At a Glance
- Tasks: Provide technical security oversight and ensure secure design decisions across projects.
- Company: Major Oil and Gas Operator with a focus on technology governance.
- Benefits: 12-month PAYE contract, hybrid working, and competitive pay.
- Other info: Opportunity to work in a collaborative environment with career growth potential.
- Why this job: Join a dynamic team to shape security architecture in a leading industry.
- Qualifications: Strong background in technical security architecture and cloud infrastructure experience.
The predicted salary is between 60000 - 80000 £ per year.
Our client, a Major Oil and Gas Operator is seeking an IT Risk Assessment Advisor. This is a 12 Month PAYE contract role based in Aberdeen with a hybrid working system in place.
Role Overview
Our client is seeking an IT Risk Assessment Advisor that specialises in Technical Security Architecture ‘by design’ to provide technical security oversight and architectural assurance across both delivery projects and business as usual (BAU) operations. The role sits at the heart of the client’s technology governance, ensuring secure design decisions, controlled change, and proportionate risk treatment across cloud, on premises, and hybrid environments. You will work closely with architects, engineers, delivery teams, and operations to keep security embedded without slowing the business.
Security Architecture Governance and Interface with Enterprise Architecture
- Define and maintain security architecture patterns, reference designs, and secure configuration baselines (cloud and on-prem)
- Drive awareness of secure‑by‑design practices across engineering teams.
- Attend and contribute to the Architecture Review Board (ARB)
- Maintain and evolve security architecture patterns and standards (e.g. IAM, network segmentation, cloud security baselines)
- Review and assess high risk security architecture exceptions, ensuring risks are clearly understood and appropriately managed
- Provide technical and specialised ‘Secure by design’ and security architecture project advisory
- Provide hands‑on security architecture advice to delivery teams to ensure secure patterns, reference architectures, and hardening baselines are applied.
- Perform threat‑informed design reviews and ensure appropriate control selection
- Enable early engagement to reduce downstream risk and rework
Change and Operational Security Oversight (BAU)
- Attend Change Advisory Boards (CABs) to provide security approval and challenge
- Review and approve high risk firewall rule changes
- Review high risk configuration changes across Azure and on‑prem environments.
- Perform targeted reviews of high‑risk configurations (e.g. firewall, network, cloud, infrastructure).
- Identify misconfigurations and exposure risks against defined baselines
- Risk prioritise high risk and zero‑day vulnerabilities, working with technology and operations teams on remediation approach and urgency
- Provide pragmatic security input to IT Teams and Infrastructure Suppliers - aligned to operational and availability requirements
- Provide BAU IT teams clear, actionable recommendations to reduce attack surface and improve resilience
Skills, Experience & Attributes of Candidate
- Strong background in technical security architecture within complex enterprise environments
- Experience across cloud (Azure) and on prem infrastructure
- Comfortable operating in governance forums while remaining technically credible
- Confident challenging design and change decisions constructively
- Able to translate technical security risk into clear business impact
Advantageous
- Bachelor’s in CS, InfoSec, or equivalent experience
- Experience working as a security architect
- Understanding of regulatory frameworks e.g. NIS2, Cyber Resilience Act
IT Risk Advisor, Operations & Design employer: Strategic Resources ERC Ltd
As a Major Oil and Gas Operator, our client offers an exceptional work environment in Aberdeen, combining a hybrid working model with a strong focus on employee development and technical excellence. The company fosters a collaborative culture where IT Risk Advisors can thrive, providing opportunities for professional growth while ensuring that security is embedded in every aspect of operations. With a commitment to innovation and a supportive governance framework, this role is ideal for those looking to make a meaningful impact in the field of IT security.
Contact Details:
Strategic Resources ERC Ltd Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land IT Risk Advisor, Operations & Design
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even local events. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or a personal website showcasing your projects and achievements in IT security architecture. This gives potential employers a tangible look at what you can bring to the table.
✨Tip Number 3
Prepare for interviews like it’s game day! Research the company, understand their tech stack, and be ready to discuss how your experience aligns with their needs. Practice common interview questions and have your own questions ready to show your interest.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities that might just be the perfect fit for you. Plus, applying directly can sometimes give you an edge over other candidates.
We think you need these skills to ace IT Risk Advisor, Operations & Design
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of IT Risk Advisor. Highlight your experience in technical security architecture and any relevant projects you've worked on. We want to see how your skills align with the job description!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention specific experiences that demonstrate your ability to provide security oversight and architectural assurance, just like we need.
Showcase Your Technical Skills:Don’t forget to highlight your technical skills, especially around cloud environments like Azure and on-prem infrastructure. We’re looking for someone who can confidently challenge design decisions and translate risks into business impacts.
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Strategic Resources ERC Ltd
✨Know Your Security Architecture Inside Out
Make sure you’re well-versed in technical security architecture, especially in relation to cloud and on-prem environments. Brush up on the latest security patterns and reference designs, as you’ll need to demonstrate your understanding of secure-by-design practices during the interview.
✨Prepare for Governance Discussions
Since the role involves attending governance forums like the Architecture Review Board and Change Advisory Boards, be ready to discuss how you would approach security oversight. Think about examples where you've successfully challenged design decisions or provided security approvals in a constructive manner.
✨Showcase Your Risk Assessment Skills
Be prepared to talk about your experience with risk prioritisation and vulnerability management. Have specific examples ready that illustrate how you’ve identified misconfigurations or high-risk changes and how you approached remediation with IT teams.
✨Translate Technical Risks into Business Impact
One key aspect of the role is translating technical security risks into clear business impacts. Practice explaining complex security concepts in simple terms, so you can effectively communicate the importance of security measures to non-technical stakeholders during your interview.
