Cyber Security Specialist - Edinburgh - Inside IR35 - 12mth

Cyber Security Specialist

12-month contract
£550-£600 per day
Inside IR35
Hybrid - Edinburgh (1-2 days per week onsite)

We are currently recruiting for an experienced Cyber Security Specialist to join a large-scale digital transformation environment on a 12-month contract. This role will focus on core security design, assurance, and governance activities, ensuring that robust cyber security standards are embedded across change initiatives.

Working as part of a central cyber security function, you will provide oversight, guidance, and assurance across the full service lifecycle, with particular emphasis on standards, risk management, and secure design processes.

Key responsibilities:

• Provide expert cyber security advice across digital transformation programmes, covering the full service lifecycle.
• Develop and draft new cyber security standards where new technologies or assurance frameworks are introduced.
• Interpret security best practice and accreditation requirements to define controls and security requirements.
• Coordinate secure change activity to ensure a consistent and forward-looking approach to security across programmes.
• Carry out and review threat modelling and risk assessments, including work conducted by other teams.
• Maintain and evolve security design assessment processes for change initiatives.
• Review high-level and low-level solution designs to ensure alignment with security standards.
• Undertake hands-on security assessments and review vulnerability scan outputs.
• Support governance processes by contributing to stage gate and go-live security decisions.
• Take ownership of all security-related delivery evidence, ensuring completeness and accuracy.
• Provide recommendations for SecOps processes and automation to support new and evolving systems.

Key requirements:

• Strong experience designing and delivering security and risk assessment processes within enterprise-scale environments.
• Demonstrable experience contributing to the secure delivery of digital services.
• In-depth understanding of cyber security best practices, standards, and current threat landscape.
• Experience operating in agile environments, working closely with internal teams and third-party suppliers.
• Ability to take ownership of security activities from initiation through to delivery and handover.
• Strong communication skills, with the ability to engage both technical and non-technical stakeholders.
• Technical experience across:
• Enterprise security tooling including email filtering, antivirus, firewalls, WAF, and Microsoft Defender
• Security testing approaches such as SAST and DAST
• Enterprise platforms including Active Directory, PKI, SCCM, Microsoft 365, and Azure (including Entra and Intune)
• Virtualisation and operating systems including Windows Server and Hyper-V
• Cloud platforms, particularly Microsoft Azure
• Application platforms such as Microsoft Dynamics and Power Platform
• Security frameworks and standards such as Zero Trust and Cyber Assessment Framework (CAF)

Desirable experience:

• Experience working with Azure, Microsoft Dynamics, and Power Platform
• Experience managing independent penetration testing activities
• Relevant certifications (e.g. MCSE, ITIL) or equivalent experience

This is a great opportunity to play a critical role in strengthening and shaping security practices within a complex, fast-moving environment, with strong stakeholder engagement and meaningful programme impact.

Please note that this role has a compulsory 1-2 days onsite requirement in the Edinburgh office.

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.