La tua attuale ricerca di lavoro

Cyber Security Programme Manager - Contract

Location: London (Hybrid - 3 days onsite at Bishopsgate HQ)
Contract Length: 6 months (with potential extension up to 36 months)
IR35 Status: Outside IR35
Start Date: ASAP
Day Rate: Competitive

We are seeking an experienced and strategic Cyber Security Programme Manager to lead a major enterprise-wide cyber security uplift programme for a leading organisation in the construction industry. This transformation initiative spans 24-36 months and aims to significantly enhance the organisation's security posture across both cloud (Microsoft Azure) and on-premise environments, aligned to the NIST Cybersecurity Framework (CSF) and CIS Controls.

Key Responsibilities

* Lead the end-to-end delivery of a multi-stream cyber security uplift programme
* Manage the RFP process and selection of third-party vendors and consultancies
* Oversee the external delivery partner, ensuring accountability for risks, issues, and deadlines
* Deliver initiatives across people, process, technology, and governance
* Manage smaller internal cyber security projects outside the partner's scope
* Maintain programme governance, risk management, and resource planning
* Collaborate with senior stakeholders, IT teams, and external suppliers
* Drive change management and embed new security disciplines across the organisation
* Monitor progress against KPIs, including NIST CSF and CIS maturity improvements
* Ensure compliance with internal policies, data protection laws, and industry standards
* Manage programme budgets and ensure value delivery

Technology Environment

Cloud Security (Microsoft Azure):

* Microsoft Sentinel
* Microsoft Defender (Cloud, Endpoint, Office 365)
* Microsoft Entra ID (Azure AD)
* Microsoft Purview
* Microsoft Intune
* Azure Security Center

Information Security (On-Premise):

* Firewalls (e.g. Palo Alto, Fortinet)
* Intrusion Detection/Prevention Systems (IDS/IPS)
* Endpoint Protection Platforms (EPP)
* SIEM tools (on-prem or hybrid)
* Identity & Access Management (IAM)
* Patch management and vulnerability scanning
* Data Loss Prevention (DLP)

Candidate Profile

* Proven experience delivering large-scale cyber and information security programmes
* Strong hands-on background in cyber security and technical delivery
* Deep understanding of Microsoft Azure security architecture and tooling
* Experience managing third-party vendors and consultancies
* Familiarity with NIST CSF, CIS Controls, and ISO 27001
* Excellent stakeholder engagement and communication skills
* Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer)

Cyber & Information Security Programme Manager - Contract

Location: Bishopsgate, London (Hybrid - 3 days onsite)
Contract Length: 6 months
IR35 Status: Outside IR35
Start Date: ASAP
Day Rate: Competitive

We are recruiting for a Cyber & Information Security Programme Manager to lead the delivery of security programmes for a major construction industry client. This role covers both on-premise information security and Microsoft Azure cloud security, with a strong emphasis on vendor and consultancy selection.

The successful candidate will bring a hands-on background in cyber security, deep knowledge of Microsoft's cloud security stack, and experience overseeing complex programmes from end to end.

About the Role

This is a strategic and delivery-focused role requiring a strong understanding of both technical and governance aspects of security. You will be responsible for evaluating and selecting third-party vendors and consultancies, ensuring the right partners are in place to support the organisation's security objectives.

You'll oversee the implementation of security controls across both cloud and on-prem environments, ensuring alignment with compliance frameworks such as ISO 27001 and GDPR.

