AMS PSR

On behalf of IBCA, we are looking for a 2X Cyber Security Leads (Inside IR35) both for 6 months based Hybrid in Newcastle or Glasgow.

As a Cyber Security Lead, your main responsibilities will be:

• Act as the primary security design authority for the compensation services architecture.
• Collaborate with Solution Architects and Developers to implement Secure by Design principles at the code and infrastructure level, ensuring robust identity management (e.g., MFA, RBAC), data encryption at rest and in transit, and secure API integrations across the digital service.
• Lead the integration of security into the Software Development Lifecycle (SDLC) by implementing and overseeing DevSecOps practices. This includes managing automated security testing tools—such as Static and Dynamic Application Security Testing (SAST/DAST) and Software Composition Analysis (SCA)—to identify and remediate code vulnerabilities and insecure dependencies in real-time.
• Identify, assess, and mitigate security risks related to the compensation process, including handling of sensitive claimant data, ensuring compliance with data protection laws (e.g., GDPR), and managing digital security threats.
• Ensure that all security practices, policies, and systems are fully compliant with relevant regulations, including the Data Protection Act, GDPR, and UK government security standards such as CAF and Secure by Design.
• Develop, review, maintain and advise on comprehensive cyber security policies and practices (including governance), related to the compensation scheme in alignment with UK government standards and best practices.

Essential:

• Strong understanding of secure development frameworks (such as the OWASP Top 10 or SANS Top 25) and the ability to apply them within a cloud-native environment.
• Practical experience in implementing and managing automated security tools within a CI/CD pipeline.
• Proven experience of conducting security assurance activities, including providing security assurance for suppliers, ensuring compliance with relevant security regulations and standards and implementing comprehensive security policies and procedures to align with UK government standards and best practice.
• Ability to support the development and delivery of security awareness training programs and experience of promoting a security first culture in the workplace.

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident 

As a member of the Disability Confident Scheme, IBCA guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply.

DE&I Commitment

IBCA guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

Armed Forces Covenant

IBCA guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".