Overview
We are seeking multiple Cyber Security Analysts for 6-month contracts focused on Cyber Essentials Plus and Governance, Risk Management, and Compliance (GRC) in a hybrid working arrangement. The roles involve taking ownership of key security programs, working collaboratively with technical teams and senior stakeholders to enhance cyber security capabilities within a prominent UK transportation and infrastructure organization. Successful candidates will contribute significantly to remediation efforts and the establishment of a robust cyber risk management framework.
Responsibilities
- Lead the Cyber Essentials Plus remediation programme.
- Review and progress an existing security gap analysis.
- Design and implement a cyber risk management framework.
- Develop a consistent risk assessment methodology.
- Manage issues related to technical remediation across IT environments.
- Gather and validate technical evidence for certification submissions.
- Conduct cyber and information security risk assessments.
- Establish governance forums and facilitate risk governance meetings.
Requirements
- Experience delivering Cyber Essentials or Cyber Essentials Plus.
- Strong background in cyber or information security risk management.
- Technical security remediation experience.
- Ability to create and maintain a cyber risk register.
- Knowledge of ISO 27001 and ISO 27005.
- Strong stakeholder-management and facilitation skills.
- Experience coordinating security testing and remediation efforts.
- Capability to translate technical findings into meaningful business risks.