Key Responsibilities:

* Lead and manage cyber and information security programmes across cloud and on-prem environments
* Evaluate and select third-party vendors and consultancies to support programme delivery
* Oversee implementation of Microsoft security tools and frameworks
* Ensure alignment with compliance, governance, and regulatory standards
* Collaborate with internal stakeholders across IT, operations, and risk functions
* Support secure-by-design principles and Zero Trust architecture

Tech Environment:

Cloud Security (Microsoft Azure):

* Microsoft Sentinel
* Microsoft Defender (Cloud, Endpoint, Office 365)
* Microsoft Entra ID (Azure AD)
* Microsoft Purview
* Microsoft Intune
* Azure Security Center

Information Security (On-Premise):

* Firewalls (e.g. Palo Alto, Fortinet)
* Intrusion Detection/Prevention Systems (IDS/IPS)
* Endpoint Protection Platforms (EPP)
* SIEM tools (on-prem or hybrid)
* Identity & Access Management (IAM)
* Patch management and vulnerability scanning tools
* Data Loss Prevention (DLP) solutions

Candidate Profile:

* Strong hands-on experience in cyber and information security
* Deep understanding of Microsoft Azure security architecture
* Experience managing vendor selection and consultancy engagement
* Proven track record of delivering security programmes end to end
* Excellent stakeholder management and communication skills
* Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer)

Security Engineer - Contract Position
Location: Knutsford (Hybrid - 3 days onsite per week)
Contract Length: 5 months
Rate: Up to £630/day
IR35: Inside

A high-impact engineering team is seeking a Security Engineer to help build a secure telemetry pipeline MVP. This role is ideal for someone with deep technical knowledge of containerized systems, observability tooling, and infrastructure security.

Overview

You'll be responsible for embedding security throughout the pipeline lifecycle, working closely with DevOps and software engineers to ensure secure deployment, monitoring, and data flow.

Responsibilities

* Develop and enforce security practices across Kubernetes and OpenShift environments
* Secure GitLab repositories and CI/CD workflows
* Integrate and harden observability tools including Cribl, Elastic, Splunk, Fluentd, and Syslog
* Conduct risk assessments, threat modelling, and vulnerability analysis
* Collaborate on infrastructure-as-code and deployment automation with a security-first approach
* Respond to alerts and incidents from monitoring platforms
* Maintain clear documentation of security architecture and operational procedures

Required Experience

* Strong hands-on experience with Kubernetes and OpenShift in production settings
* Deep understanding of GitLab and secure CI/CD pipeline design
* Familiarity with telemetry and logging tools
* Solid grasp of network security fundamentals including firewalls, VPNs, and protocols
* Experience with compliance frameworks such as NIST or ISO 27001
* Knowledge of container security tools (e.g., Aqua, Twistlock, Trivy)
* Strong problem-solving and communication skills

Preferred Background

* Certifications such as CISSP, CISM, or CKS
* Experience working on MVPs or in agile/startup environments
* Exposure to cloud security across AWS, Azure, or GCP

Cyber Security Programme Manager - Contract

Location: Bishopsgate, London (Hybrid - 3 days onsite)
Contract Length: 6 months
IR35 Status: Outside IR35
Start Date: ASAP
Day Rate: Competitive

A leading organisation in the construction sector is seeking a Cyber Security Programme Manager to oversee the delivery of strategic security programmes within a Microsoft Azure environment. This role will support the business in strengthening its security posture across infrastructure, data, and identity, while ensuring compliance with industry standards.

Key Responsibilities:

* Lead the planning and execution of cybersecurity programmes across the organisation
* Manage stakeholder relationships across IT, operations, and compliance teams
* Implement and optimise Microsoft security tools and frameworks
* Ensure alignment with regulatory and industry standards (e.g. ISO 27001, GDPR)
* Support the business in adopting secure-by-design and Zero Trust principles

Tech Environment:

* Microsoft Sentinel
* Microsoft Defender (Cloud, Endpoint, Office 365)
* Microsoft Entra ID (Azure AD)
* Microsoft Purview (Data Governance & DLP)
* Microsoft Intune
* Azure Security Center

Candidate Profile:

* Experience delivering cyber programmes in Microsoft environments
* Strong understanding of Azure security architecture and tooling
* Background in construction, infrastructure, or related industries is beneficial
* Excellent communication and stakeholder management skills
* Relevant certifications (e.g. SC-100, CISSP, CISM) are desirable