Job Title: Cyber Security Governance Risk and Assurance Lead (5-Month Contract)

Location: Remote (with monthly meetings in Exeter)

Rate: 470/day

AN EXISTING SC CLEARANCE IS REQUIRED FOR THIS ROLE

We are actively seeking a dynamic and experienced professional to join a government team as a Cyber Security Governance Risk and Assurance Lead. In this pivotal role, you will be responsible for leading and taking a hands-on approach in delivering cyber security policies, standards, and guidance. The Successful candidate will need to have demonstrable evidence of hands on experience writing and maintaining cyber policies and standards in line with applicable frameworks and regulation

Key Responsibilities:

Policy Development and Implementation:

• Lead the development, implementation, and communication of comprehensive cyber security policies, standards, and guidelines.
• Craft policies aligning with industry best practices (NIST CSF, NCSC CAF, CIS), legal requirements, and business needs.

Standards and Guidance:

• Establish and maintain a set of cyber security standards and guidance documents providing clear direction for the implementation of security controls and measures.

Collaboration:

• Collaborate with internal stakeholders to understand business needs and seamlessly integrate cyber security policies into operational processes.
• Provide expert guidance, fostering a culture of security awareness and compliance.

Continuous Improvement:

• Stay abreast of industry trends, emerging threats, and regulatory changes to continuously enhance and update cyber security policies and standards.
• Conduct regular assessments to identify gaps and opportunities for improvement in our cybersecurity posture.

Mentoring:

• Provide mentorship and training to junior risk managers in developing robust cyber security policy sets.

Qualifications and Requirements:

• Proven experience in leading the development and implementation of cybersecurity policies and standards.
• Strong technical background in cybersecurity with a hands-on approach to policy implementation.
• Excellent communication and interpersonal skills to effectively engage with stakeholders at all levels.
• In-depth knowledge of industry regulations, best practices, and emerging threats.
• Relevant certifications such as CISSP, CISM, or equivalent are highly desirable.

Working Arrangements: The role will be largely remote, with an expectation that the candidate will attend site in Exeter for team meetings once per month.

If you are an experienced Cyber Security professional with a passion for policy development and implementation, and if you thrive in a dynamic and collaborative environment, we encourage you to apply.