Hacking the Cyber Security Skills Gap

author profile picture

by Rebekah Valero-Lee on


Adrian has been Morson International’s Operations Director for the past five years. Adrian’s passion for innovation and commitment to delivering tailored solutions to employees, candidates and clients alike puts him at the forefront of our industry.

Are we completely at the mercy of the hacker? The pace of innovation has left us with a skills gap that’s proving tricky to plug. So with an ever-present need to keep our data secure, operations director Adrian Adair discusses how we can address the Cyber Security Skills Gap issue.

Each year technology has a greater influence on our lives and as innovation hurtles on at an alarming pace it’s often easy to forget just how quickly things have advanced. In 15-20 years, the way we store information, communicate, trade, shop and even bank has completely changed – and it’s changed much quicker than many anticipated or have been prepared for.

In other industries, it’s easier to predict and plan for the future. For example, rail technology, while much more advanced in terms of rolling stock than it was 50 years ago, has remained true to its fundamental mechanics in terms of the work the engineers do on the rails. The same cannot be said of computing and cyber defence – it’s new and constantly evolving.

According to an extensive McAfee study into the skills shortage we face in cyber security, three out of four people felt that their governments were not investing enough into the future of cyber-defence, and this in part has led to the situation we are now faced with. One in three businesses said they felt this evident shortage made them prime hacking targets and there is growing fear of the impact on reputation and revenue that the loss of proprietary data via cyber-attack can have.

So are we to blame for being too late, or are we simply at the whim of a progress and innovation train that is only speeding up with every year?

The latter seems to be the general consensus.

In just 20 years we’ve gone from cheques and faxes to internet banking from a mobile phone, instant email communication and cloud storage – trillions of gigabytes of data relentlessly and near instantly flying around the planet. Who would have seen that coming? When you are faced with something that grows and changes as much as computer technology, it’s difficult to be too hard on ourselves for not having planned ahead.

Across various professions, an average experienced senior manager might be 45-50 years old – or to put it another way, they would have been graduating from school or college in the mid-1980s when even the mobile phone was a rare commodity. Jobs and careers in IT weren’t nearly as substantial as they are right now, so many didn’t go down that route. This leaves the bulk of the task of defending against the future of attacks to the younger generation.

While we have been at the whim of the technological boom, it is clear that many people feel that something needs to be done urgently. A staggering infographic by Information is Beautiful demonstrates the sheer number of high profile hacks that have taken place and their relative size. This is as worrying as it is stunning. Do we want to be waking up each day to read about yet another huge data breach?

IT may be a comparatively young industry but its growth and variety means that it offers career security to those within it and those who are considering pursuing it as a career. The niche of cyber security is no exception and we’ve witnessed first-hand the increase in demand from our clients for candidates with this skillset.

Consequently, we’ve managed to gain a host of experience when placing skilled candidates across a variety of IT sectors, from network vulnerability testing to security administration.  Our IT division has enjoyed a 100% growth year-on-year – a reflection of the growing need for IT security professionals. With network security in place, our high-profile clients are protected against business disruption and have peace of mind.

It’s obvious that computers are here to stay, and the growing threat means that salaries for skilled workers are only set to improve. It’s a great time to become the future safe-builder and locksmith and know that you’re keeping the world safe.

Featured Writer-01

Cx Jobs

IT Security Specialist

DescriptionDefinining security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and hostbased security systemsDeveloping and validating baseline security configurations for operating systems, applications, and networking andtelecommunications equipmentPerforming internal and external technical control audits and vulnerability assessments to identify control weaknessesand assess the effectiveness of existing controls, and recommend remedial actionPerforming source code reviewsPerforming network and application penetration testing ( Black box, Grey box and White box)Performing log analysis and security monitoringPerforming IT infrastructure/ Application Security configuration reviewsDesigning and implementing technical security mechanisms and technologiesDesigning and developing technical security standards and procedures.Supporting the design, implementation, management and maintenance of IT security solutions.Supporting the execution of security incident management procedures. QualificationsMinimum 4 years of relevant education (master or equivalent) after the secondary school minimum experience requirements: + Minimum 6 years of relevant professional experience in IT SecuritySecurity best practice guidelines (ISO 27001, NIST, SANS Top 20 OWASP, etc.)Good practice in the secure configuration of servers, network devices and applicationsNetworking protocols and application communicationsNetwork analysis toolsSecuring Unix and Windows operating systemsSecuring middleware and applicationsNetwork penetration testingWeb application penetration testingVulnerability assessmentsForensic image collection and analysisManaging/deploying the following security technologies:FirewallsIDS/IPS - Intrusion detection/PreventionSystems, SIEM - Security information and event managementIAM -Identity and access managementAPT - Advanced Persistent threat detectionDLP - Data loss preventionVA -Vulnerability Analysis and mitigationPKI - Public key infrastructureVirtual environmentsEndpoint securityMobilesecurityCommunications and data encryptionRemote access methodsBackup and disaster recovery methodologiesPatch management technologies and processesWireless protocols and servicesOpen Web Application Security Protocol (OWASP) and secure software development standardsPerforming security code reviews.Security monitoring, threat detection and incident responseProactively and iteratively searching through networks and applications to detect and isolate advancedthreats thatevade existing security solutions (Cyber threat hunting)Security operations engineering (e.g. implementation of defensive measures, threat intelligence production)Linux administration, TCP/IP, Network Security.Security configuration reviews of IT Infrastructure and security devices, OS, Databases etcOther Expected Qualifications:Certified Information Systems Security Professional with Information Systems Security ArchitectureProfessionalconcentration (CISSP-ISSAP)Certified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)OSCP, OSCE, GPEN, CEH, CCNA, CCNP

