IT Risk Advisor
TR/082348
Posted: 26/05/2026
- Competitive
- Scotland, Aberdeen City, Aberdeen
- Contract
Our Oil & Gas Operator client is currently recruiting for the position of IT Risk Advisor based in Aberdeen
3/2 hybrid working
Onsite Car Parking
38 days per annum paid holiday
Role overview
An IT Risk Assessment advisor that specialises in Technical Security Architecture ‘by design’ to provide technical security oversight and architectural assurance across both delivery projects and business as usual (BAU) operations.
The role sits at the heart of the company’s technology governance, ensuring secure design decisions, controlled change, and proportionate risk treatment across cloud, on premises, and hybrid environments.
You will work closely with architects, engineers, delivery teams, and operations to keep security embedded without slowing the business.
Security architecture governance and interface with enterprise architecture:
Define and maintain security architecture patterns, reference designs, and secure configuration baselines (cloud and on-prem)
Drive awareness of secure-by-design practices across engineering teams.
Attend and contribute to the Architecture Review Board (ARB)
Maintain and evolve security architecture patterns and standards (e.g. IAM, network segmentation, cloud security baselines)
Review and assess high risk security architecture exceptions, ensuring risks are clearly understood and appropriately managed
Provide technical and specialised ‘Secure by design’ and security architecture project advisory:
Provide hands-on security architecture advice to delivery teams to ensure secure patterns, reference architectures, and hardening baselines are applied.
Perform threat-informed design reviews and ensure appropriate control selection
Enable early engagement to reduce downstream risk and rework
Change and Operational security oversight (BAU):
Attend Change Advisory Boards (CABs) to provide security approval and challenge
Review and approve high risk firewall rule changes
Review high risk configuration changes across Azure and on prem environments. Perform targeted reviews of high-risk configurations (e.g. firewall, network, cloud, infrastructure). Identify misconfigurations and exposure risks against defined baselines
Risk prioritise high risk and zero-day vulnerabilities, working with technology and operations teams on remediation approach and urgency
Provide pragmatic security input to IT Teams and Infrastructure Suppliers - aligned to operational and availability requirements
Provide BAU IT teams clear, actionable recommendations to reduce attack surface and improve resilience
Skills, experience & attributes of candidate:
Strong background in technical security architecture within complex enterprise environments
Experience across cloud (Azure) and on prem infrastructure
Comfortable operating in governance forums while remaining technically credible
Confident challenging design and change decisions constructively
Able to translate technical security risk into clear business impact
Advantageous:
Bachelor’s in CS, InfoSec, or equivalent experience
Certifications: GICSP, CISSP, or equivalent qualification
Experience working as a security architect
Understanding of regulatory frameworks e.g. NIS2, Cyber Resilience Act
Contract position
If you feel that you are well suited to the above opportunity and would like to find out more then please contact Orion Group for more information or apply by forwarding your current CV quoting reference: TR/082348
People are our business worldwide
Orion Group was founded in 1987 and is now one of the largest, independent, international recruitment companies. We have a network of 200 employees working from 24 offices, delivering a range of services – Talent Acquisition, Recruitment Outsourcing Services, Retained Search, Global Workforce Solutions, Completions & Commissioning and Materials Management – across 68 countries. As a global leader in workforce solutions, we recruit personnel across the Engineering & Technical, Office & Commercial, Scientific and Skilled Trades disciplines, for sectors including Oil & Gas, Life Science, Power & Utilities, Constructions & Infrastructure, Manufacturing and Renewables.
3/2 hybrid working
Onsite Car Parking
38 days per annum paid holiday
Role overview
An IT Risk Assessment advisor that specialises in Technical Security Architecture ‘by design’ to provide technical security oversight and architectural assurance across both delivery projects and business as usual (BAU) operations.
The role sits at the heart of the company’s technology governance, ensuring secure design decisions, controlled change, and proportionate risk treatment across cloud, on premises, and hybrid environments.
You will work closely with architects, engineers, delivery teams, and operations to keep security embedded without slowing the business.
Security architecture governance and interface with enterprise architecture:
Define and maintain security architecture patterns, reference designs, and secure configuration baselines (cloud and on-prem)
Drive awareness of secure-by-design practices across engineering teams.
Attend and contribute to the Architecture Review Board (ARB)
Maintain and evolve security architecture patterns and standards (e.g. IAM, network segmentation, cloud security baselines)
Review and assess high risk security architecture exceptions, ensuring risks are clearly understood and appropriately managed
Provide technical and specialised ‘Secure by design’ and security architecture project advisory:
Provide hands-on security architecture advice to delivery teams to ensure secure patterns, reference architectures, and hardening baselines are applied.
Perform threat-informed design reviews and ensure appropriate control selection
Enable early engagement to reduce downstream risk and rework
Change and Operational security oversight (BAU):
Attend Change Advisory Boards (CABs) to provide security approval and challenge
Review and approve high risk firewall rule changes
Review high risk configuration changes across Azure and on prem environments. Perform targeted reviews of high-risk configurations (e.g. firewall, network, cloud, infrastructure). Identify misconfigurations and exposure risks against defined baselines
Risk prioritise high risk and zero-day vulnerabilities, working with technology and operations teams on remediation approach and urgency
Provide pragmatic security input to IT Teams and Infrastructure Suppliers - aligned to operational and availability requirements
Provide BAU IT teams clear, actionable recommendations to reduce attack surface and improve resilience
Skills, experience & attributes of candidate:
Strong background in technical security architecture within complex enterprise environments
Experience across cloud (Azure) and on prem infrastructure
Comfortable operating in governance forums while remaining technically credible
Confident challenging design and change decisions constructively
Able to translate technical security risk into clear business impact
Advantageous:
Bachelor’s in CS, InfoSec, or equivalent experience
Certifications: GICSP, CISSP, or equivalent qualification
Experience working as a security architect
Understanding of regulatory frameworks e.g. NIS2, Cyber Resilience Act
Contract position
If you feel that you are well suited to the above opportunity and would like to find out more then please contact Orion Group for more information or apply by forwarding your current CV quoting reference: TR/082348
People are our business worldwide
Orion Group was founded in 1987 and is now one of the largest, independent, international recruitment companies. We have a network of 200 employees working from 24 offices, delivering a range of services – Talent Acquisition, Recruitment Outsourcing Services, Retained Search, Global Workforce Solutions, Completions & Commissioning and Materials Management – across 68 countries. As a global leader in workforce solutions, we recruit personnel across the Engineering & Technical, Office & Commercial, Scientific and Skilled Trades disciplines, for sectors including Oil & Gas, Life Science, Power & Utilities, Constructions & Infrastructure, Manufacturing and Renewables.
Alan Patterson
Office Account Manager
Apply for this role
Recruitment