Summary of the work:
Specialist role – Cyber security consultant

Working with delivery teams to ensure that security is considered in the architecture. Create and communicate security policy within GDS. Run threat modelling exercises with teams. This role is outside of IR35.
Latest start date Monday 26 June 2017
Expected contract length 18 weeks

Work is for Government Digital Service (GDS)

About the work:

Who the specialist will work with:

You will be working within a core team of security specialists including: security engineers, security architect, security operations, security analyst, security intelligence analyst, ethical hacker. The wider ‘matrix managed’ team that is made up of tech architects, developers, user support managers, product managers, delivery managers and the Enabling Delivery and Support team.
What the specialist will work on:

Alpha deliverables: Create and communicate security policy within GDS and externally across government. Guide and work with the security team to build prototypes for secrets management problems: *Solution tailored to type of secret being stored. *SSH Key management & rotation. Guide and work with the security team to: -build an AWS account management solution for specific teams consistent to GDS TechOps goals; -create Build Pipelines with push button deploy, authorisation and access control for specific teams; -setup Egress Proxying for specific teams; -Set up AWS base images; Speak to teams in formal and informal settings to create awareness.

Skills and experience:

Essential skills and experience:
· At least 2 years – Possess technical knowledge in realms such as security engineering, authentication, security protocols or cryptography.

· At least 2 years – Possess knowledge of system security vulnerabilities and remediation techniques.

· At least 2 years experience of working within a software development team/writing code

· At least 2 years experience working across teams with technical specialists

· At least 2 years taking a risk-based approach to decision making

· At least 2 years – Familiar with public cloud offerings and how systems can be developed securely using these tools (e.g. NCSC Cloud Security Principles https://www.ncsc.gov.uk/guidance/implementing-cloud-security-principles)


Nice-to-have skills and experience:
· At least 2 years Software engineering skills, including experience building, managing and deploying modern technical systems.

· At least 2 years Experience of managing security in an environment with frequent change

· At least 2 years Well recognised security certifications or training

· At least 2 years Experience with penetration testing, network security monitoring or incident response

· At least 2 years Experience of configuration management processes and tools – e.g. Puppet or Chef Experience of working with PCI environments

Working arrangements

Onsite, co-located with the core team. There may be some need for travel to other government/third parties for reference visits - only when needed. The latest start date to allow for any delays in the procurement process is 26th June 2017.

Security clearance

SC clearance

Apply for this opportunity

Contact daryl.koue@kiktronik.co.uk with an attachment of your CV

Sound like the job for you?

Got what it takes to work with us? Great! Send us a link to your resumé or portfolio to become part of our talent pool.

Drop your resumé here

Similar Openings

Clinical Coder, experienced with NHS Mental Health setting 4517


View Posting
Moorfields Eye Hospital – Electronic Medical Records (EMR) Programme Manager 2443


View Posting
Army Headquarters IAS – Automation Tester 1 (ARMYHQ2/00202) 2337

To be agreed

View Posting