Information Security & Resilience Consultant in Bradford

Information Security & Resilience Consultant in Bradford

Bradford Full-Time 40000 - 50000 Β£ / year (est.) No working from home possible
Advanced Resource Managers

At a Glance

  • Tasks: Conduct security due diligence for M&A, manage compliance frameworks, and enhance business continuity plans.
  • Company: Join a leading firm focused on information security and resilience.
  • Benefits: Competitive pay of up to Β£500 per day, hybrid working, and valuable experience.
  • Other info: 6-month contract with opportunities for professional growth.
  • Why this job: Make a real impact in critical security initiatives while developing your expertise.
  • Qualifications: Experience in M&A security, ISO 27001, and stakeholder management required.

The predicted salary is between 40000 - 50000 Β£ per year.

Information Security & Resilience Consultant – M&A

Hybrid working – 2 days a week onsite – London or Bradford based (6-Month contract – Inside IR35 – up to Β£500 per day)

We are seeking a highly skilled, hands-on Contract Information Security & Resilience Consultant to support several critical, high-priority strategic initiatives.

In this dual-role, you will be responsible for executing rigorous security due diligence on upcoming M&A activities, maintaining and maturing our Information Security Management System (ISMS) compliance frameworks, and driving our Business Continuity and Resilience programs.

Key Responsibilities

1. M&A Security Due Diligence

Due Diligence Assessments: Conduct comprehensive cybersecurity risk assessments and security due diligence on target acquisition companies.

  • Control Evaluation: Review target company security controls, policies, third-party assurance reports (e. g., SOC 2, ISO certifications), and historical security incident logs.
  • Identify deal-impacting risks, quantify remediation effort (cost/timeline ranges), and advise on onboarding security priorities.
  • Integration Roadmapping: Identify risk areas and formulate actionable post-acquisition security integration roadmaps and transition plans.
  • 2. Information Security Standards & Compliance (ISO 27001 & SOC 2)

Framework Governance: Assess, maintain, and mature existing security frameworks aligned with ISO/IEC 27001 and SOC 2 Type II.

  • Develop and maintain information security policies, standards, and procedures aligned to these standards and business objectives.
  • Run security risk assessments, update risk registers, and drive risk treatment/remediation plans.
  • Remediation & Evidence: Identify control gaps, collaborate with internal system owners to implement remediation plans, and collect audit-ready evidence.
  • External Audits: Assist in preparing the business, staff, and control owners for upcoming external surveillance and compliance audits.
  • 3. Business Continuity & Disaster Recovery

Plan Development: Lead the review and update of Business Continuity Plans (BCPs) across key business departments.

  • Impact

Analysis: Facilitate Business Impact Analyses (BIAs) to identify critical business processes, evaluate upstream/downstream dependencies, and define Recovery Time Objectives (RTOs).

  • Testing & Exercises: Design and execute tabletop exercises and simulation tests to validate recovery strategy effectiveness.
  • 4. Third-Party & Supplier Security

Perform vendor risk assessments, review security clauses, and ensure suppliers meet security and business continuity requirements.

  • Manage the relationship with our outsourced managed IT and information security suppliers
  • 5. Security Awareness & Stakeholder Management

Deliver security awareness initiatives and provide advisory support to projects and teams.

  • Communicate risks and recommendations clearly to leadership and non-technical stakeholders.
  • Required Skills & Experience
  • M&A Security Expertise: Proven track record of executing security due diligence on target entities during corporate acquisitions.
  • Compliance Mastery: Deep, hands-on experience implementing, auditing, or managing ISO 27001 and SOC 2 compliance programs.
  • Business Continuity Planning: Experience designing, updating, and testing Business Continuity frameworks (experience aligning with ISO 22301 is a plus)
  • Consultative Approach: Outstanding stakeholder management skills, with the ability to communicate complex security risks to business leads and M&A deal teams.
  • #J-18808-Ljbffr
Advanced Resource Managers

Contact Details:

Advanced Resource Managers Recruitment Team

We think you need these skills to ace Information Security & Resilience Consultant in Bradford

Cybersecurity Risk Assessments
Security Due Diligence
Control Evaluation
ISO 27001 Compliance
SOC 2 Compliance
Information Security Management System (ISMS)
Business Continuity Planning