Total 1 quality assurance control job vacancies in Glasgow, Glasgow, G2 6AY

SPEN are looking for a Cyber Governance, Risk & Assurance Analyst to join their cyber team based in Glasgow

Job Title: Cyber Risk and Assurance Analyst
Business: Scottish Power Energy Networks
Location: St Vincent Street Glasgow/hybrid style working
Duration: 12-18 month contract with possibility of extension or permanency
Rate: Inside IR35, Umbrella and PAYE options available

Job Purpose Statement

Reporting into the Cyber Security Architecture Lead, Cyber Security Architect Consultant role is a critical role in ensuring delivery against the strategic security vision and development and maintenance of associated security standards and documentation. The role will also ensure that all functions that rely on network and information systems are protected, resilient and prepared against cyber incidents.

The position requires the ability to identify opportunities to use technology to deliver secure services that are more effective. To do this, the role holder must be able to influence and communicate successfully with the relevant parties inside and outside of the company while remaining accountable for the outcomes. The role holder to work closely across all Infrastructure, Telecommunications, Security and Business IT teams and with wider Corporate Security in order to achieve key goals.

Accountability Statements

• Assists with the delivery of the Security Architecture Plan and development of associated roadmaps, identifying new security capabilities to support overall NIS compliance, and taking responsibility for the development of these capabilities into fully defined cost-effective security services.
• Feed in to the SPEN security strategy. Ensuring alignment between security architecture frameworks and standards with overall business strategy.
• Customer focussed with a demonstrable track record of building relationships with business stakeholders, building strong and collaborative relationships with all key stakeholders inside and outside of the organisation.
• Ensure that security architecture supports at each stage of the delivery of new projects as indicated by the ‘Secure by Design’ process.
• Take key ownership for the creation of security design documents and architecture artefacts
• Interfaces with the relevant Design Authorities, providing security guidance at all times.
• Ensure consideration of asset management and data security best practice in relation to NIS regulations.
• Drive the adoption of secure designs, patterns, and best practices.
• Keeps abreast of the latest intelligence from sources of cyber threat information and briefs stakeholders with actionable information.

Criteria

• Cyber/Information risk assessment experience
• Ability to influence key technical and non-technical stakeholders in relation to required security strategy
• Significant skills and experience in understanding at a technical level how IT/OT controls are implemented and operated
• Awareness of key legislation and regulation impacting IT/OT General Control requirements
• Previous experience in a security architecture role or one or more of the following areas: enterprise architecture, infrastructure, or application architecture
• Good oral and written communication skills
• Numerate and able to deal with finances for the purposes of managing budgets or contracts with suppliers
• Must be a proven team player to work, promote and consolidate efficient team working relationships
• Identification and prioritisation of key security technology opportunities.
• Experience of understanding and managing aspects of cyber risk, including the assessment, analysis, and reporting of cyber risk in a business context
• Experience in defining and/or implementing security controls across multiple layers of the IT architecture stack
• Ability to analyse problems, identify core issues and recommend appropriate solutions