Intermediate Cyber Security Consultant

About

Our client is looking for an Intermediate Cyber Security Consultant to provide cyber security advisory and implementation support within a regulated insurance environment. The role is offered on a 12-month contract with Onsite working model and requires a consultant with strong governance, risk, and compliance (GRC) foundations, as well as practical cloud security experience.

Contract Details

• Contract Duration: 12 months
• Working Model: Onsite

Key Responsibilities

• Support the implementation, maintenance, and continuous improvement of the Information Security Management System (ISMS) in alignment with ISO/IEC 27001 standards
• Conduct cyber security risk assessments and gap analyses, identifying control weaknesses and recommending remediation actions
• Provide security oversight and advisory support for Azure cloud environments, including identity and access management, network security controls, logging, and monitoring
• Assist with the development, review, and enforcement of information security policies, standards, procedures, and guidelines
• Support regulatory and compliance requirements relevant to the insurance industry, including internal and external audits
• Participate in incident response activities, including investigation, root cause analysis, and post-incident reporting
• Collaborate with IT, risk, compliance, and business stakeholders to ensure security controls are embedded into systems and processes
• Support vendor and third-party risk assessments and security reviews

Key Deliverables

• ISO 27001-aligned security documentation, including policies, standards, procedures, and control evidence
• Cyber security risk assessment reports and remediation plans
• Cloud security assessment findings and recommendations for Azure environments
• Audit support artefacts and compliance evidence packs
• Incident response reports and lessons-learned documentation
• Regular cyber security status reports and risk updates to key stakeholders

Mandatory Skills & Experience

• +4 years expeirence as Cyber Security Engineer
• ISO/IEC 27000 series experience(non-negotiable)
• Microsoft Azure certifications (non-negotiable)
• Previous cyber security experience in an insurance or financial services environment
• Strong foundational cyber security experience across governance, risk, compliance, incident management, and security controls