Risk Assurance - Supply Chain - 6 month contract - inside IR35 - Glasgow Hybrid working
I am excited to partner with a major Government Department who are looking to hire a skilled and motivated Security Risk Analyst to join their team in Glasgow. They are embarking on a critical project and the successful candidate will play a pivotal part in building a reliable Supply ChainSecurity Assurance capability.
Responsibilities:
As a Security Risk Analyst, you will be responsible for supporting the Supply Chain function by assessing and managing security risks. Your key duties will include:
- Conducting security analysis and risk assessments.
- Implementing and monitoring security controls across technical, procedural, personnel, and physical domains.
- Performing security monitoring and testing processes.
- Demonstrating strong technical knowledge of applications and architectures.
- Evaluating third-party Security Assurance methods and deliverables.
- Applying a comprehensive understanding of the NIST Cyber Security Framework.
- Managing information security systems and employing risk assessment methodologies.
Qualifications:
Ideal candidates will have the following skills and experience
- Proven experience in security management and analysis, ideally within Government / Public Sector organisations
- Excellent understanding of Supply Chain Capability, ideally within the public sector.
- Thorough understanding of security controls in various domains.
- Familiarity with security monitoring and testing processes.
- Strong technical knowledge of applications and system architectures.
- Proficiency in third-party Security Assurance methods and deliverables.
- Solid understanding of the NIST Cyber Security Framework.
- Experience with information security management systems and risk assessment methodologies.
- One or more of the following qualifications:
- CISM (Certified Information Security Manager)
- CRISC (Certified in Risk and Information Systems Control)
- CISSP (Certified Information Systems Security Professional)
- CISA (Certified Information Systems Auditor)
- CGEIT (Certified in the Governance of Enterprise IT)
- ISO27001 Lead Auditor Certification
- Flexibility to work minimum 2 days onsite with occasional travel to London is required
Clearance Requirements: Due to the time sensitivity of the project, preference will be given to British nationals with current SC clearance. A willingness to undergo DV clearance will also be considered favourably.
Interested? Apply now for immediate consideration!