Pensions Administrator

We are looking to recruit a Pension Administrator to work for a defence company based in Rosyth as part of their Naval Marine business. Working as part of a team, you will provide an accurate, reliable and high standard of pensions administration service for Members and Trustees of the in-house defined benefit pension schemes. Key Responsibilities; - Calculation and payment of scheme benefits ensuring compliance with legislative and pension scheme requirements. This includes early leaver calculations, transfer values, the calculation and payment of benefits for member retiring normal/early/late or on ill-health retirement and deaths - Ensuring work is completed to agreed Service Level Agreements - Maintaining the Pensions Administration system - Dealing with enquiries from members, trustees and the employer - Liaising with Payroll/HR departments and external companies - Assisting with ad-hoc project based work - Updating the Purchase ledger with all invoices for each Scheme and seeking authorisation for payment - Scanning the day to day work carried out by the Pensions Administrators - General administration duties - Ordering and maintaining stationary - Booking meeting rooms, ordering catering and escorting visitors - Dealing with queries The successful applicant will have excellent communication skills, both written and verbal. Strong attention to detail and commitment to provide ongoing quality is required along with good knowledge of UK pensions legislation and defined benefits experience (cradle to grave). You will be a good team player, who is able to work to tight deadlines and be able to prioritise and organise your workload Qualification/Experience - Defined Benefit Administration experience from cradle to grave - Ideally experience of using Profund, with a good understanding of Word and Excel - Relevant Pensions industry qualification, such as QPA would be beneficial - The jobholder must be able to perform calculations for defined benefits pensions schemes Morson is acting as an employment business in relation to this vacancy.Pensions Administration; benefits; Profund; customer service; QPA; pensions legislation; payroll; HR administration; purchase ledger


Our Client has an urgent requirement for Marine Experienced Platers working on the Type 26 project at Govan shipyard. You will be required to attend 2 days EET training, this is mandatory prior to a start being offered

Mechanical Engineer

We have an excellent opportunity for a Site Engineer / Mechanical Engineer The successful Candidate will deliver allocated project work from assignment to close out to support the Heysham 2 site. This will require close collaboration with the client, other team members and contract partners. Key responsibilities include: Safely manage the delivery of assigned projects, jobs and tasks while working collaboratively with other team members and station staff. Work to improve Equipment Reliability across Fuel Route including through modifications, optimising maintenance routines and defect resolution. Produce Work Order Cards, Risk Assessments, Method Statements, Quality plans, Construction Plans, Engineering Changes and other documentation required to deliver projects. Ensure documentation, including drawings and records, are kept and tracked as appropriate and are updated and closed out in full at the conclusion of projects. Act as the point of contact on the power station for assigned projects. Ensure work is planned according to station processes and relevant parties are aware of the project and their responsibilities to facilitate successful project delivery. Perform walk-downs with contractors to review upcoming tasks and obtain quotes as required. Review and approve contractor documentation prior to them completing work on site. Facilitate and chair project meetings such as pre and post job briefs, setting to work meetings and readiness reviews as required. Conduct safety walks on a monthly basis as a minimum and report safety concerns through the appropriate channels immediately whenever and wherever they are found. Promote quality at all times. Comply with Company Nuclear and Station procedures. Apply internal and external standards and procedures to project activities. Attend suppliers to witness factory acceptance tests and other EDF sites to learn from experience as required for specific projects. Build up quotations for site based works after consultation and walk-downs with the client. Ensure all quotations are approved internally before issuing to the client. Supply data and updates on estimated project completion dates to assist project support staff with ensuring projects remain on time and on budget. Where this is not the case, be prompt in raising early warning notices and variations for submission to the client. Represent the Company in meetings and forums as required and when requested to by the Site Manager and Fuel Route Group Head. Mentor other site engineers through their authorisations as requested by the Site Manager. Drive continuous improvements in the relationship between the Company and the EDF Fuel Route Engineering organisation through the way we engage with the client and act as a leader in this regard with the rest of the team. Use technical and plant knowledge to assist with the scheduling of tasks for the site team.

Skills and qualifications needed for a career in cyber security