Security Lead

Security Lead - DV Cleared

Outside IR35 - £500 per day

3-4 Month Contract (Likely Extension)

Maidenhead (Hybrid working)

UK Public Sector

We are seeking an experienced Supplier Security Lead to act as the accountable security authority for a complex Oracle ERP Managed Service within a major UK Government environment.

This is a senior, contractually-named security leadership role with day-to-day operational ownership of service security, ensuring compliance with UK Government security policy, NCSC frameworks, and client-specific security and assurance requirements.

The role operates at the intersection of security governance, cloud security engineering, and live service operations, with direct engagement across the client's Security Operations Centre (SOC), internal delivery teams, and third-party vendors.

Key responsibilities:
  • Act as the named security authority for the managed service across OPERATE and DEVELOP
  • Own day-to-day operational security posture, risk identification, and continuous improvement
  • Lead security engagement within client Design Authority and Enterprise Architecture forums
  • Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination
  • Oversee security incident management in line with the client Cyber Security Incident Response Plan
  • Own joiner/mover/leaver processes, RBAC, PAM, and monthly access control audits
  • Ensure delivery of security assurance artefacts for internal and external audit requirements
  • Support and coordinate penetration testing, vulnerability management, and disaster recovery exercises
  • Ensure compliance with GDPR / DPA 2018, NCSC IAS5, CAF, and related government standards
  • Maintain and enforce security controls across Oracle Cloud environments and SaaS applications
  • Ensure secure configuration of Oracle ERP (HCM, ERP, EPM) security models including SoD and data access controls
  • Provide regular security reporting to client governance and assurance functions
  • Act as escalation point for all service security risks and vulnerabilities
We're looking for:
  • Proven experience as a security lead or accountable security owner on UK Government managed service contracts
  • Strong understanding of NCSC HMG IAS5, Cyber Assessment Framework (CAF), ISO 27001, and GDPR
  • Hands-on experience integrating with a UK Government SOC, including incident response and security reporting
  • Strong working knowledge of Oracle Cloud security (OCI IAM, Vault, network security, audit, PAM)
  • Experience securing Oracle SaaS applications (ERP, HCM, EPM) including RBAC and segregation of duties
  • Background in operational security, not purely advisory or policy-based roles
  • Experience leading security assurance, audit, and compliance activities in regulated environments
  • Strong stakeholder management skills across technical, operational, and governance audiences
Requirements:
  • DV Clearance (essential - must be active or recently held with credible reactivation route)
  • UK National (mandatory)
  • Must be willing to work exclusively within the UK
  • Must be available for hybrid attendance at UK secure sites as required

RSG Plc is acting as an Employment Business in relation to this vacancy.

Apply Now
Apply Now

Job Details

Company
Method Resourcing
Location
Maidenhead, Berkshire, England, United Kingdom
Hybrid / Remote Options
Employment Type
Contractor
Salary
£500 per day
Posted