Cyber Security Policy and Standards Specialist

Cyber Security Policy and Standards Specialist

3 months

Bristol / London - x3 days onsite x2 remote

£570 per day Inside IR35 - Umbrella only

The Security Policy and Standards Specialist plays a critical role in ensuring the security and compliance of our operations, policies, and procedures. In this role, you will be working closely with the team to directly assist with the creation, maintenance, and operation of the entire security policy and standards landscape. Your contribution will be key to ensuring our guidelines are up-to-date, clearly communicated, and consistently applied across the business.

Our policy and standards are the essential framework that allows our organisation to operate securely and effectively. They translate our mission into action, ensuring legal compliance, mitigating risk, and driving efficiency, helping us unlock new business opportunities, protect customer data, and build the trust: providing the foundation for a culture of accountability and trust that underpins our brand. As part of the Security Policy and Standards team, you will help keep a safe and secure, empowering our colleagues with clear guidance and controls. This role is a fantastic opportunity for those looking to build their career in governance, risk and compliance while making a real difference to the security and resilience.

What I'll be doing - your accountabilities

Supporting the creation, maintenance, and improvements to the Security Policy and Standards and associated processes
Supporting the definition of metrics for measuring compliance to security policies and standards, working in collaboration with the Risk, Governance, and Assurance teams to ensure they align to the risks the business faces and providing regular reports on compliance metrics
Tracking effectiveness of the delivery of content with various KPIs and metrics, as well as, implementing continuous improvement.
Use data to inform decisions, ensuring metrics are clear, unambiguous, and data-driven, with a focus on compliance and assurance.
Developing and maintaining educational and training materials to ensure compliance with regulatory and contractual obligations.
Work collaboratively with other members of the Secure in Operation function to drive an integrated and supportive culture.
, championing a security-conscious mindset through your actions and collaboration.
You will be responsible for executing the day-to-day administrative duties that form the foundation of our risk management and compliance programs.MANDATORY

3
Ability to translate complex, technical problems into easy-to-understand language
Good understanding of and passion for cyber security best practice.
Familiarity with the core principles of GRC (Governance, Risk, and Compliance) within a technology environment.
Computer literacy (with focus on PowerPoint and Excel).

PREFERRED

Bachelor's degree in computer science, Information Security, Compliance, or a related field
genuine passion for cyber security and a strong desire to learn and develop in the field.
Excellent problem-solving skills and the ability to think critically under pressure.
Hands-on experience supporting compliance assessments, such as by gathering evidence, tracking findings, or helping to prepare reports on control effectiveness.
Experience contributing to security risk management activities, such as helping to identify threats, assess potential impacts, and document risks in a risk register.
A relevant security certification is highly preferred (e.g. CISSP, CISM, CASP+, CRISC, GSEC. Etc)

Suitable Candidates should submit CVs in the first instance