Cyber Risk & Assurance Lead (Contract)

£600/day | Inside IR35 | 12 months

Hybrid - 2 days per week on-site

We're seeking an experienced Cyber Risk & Assurance Lead to support digital product teams in a highly regulated environment. This role focuses on practical cyber risk discovery, proportionate assurance, and informed decision-making, Embedded directly into delivery.

Responsibilities

• Lead cyber risk discovery across digital products (data flows, endpoints, pipelines, integrations)
• Identify gaps in security controls, data handling, and architecture documentation
• Assess risks relating to PII, sensitive data, endpoints, and third-party dependencies
• Embed cyber requirements early in design and delivery
• Validate implementation of agreed security controls
• Provide cyber assurance input to Architecture Reviews, HLDs, and ADRs
• Own cyber risk assessments, residual risk statements, and assurance artefacts
• Present clear risk options and recommendations to senior stakeholders
• Act as a trusted cyber partner to product, engineering, architecture, and compliance teams
• Drive continuous improvement in cyber assurance processes

Essential Experience

• Strong background in cyber security, risk management, or security assurance
• Understanding of modern architectures (cloud, APIs, data pipelines)
• Experience working with PII and regulated data
• Ability to review and challenge architectural designs
• Excellent communication and stakeholder management skills

Desirable

• Experience in aviation, critical infrastructure, or regulated industries
• Familiarity with GDPR, NIS, and enterprise cyber governance
• Agile delivery experience
• Background in security architecture or engineering