Cyber Security Business Analyst – Operating Models & Technology Evaluation
Hybrid
London, United Kingdom
Freelance
10-04-2025
Job Specifications
The Role
We are seeking a highly analytical and detail-oriented Cyber Security Business Analyst to lead the assessment of operating models, tools and technologies to enhance security posture and compliance. The ideal candidate will collaborate with stakeholders to identify security needs, analyse technology solutions and provide recommendations to support strategic Cyber Security objectives.
Skills
Conduct comprehensive analysis of Cyber Security operating models to identify gaps and improvement opportunities.
Research, evaluate and recommend security tools, platforms, and technologies that align with business and compliance requirements.
Perform cost-benefit and ROI analyses for potential Cyber Security investments.
Collaborate with IT security, risk management and business units to ensure alignment of security solutions with organisational strategy.
Develop and maintain a framework for assessing Cyber Security solutions, including vendor analysis, proof-of-concept testing and risk assessment.
Gather and document business and functional requirements for Cyber Security technology implementation.
Strong understanding of Cyber Security frameworks (NIST, ISO 27001, CIS), risk management, and security operations.
Experience with security tools such as SIEM, IAM, EDR, DLP, or vulnerability management platforms.
Familiarity with IT procurement processes and vendor management.
Excellent communication, problem-solving and stakeholder management skills.
Ability to work independently and collaborate cross-functionally.
** This role is predominantly remote, however flexibility is required to attend meetings in London when necessary, with no additional costs incurred. Candidates must to be resident in the UK for compliance purposes**
About the Company
We deliver services in Cybersecurity, Application Security and DevOps and are trusted by some of the world’s leading brands to maximise the value of their security investments and to improve the efficiency of their software delivery process. Our expertise and experience in technical delivery across multiple industry sectors is what sets us apart, along with our flexible and tailored partnership approach to ensure our customers’ success, putting security at the heart of everything we do. Know more
Related Jobs
- Company Name
- Customer Talent Search
- Job Title
- IT Security Engineer (Infosec)
- Job Description
- Employer - Financial Services Client Location - Crewe Hybrid working (typically 3 days pw on site) Contract to Perm (initially a 12 month contract, likely to go perm at the end) £40,000 to £45,000 salary Plus benefits Role Overview The IT and Security Manager is responsible for overseeing both cloud and on-premises infrastructure, with a strong emphasis on security services. This includes managing network devices, antivirus solutions, spam filtering, and Security Information and Event Management (SIEM) systems. The role requires collaboration with various stakeholders to ensure that infrastructure and security measures align with the company's risk appetite, regulatory requirements, and compliance standards. Key Responsibilities The manager will lead IT infrastructure operations, including asset management, incident and problem management, and service level compliance. They will also be responsible for defining and managing secure configurations, monitoring systems for threats, conducting vulnerability assessments, and managing penetration testing activities. Additionally, the role involves responding to third-party security inquiries (Infosec queries), assisting with audit activities, and ensuring adherence to release policies and procedures. Candidate Profile The ideal candidate will have: A strong background in managing IT infrastructure and security services Experience of dealing with Infosec requests from third parties. Preferably you will have experience working within financial or insurance sectors. Experience with cloud environments, Salesforce, and data migration is essential. CVs to hello@customertalentsearch.com
- Company Name
- Hawksworth
- Job Title
- ‘IT Infrastructure Security & Vulnerability Management Engineer’ - London - £675per day inside IR35 - 6 Months
- Job Description
- Hawksworth are now recruiting for a ‘IT Infrastructure Security & Vulnerability Management Engineer’ for an Investment Banking client in London. Hybrid working – 3 days in the office per week 6 months term initially Inside IR35. Rate up to £700 per day This position is to join a global UK Infrastructure Platforms team in IT Production Services. This team provides platform and infrastructure management to all of the Global Markets Division’s front office electronic trading systems. We are looking for an experienced IT Security Consultant specialising in vulnerability management to lead and enhance our vulnerability management practice. The role involves overseeing the entire vulnerability management life cycle, including identifying, prioritizing, remediating, and reporting security risks, while also taking a strategic and hands-on leadership approach. The team is a Global team with team members located in London, New York and Singapore and will operate a follow the sun support model. Required skills and experience: Proven experience managing and running vulnerability management processes, particularly with experience leading vulnerability management in large-scale, multinational environments. In-depth knowledge of CVSS, CVE, vulnerability scoring systems, and managing the life cycle of security assessments, threat identification, and mitigation. Strong experience in security assessments, particularly within complex enterprise environments, and the ability to apply risk-based prioritization frameworks to guide remediation efforts. Strong background in security risk oversight and applying technical security vulnerability remediation practices Experience with vulnerability obsolescence andmanagement and resolution tools in particular Tenable and Flexera. Background in RedHat Linux, Microsoft Windows including WSUS and GPO management. If you have the above experience and skills and are looking for your next contract, please get in touch today! Thank you.
