Enable job alerts via email!
Cyber Assessment Framework Specialist
Experis
Greater London
Hybrid
GBP 80,000 - 100,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading consulting firm in the UK is looking for a Cyber Assessment Framework Specialist to develop a new overarching cybersecurity controls framework. This role focuses on aligning processes across the organization, requiring strong experience in large organizations and business analysis within cybersecurity. Candidates will work with stakeholders to ensure effective implementation and monitoring of the framework. The position is based in various locations including London and requires on-site presence three days a week.
Qualifications
- Strong experience in large organizations is essential.
- Background in telecom preferred but not mandatory.
- Emphasis on business analysis within cybersecurity GRC.
Responsibilities
- Develop a new overarching cybersecurity controls framework.
- Align processes and terminology across organization.
- Engage with stakeholders at various levels.
Skills
Role: Cyber Assessment Framework Specialist x 2
Location: Bristol, London, Birmingham, or Manchester (3 days per week on-site)
Duration: 3 Months
Day rate: £400 Umbrella Only (Inside IR35)
The position focuses on developing a new overarching cybersecurity controls framework rather than implementing an existing one. This framework will unify processes across the organization, including areas like:
- Identity and Access Management
- Pen Testing
- System Security
It will serve as a governance, risk, and compliance (GRC) framework, under which other frameworks (CAF, PCI, ISO) will nest.
- Business Process Orientation: The role is less technical and more about aligning processes, terminology, and roles across BT.
- Systems Thinking: Required to design and develop a framework that works at scale for a large enterprise.
- Metrics & Monitoring: Candidate should understand metrics to ensure processes operate effectively.
- Stakeholder Engagement: Involves working with managers and operators of processes, plus occasional senior-level engagement.
- Strong experience in large organizations is essential; small business experience won't translate well.
- Background in telecom is preferred but not mandatory; banking or other regulated sectors at enterprise scale are acceptable.
- Emphasis on business analysis and process design within cybersecurity GRC, rather than deep technical expertise.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
