Cyber Security Programme Manager

Cyber & Information Security Programme Manager - Contract

Location: Bishopsgate, London (Hybrid - 3 days onsite)
Contract Length: 6 months
IR35 Status: Outside IR35
Start Date: ASAP
Day Rate: Competitive

We are recruiting for a Cyber & Information Security Programme Manager to lead the delivery of security programmes for a major construction industry client. This role covers both on-premise information security and Microsoft Azure cloud security, with a strong emphasis on vendor and consultancy selection.

The successful candidate will bring a hands-on background in cyber security, deep knowledge of Microsoft's cloud security stack, and experience overseeing complex programmes from end to end.

About the Role

This is a strategic and delivery-focused role requiring a strong understanding of both technical and governance aspects of security. You will be responsible for evaluating and selecting third-party vendors and consultancies, ensuring the right partners are in place to support the organisation's security objectives.

You'll oversee the implementation of security controls across both cloud and on-prem environments, ensuring alignment with compliance frameworks such as ISO 27001 and GDPR.

Key Responsibilities:

* Lead and manage cyber and information security programmes across cloud and on-prem environments
* Evaluate and select third-party vendors and consultancies to support programme delivery
* Oversee implementation of Microsoft security tools and frameworks
* Ensure alignment with compliance, governance, and regulatory standards
* Collaborate with internal stakeholders across IT, operations, and risk functions
* Support secure-by-design principles and Zero Trust architecture

Tech Environment:

Cloud Security (Microsoft Azure):

* Microsoft Sentinel
* Microsoft Defender (Cloud, Endpoint, Office 365)
* Microsoft Entra ID (Azure AD)
* Microsoft Purview
* Microsoft Intune
* Azure Security Center

Information Security (On-Premise):

* Firewalls (e.g. Palo Alto, Fortinet)
* Intrusion Detection/Prevention Systems (IDS/IPS)
* Endpoint Protection Platforms (EPP)
* SIEM tools (on-prem or hybrid)
* Identity & Access Management (IAM)
* Patch management and vulnerability scanning tools
* Data Loss Prevention (DLP) solutions

Candidate Profile:

* Strong hands-on experience in cyber and information security
* Deep understanding of Microsoft Azure security architecture
* Experience managing vendor selection and consultancy engagement
* Proven track record of delivering security programmes end to end
* Excellent stakeholder management and communication skills
* Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer)