GRC - Cyber Assurance and Risk Lead
Hybrid
London, United Kingdom
Freelance
21-01-2025
Job Specifications
GRC - Cyber Assurance and Risk Lead
Up to £750 a day Inside IR35
Must hold current SC Clearance
6-month Contract
London – Hybrid – 2/3 days office-based
A strategic and leadership role.
You will be instrumental in shaping and driving security and risk programs to align with internal business objectives as well as industry good practice (including Secure by Design aligned to UK Government principles) and regulatory requirements (including GovAssure and NCSC Cyber Assurance Framework)"
RESPONSIBILITIES
Develop and execute GRC strategies that align with business objectives and inform appropriate supporting business processes
Drive pragmatic and creative solutions to GRC challenges, applying agile methodologies to adapt to new regulations, compliance requirements and business change
Advise on and foster continuous improvement and effectiveness of GRC processes, driving improved management information to better allow appropriate prioritisation and risk based decisions
Lead initiatives that build a culture of accountability and responsibility across engagements
Enhance governance processes and advise on how best to evidence alignment with regulatory requirements (such as NCSC CAF) and industry good practice (including Secure by Design)
Providing security expertise across security standards and accreditations, measure and control the effectiveness of the security controls framework and maintain the Information Security Management System.
Deriving and delivering documented Information Security Management Plans which incorporate Regulatory, Legal and Compliance in relation to applicable security policies. Standards and guidelines
Assisting with the identification of identified risks and emerging cyber security vulnerabilities and threats. The subsequent analysis to quantify and lead risk mitigation plans
Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify/evidence appropriate compliance and security KPIs
Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy including regulatory and compliance considerations
Lead the development and enhancement of governance, risk and compliance aligned to policy, standards an industry good practice
Ensure that continuous assessment, identification, analysis and reporting of useful metrics to enable informed risk based decisions to be taken
Develops and maintains Information Security Management practice and process to ensure certification to required industry standards (e.g., ISO 27001) within relevant geographic boundaries.
Performs focused information risk assessments of existing or new services and technologies, alongside the Operational/Service Management team and technology subject matter experts.
As required, will extend the assessment of existing and proposed services to third party suppliers, including the facilitation of IT Security checks during the supplier onboarding and contract lifecycle to ensure coherent approach to risk management
Maintains strong working relationships with individuals and groups involved in managing information risk across the in-scope services and aligned suppliers / 3rd parties
Chairs and co-ordinates Security Working Groups (SWG) and actively participates in supporting/governing forums
EXPERIENCE AND QUALIFICATIONS REQUIRED
Requires extensive knowledge of GRC frameworks, regulatory compliance obligations and a proactive approach to risk management
Minimum of 10 years’ experience in a Governance, Risk and Compliance role, with at least 5 years in a leadership or managerial position
Relevant certifications such as CISSP, CISM, CCSP, CISA, CRISC or equivalent experience
Expertise and practical knowledge and understanding of industry security frameworks and guidance such as NIST 800-53, NCSC CAF GovAssure, NIST CSF, DORA and NCSC guidelines
Good knowledge and understanding of Cyber Security domains, including; network and cloud security, security operations, vulnerability management, Third Party supplier Risk Management, application security, physical security.
Good knowledge of networking (switching, routing, firewalls)
A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE)
Experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc
About the Company
We match the right talent to the right jobs. Over the past two decades, our expert consultants have enabled countless organisations to drive their business forward, both in the UK and internationally. We've also had the opportunity to work with some of the UK's biggest projects! Interested? Get in touch to find out more. We specialise in the following sectors: Automotive | Cyber Security | Defence & Aerospace | Energy | Facilities Management | IT | Life Sciences | Maritime | Professional Services | Transportation & Infr... Know more
Related Jobs
- Company Name
- Solvex Solutions
- Job Title
- Mainframe Programmer
- Job Description
- Location - Knutsford, Onsite Full time B2B/ Freelance contract - (8 Hours/Day - 5 Days/Week) Required Qualifications: • Experience with DB2 and other mainframe databases. • Knowledge of IMS Connect and IMS SOAP Gateway. • Familiarity with automation tools and scripting languages. • Certification in IMS or related technologies. • Proven experience as an IMS Systems Programmer or similar role. • In-depth knowledge of IMS architecture, including IMS DB and IMS TM. • Strong understanding of mainframe operating systems, particularly z/OS. • Proficiency in IMS system utilities and tools. • Excellent problem-solving skills and the ability to work under pressure. • Strong communication and collaboration skills. • Experience with performance tuning and capacity planning for IMS systems.
