Cyber Security Lead

Venesky-Brown are supporting a major UK infrastructure program. Our client in Suffolk / London, is currently looking to recruit a Cyber Security Lead until the end of March 2027 on a rate of £755.55/day (Inside IR35). This role will be based in the Suffolk or London office with hybrid working available.

Responsibilities:

- Provide assurance to the organisation, and ultimately to the Board, on the efficacy of organisation’s cyber configuration and security arrangements, risks and mitigations for devices and their access controls.

- Intelligently replicate Cyber Security policies, standards, procedures.

- Intelligent Customer (IC) responsibility for licensee Cyber Security requirements.

- Define and ensure the delivery of all assurance activities required to demonstrate compliance with all security requirements, including those specified and delivered by NS, EIS and EPRP or other third parties, that protect the confidentiality, integrity and availability of information stored or processed upon devices, physical or virtual.

- Review and acceptance of security designs produced by EPRP and Suppliers.

- Set the requirements and own the development and implementation of processes and procedures that deliver secure Cyber operations within the organisation, including to SaaS providers.

- Ensure that all Cyber Risks are captured within project risk logs and with the BISO into security risk tools, define and assure delivery of all mitigations. Provide briefings to the Security team on risks.

- Utilising up-to-date knowledge of Cyber security tools including in M365 to advise and support the project in delivering the best Cyber security approach that aligns data privacy, business objectives and ensuring information security safeguards are effective through assurance activities.

- Evaluate the Cyber Threat and Vulnerability landscape, proposed refinement and develop of policies and controls to reduce residual risk and attack surface.

Essential Skills:

- Knowledge of Cyber Security and assurance of deployed controls.

- Established cyber security credentials.

- Good working knowledge of applicable international standards and information security frameworks (ISO27001, CIS, NIST, GDPR, Cyber Essentials Plus).

- Aware of risk assessment methodologies including ISO27005 and NIST.

- Familiar with Cyber Security tools such as Defender for Cloud, Defender, Purview and Intune

- Familiarity with process of Vulnerability Scanning and Management together with Penetration Testing.

- Good working knowledge of Device deployment, management, patching, conditional access, isolation, Assurance of deployed baselines and Reporting and Dashboards.

- Knowledge of National Protective Security Authority (NPSA) and National Cyber Security Centre (NCSC) guidance and frameworks including Cyber Essentials.

- Confident in own abilities and be able to deliver in a dynamic environment.

- Proven stakeholder management.

- Excellent presentation and communication skills

- Must currently hold or be able to achieve National Security Vetting (NSV) Security Check (SC).

- A role requiring regular visits to offices, partners, alliances and sites and temporary structures around them.

Desirable Skills:

- Experience in a complex project environment including change control processes.

- Excellent written English, including the preparation of suites of technical documents.

If you would like to hear more about this opportunity please get in touch.