- Company Name
- Norton Blake
- Job Title
- Senior Security Programme Manager
- Job Description
- Security Programme Manager, 12 months, £600 - £700/day, SW London (Hybrid) We are seeking an experienced Senior Technical Programme Manager to lead a comprehensive security improvement initiative across our client's hospitality organisation. This is a contract role responsible for coordinating internal teams and external consultants to deliver a multi-faceted security enhancement programme expected to span 12+ months. You'll be driving a full-scale transformation of our client's digital security environment, turning up the heat on legacy systems, and building a next-gen, Zero Trust security architecture that scales with their brand. Key Responsibilities Lead and coordinate a comprehensive security improvement programme spanning multiple workstreams Manage and synchronize efforts between internal teams and external security consultants Lead and facilitate programme planning activities including: Conducting planning workshops and sessions with stakeholders Developing detailed implementation roadmaps Creating and maintaining programme backlogs Prioritizing workstreams based on risk assessment and business impact Coordinating resource allocation across multiple concurrent initiatives Develop and maintain detailed programme plans with clear milestones, dependencies, and resource requirements Establish effective metrics and reporting mechanisms to track security posture improvements Apply security frameworks (such as NIST) to assessments and reporting, surfacing actionable, structured insights Turn security data into strategy and deliver measurable improvements across the security landscape Oversee specific security improvement initiatives including: Device management and enrolment into our managed estate Microsoft 365 tenant architecture redesign Implementation of data governance and cleanup processes Strategic isolation and decommissioning of legacy systems while maintaining operational continuity Leading the retirement of Active Directory, guiding the shift to modern, cloud-native identity infrastructure Remediation of penetration testing findings Transition to a zero-trust network architecture Network segmentation and decommissioning of MPLS infrastructure Optimization of Okta implementation—streamlining access, enforcing MFA, and reducing risk Design and establishment of a new Unified Security Operations Centre (SOC), integrating detection, response, threat intelligence, and automation Qualifications & Experience Proven experience (7+ years) in technical programme management, with a strong focus on IT/security transformation initiatives Demonstrated success delivering large-scale, complex security programmes across multiple workstreams Strong planning and facilitation skills with experience leading cross-functional planning sessions Experience managing programmes in multi-site environments, preferably in the hospitality industry Deep understanding of Zero Trust, IAM, endpoint management, and network segmentation Strong understanding of infrastructure security, risk management, and compliance requirements Practical knowledge of key security domains including endpoint management, identity management, network security, and security operations Experience working with Microsoft 365 security features implementations Strong stakeholder management skills with the ability to communicate effectively with both technical and non-technical audiences Excellent documentation, reporting, and presentation skills Experience managing external security consultants and vendors Contractor mindset: You hit the ground running, work autonomously, and know how to deliver value quickly
- Company Name
- Hawksworth
- Job Title
- IT Security & Vulnerability Engineer (ITIL) - Global Investment Bank - 700/day GBP
- Job Description
- Position: IT Security & Vulnerability Management Engineer Industry: Investment Banking (Global Financial) Day rate contract position: 700/day (inside IR35) Initial contract length of 6 months Location: Central London Hybrid working: 3 days at their London office Do you have experience leading vulnerability management in large-scale, banking environments and in-depth knowledge of CVSS, CVE? If you tick the above boxes, and you're ready for your next contract, please apply now :-) What other experience is needed.... Managing the life cycle of security assessments, threat identification, and mitigation Experience in security assessments, particularly within complex enterprise environments Security risk oversight, applying technical security vulnerability remediation practices Identification, prioritization, remediation and reporting of security risks. Knowledge of vulnerability remediation practices Monitoring and capacity planning of local systems as a part of the global framework A nice to have.... Experience with Tenable and Flexera Background in RedHat Linux, Microsoft Windows including WSUS and GPO management This day rate contract is initially for 6 months with a view to extend. The day rate is 700/day GBP inside IR35. If you're coming to the end of your current contract and you're happy with 3 days in the office in central London, please send me your cv or message me here on LinkedIn. Email: matt@hawksworthuk.com Once we've had a quick call to discuss the position and company, I can email you the full position description. Thank you for reading our advert and I look forward to speaking with you soon. #investmentbank #security #vunerabilitymanagement #londonjobs #contractposition