Cyber Security Programme Manager

Cyber & Information Security Programme Manager - Contract

Location: Bishopsgate, London (Hybrid - 3 days onsite)Contract Length: 6 months IR35 Status: Outside IR35 Start Date: ASAP Day Rate: Competitive

We are recruiting for a Cyber & Information Security Programme Manager to lead the delivery of security programmes for a major construction industry client. This role covers both on-premise information security and Microsoft Azure cloud security, with a strong emphasis on vendor and consultancy selection.

The successful candidate will bring a hands-on background in cyber security, deep knowledge of Microsoft's cloud security stack, and experience overseeing complex programmes from end to end.

About the Role

This is a strategic and delivery-focused role requiring a strong understanding of both technical and governance aspects of security. You will be responsible for evaluating and selecting third-party vendors and consultancies, ensuring the right partners are in place to support the organisation's security objectives.

You'll oversee the implementation of security controls across both cloud and on-prem environments, ensuring alignment with compliance frameworks such as ISO 27001 and GDPR.

Key Responsibilities:

• Lead and manage cyber and information security programmes across cloud and on-prem environments
• Evaluate and select third-party vendors and consultancies to support programme delivery
• Oversee implementation of Microsoft security tools and frameworks
• Ensure alignment with compliance, governance, and regulatory standards
• Collaborate with internal stakeholders across IT, operations, and risk functions
• Support secure-by-design principles and Zero Trust architecture

Tech Environment:

Cloud Security (Microsoft Azure):

• Microsoft Sentinel
• Microsoft Defender (Cloud, Endpoint, Office 365)
• Microsoft Entra ID (Azure AD)
• Microsoft Purview
• Microsoft Intune
• Azure Security Center

Information Security (On-Premise):

• Firewalls (e.g. Palo Alto, Fortinet)
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Endpoint Protection Platforms (EPP)
• SIEM tools (on-prem or hybrid)
• Identity & Access Management (IAM)
• Patch management and vulnerability scanning tools
• Data Loss Prevention (DLP) solutions

Candidate Profile:

• Strong hands-on experience in cyber and information security
• Deep understanding of Microsoft Azure security architecture
• Experience managing vendor selection and consultancy engagement
• Proven track record of delivering security programmes end to end
• Excellent stakeholder management and communication skills
• Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer)