
SPEN are looking for a Cyber Security Architect Consultant to join their team in Glasgow on a contract basis.
Role: Cyber Security Architect Consultant
Business: Scottish Power Energy Networks
Location: Scottish Power HG Glasgow St Vincent Street/hybrid style working
Duration: 12 month initial contract
Rate: Inside IR35, PAYE and Umbrella options available
SPEN have invested significantly in an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations and deliver a cyber resilient business.
The position requires the ability to identify opportunities to use technology to deliver secure services that are more effective. To do this, the role holder must be able to influence and communicate successfully with the relevant parties inside and outside of the company while remaining accountable for the outcomes. The role holder to work closely across all Infrastructure, Telecommunications, Security and Business IT teams and with wider Corporate Security in order to achieve key goals.
Accountability Statements
• Assists with the delivery of the Security Architecture Plan and development of associated roadmaps, identifying new security capabilities to support overall NIS compliance, and taking responsibility for the development of these capabilities into fully defined cost-effective security services.
• Feed in to the SPEN security strategy. Ensuring alignment between security architecture frameworks and standards with overall business strategy.
• Customer focussed with a demonstrable track record of building relationships with business stakeholders, building strong and collaborative relationships with all key stakeholders inside and outside of the organisation.
• Ensure that security architecture supports at each stage of the delivery of new projects as indicated by the ‘Secure by Design’ process.
• Take key ownership for the creation of security design documents and architecture artefacts
• Interfaces with the relevant Design Authorities, providing security guidance at all times.
• Ensure consideration of asset management and data security best practice in relation to NIS regulations.
• Drive the adoption of secure designs, patterns, and best practices.
• Keeps abreast of the latest intelligence from sources of cyber threat information and briefs stakeholders with actionable information.
Skills, Knowledge & Experience
• Architecture experience within cyber security
• Demonstrated experience in managing relationships with key business stakeholders
• Information risk assessment and risk management
• Protective security and understanding of threats to OT
• Identification and prioritisation of key security technology opportunities.
• Experience of understanding and managing aspects of cyber risk, including the assessment, analysis, and reporting of cyber risk in a business context
• Experience in defining and/or implementing security controls across multiple layers of the IT architecture stack
• Recognised cyber security qualifications (e.g. CISSP, CISM, NCSC CCP, M.Inst IISP, etc.)
• Recognised architecture qualifications (e.g. SABSA, TOGAF, etc.)
• Significant skills and experience in understanding at a technical level how IT/OT controls are implemented and operated
• Awareness of key legislation and regulation impacting IT/OT General Control requirements in the energy sector
• Numerate and able to deal with finances for the purposes of managing budgets or contracts with suppliers