Cyber Risk & Assurance Lead (Contract) £600/day | Inside IR35 | 12 months
Hybrid – 2 days per week on-site
We’re seeking an experienced Cyber Risk & Assurance Lead to support digital product teams in a highly regulated environment. This role focuses on practical cyber risk discovery, proportionate assurance, and informed decision‑making, embedded directly into delivery.
Responsibilities
- Lead cyber risk discovery across digital products (data flows, endpoints, pipelines, integrations)
- Identify gaps in security controls, data handling, and architecture documentation
- Assess risks relating to PII, sensitive data, endpoints, and third‑party dependencies
- Embed cyber requirements early in design and delivery
- Validate implementation of agreed security controls
- Provide cyber assurance input to Architecture Reviews, HLDs, and ADRs
- Own cyber risk assessments, residual risk statements, and assurance artefacts
- Present clear risk options and recommendations to senior stakeholders
- Act as a trusted cyber partner to product, engineering, architecture, and compliance teams
- Drive continuous improvement in cyber assurance processes
Essential Experience
- Strong background in cyber security, risk management, or security assurance
- Understanding of modern architectures (cloud, APIs, data pipelines)
- Experience working with PII and regulated data
- Ability to review and challenge architectural designs
- Excellent communication and stakeholder management skills
Desirable
- Experience in aviation, critical infrastructure, or regulated industries
- Familiarity with GDPR, NIS, and enterprise cyber governance
- Agile delivery experience
- Background in security architecture or engineering
For more information on this role or other similar roles please contact Phil Brindley.