- Company Name
- Intec Select
- Job Title
- Artificial Intelligence Engineer
- Job Description
- AI Research Engineer - 6 Month Contract (Inside IR35) - London - SC Clearance - £600 Per Day About the Role We are seeking a highly skilled AI/NLP & Computer Vision Specialist to join an innovative deep-tech organisation on a 6-month contract basis. This is a unique opportunity to work on pioneering artificial intelligence technologies, contributing to cutting-edge advancements in Natural Language Processing (NLP) and Computer Vision. The role is based onsite in Central London and requires active SC Clearance. Key Responsibilities: Develop and refine AI algorithms, focusing on Neural Network-based NLP and Computer Vision solutions. Adapt existing methodologies and innovate new scientific techniques and experimental protocols. Analyse and interpret complex datasets, improving AI-driven solutions for real-world applications. Collaborate with internal teams and external partners, including institutional, academic, and commercial organisations. Provide technical expertise and advice across the organisation, supporting various AI-driven projects. Occasionally contribute to bid writing and business development activities. Represent the organisation at industry events, conferences, and client meetings, potentially including overseas travel. Required Qualifications & Experience: Master’s or PhD in Computer Science, Electrical Engineering, Mathematics, or a related field. Alternatively, equivalent industry experience with a proven track record of successful projects. Strong experience in Neural Network-based NLP and Computer Vision. Proficiency in Python and relevant AI/ML frameworks (e.g., TensorFlow, PyTorch). Demonstrated ability to work effectively in a fast-paced, start-up or research-driven environment. Strong problem-solving skills, with an ability to adapt to evolving project demands. Excellent written and verbal communication skills. Experience working with government agencies or institutions is a plus. Preferred Qualifications & Skills: PhD in a relevant discipline with specialisation in NLP, Computer Vision, or Speech/Video Processing. Background in classical computer vision techniques. Strong understanding of machine learning and AI principles. Prior experience working on commercial AI projects. Confident in client-facing roles and presenting technical concepts to diverse audiences. AI Research Engineer - 6 Month Contract (Inside IR35) - London - SC Clearance - £600 Per Day
- Company Name
- Intuition IT – Intuitive Technology Recruitment
- Job Title
- Cyber Security Analyst
- Job Description
- Role: OT Cyber Security BA Duration: 6 months plus possible extension Type of contract: contract-based inside IR35 Location: London (hybrid) Responsibilities Analyze and define business and technical requirements from Cyber Security Risk Assessments, including requirements for establishing new roles, implementing new processes and/or tooling. Syndicate and refine requirements with impacted stakeholders, produce estimates and conduct stakeholder interviews. Support Project Manager in building and implementing IDS solution across factories Conduct stakeholder and vendor analysis Create and maintain project documentation (current state, target state, business requirements, functional and non-functional requirements, system requirements, requirements traceability matrix, test cases, use cases) Assist in project planning Organize workshops and deep dive sessions with business and technical stakeholders as well as vendors and 3rd parties Supporting impacted stakeholders (e.g. SOC team, Factory OT Support, IT Support, Business) with their understanding of the requirements, impact and implementation Constantly evaluate existing processes and optimize them in terms of efficiency and risk mitigation, Establish relationships with Technical, Business, and IT Leaders in order to assist in the adoption of the OT Cybersecurity Transformation Program Skills and Experience minimum 3 years of experience in a clearly defined Business Analyst role in IT Security and infrastructure-related projects, familiar with IT infrastructure (components, environment, connectivity) knowledge and understanding of network environments (routing, switching, routing protocols, internet, firewalls) and general network architecture. ability to discuss requirements on a technical level (IT Infrastructure, Network, Application) as well as business level ability to document workflows and processes, proficient with data modeling, power BI, SharePoint, ability to produce high and low level diagrams, Strong written and verbal communication and presentation skills Good understanding of cyber security controls (Vulnerability Management, Data Protection, Intrusion Detection, Application Security, Network Security, Access Management) Demonstrable security awareness, and understanding of security in the broad business context Experience applying business analysis techniques in infrastructure or cyber security projects Awareness of change management processes including development lifecycle (SDLC)
- Company Name
- Oxford Global Resources
- Job Title
- Network Engineer
- Job Description
- ** FREELANCE OPPORTUNITY ** Start Date: ASAP, would like to have candidate selected this week if possible, next week at the latest. Latest Start Date: 24th February Length Of Assignment:6 Months Location(s) and expected travel: 4-5 days per week onsite in Billingham (near Middlesbrough/Durham) Network Engineer: Lead the day-to-day support and availability of the Client network Infrastructure, this includes but is not limited to build, configure, administer, and support network infrastructure technologies and solutions. Technical network documentation Installing Switchers & Routers Project support to help drive the local and global IT initiative Monitoring of the FDB platform Work with the established service management tool (ServiceNow) to record, update and manage incidents Technical Skills: Minimum 5 years of experience working with Cisco switching and routing, Cisco Meraki, Cisco wireless and Palo Alto Firewalls or equivalent technologies Proven experience with ServiceNow or other ITIL tools Proven experience of SNMMP monitoring tools Proven experience of Server room/IT room management Experience in a GMP regulated environment is desired.