Cyber Security Policy and Standards Specialist

City of London
1 month ago
Applications closed

Related Jobs

View all jobs

Cyber Security Policy & Procedure Specialist

Security Assurance Consultant

Roofer

CYBER SECRUITY POLICY & PROCEDURE SPECIALIST

Information Security & Risk Specialist

Information Security & Risk Specialist

Cyber Security Policy and Standards Specialist

3 months

Bristol / London - x3 days onsite x2 remote

£570 per day Inside IR35 - Umbrella only

The Security Policy and Standards Specialist plays a critical role in ensuring the security and compliance of our operations, policies, and procedures. In this role, you will be working closely with the team to directly assist with the creation, maintenance, and operation of the entire security policy and standards landscape. Your contribution will be key to ensuring our guidelines are up-to-date, clearly communicated, and consistently applied across the business.

Our policy and standards are the essential framework that allows our organisation to operate securely and effectively. They translate our mission into action, ensuring legal compliance, mitigating risk, and driving efficiency, helping us unlock new business opportunities, protect customer data, and build the trust: providing the foundation for a culture of accountability and trust that underpins our brand. As part of the Security Policy and Standards team, you will help keep a safe and secure, empowering our colleagues with clear guidance and controls. This role is a fantastic opportunity for those looking to build their career in governance, risk and compliance while making a real difference to the security and resilience.

What I'll be doing - your accountabilities

Supporting the creation, maintenance, and improvements to the Security Policy and Standards and associated processes
Supporting the definition of metrics for measuring compliance to security policies and standards, working in collaboration with the Risk, Governance, and Assurance teams to ensure they align to the risks the business faces and providing regular reports on compliance metrics
Tracking effectiveness of the delivery of content with various KPIs and metrics, as well as, implementing continuous improvement.
Use data to inform decisions, ensuring metrics are clear, unambiguous, and data-driven, with a focus on compliance and assurance.
Developing and maintaining educational and training materials to ensure compliance with regulatory and contractual obligations.
Work collaboratively with other members of the Secure in Operation function to drive an integrated and supportive culture.
, championing a security-conscious mindset through your actions and collaboration.
You will be responsible for executing the day-to-day administrative duties that form the foundation of our risk management and compliance programs.MANDATORY

3
Ability to translate complex, technical problems into easy-to-understand language
Good understanding of and passion for cyber security best practice.
Familiarity with the core principles of GRC (Governance, Risk, and Compliance) within a technology environment.
Computer literacy (with focus on PowerPoint and Excel).

PREFERRED

Bachelor's degree in computer science, Information Security, Compliance, or a related field
genuine passion for cyber security and a strong desire to learn and develop in the field.
Excellent problem-solving skills and the ability to think critically under pressure.
Hands-on experience supporting compliance assessments, such as by gathering evidence, tracking findings, or helping to prepare reports on control effectiveness.
Experience contributing to security risk management activities, such as helping to identify threats, assess potential impacts, and document risks in a risk register.
A relevant security certification is highly preferred (e.g. CISSP, CISM, CASP+, CRISC, GSEC. Etc)

Suitable Candidates should submit CVs in the first instance

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

Jobs

What Hiring Managers Look for First in Cyber Security Job Applications (UK Guide)

If you want to stand out in the highly competitive world of cyber security job applications, you need to understand what hiring managers look for before they even finish reading a CV. Cyber security hiring managers scan applications quickly and with specific priorities in mind. They assess not just your technical ability, but your judgement, professionalism, clarity, risk awareness and evidence of impact. This guide explains what hiring managers look for first in cyber security applications across roles like Security Analyst, Security Engineer, Penetration Tester, Incident Responder, Security Architect, Governance Risk and Compliance specialists and Cloud Security positions. Use this as a practical, step-by-step checklist to sharpen your CV, LinkedIn profile, cover letter and portfolio before you apply on www.cybersecurityjobs.tech .

Education

The Skills Gap in Cyber Security Jobs: What Universities Aren’t Teaching

Cyber security has become one of the most critical disciplines in the modern economy. From protecting financial systems and healthcare data to securing national infrastructure, cloud platforms and supply chains, cyber security professionals now sit at the frontline of digital trust. Demand for cyber security talent in the UK has surged. Job vacancies remain high, salaries continue to rise, and organisations across every sector report difficulty hiring skilled professionals. Yet despite this demand, many graduates struggle to break into cyber security roles and employers consistently report that candidates are not job-ready. The problem is not intelligence, ambition or academic effort. It is a persistent and widening skills gap between university education and real-world cyber security work. This article explores that gap in depth: what universities teach well, what they routinely miss, why the gap exists, what employers actually want, and how jobseekers can bridge the divide to build sustainable careers in cyber security.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.