Cyber Assessment Framework Specialist

Job Description Cyber Assessment Framework Specialist - Bristol - Contract Location: Bristol (Hybrid)Rate: 300 - 400 per day (Umbrella)Contract Length: 3 MonthsIR35 Status: Inside IR35Role OverviewThe Cyber Assessment Framework Specialist will lead the design, implementation, and continuous improvement of an enterprise Cyber Security Controls Framework. This role is governance-focused and does not involve operating security controls directly. Instead, you will act as the architect, custodian, and administrator of the framework, embedding it consistently across business units and ensuring it effectively supports organisational objectives.You will play a key role in strengthening cyber resilience by improving visibility of control health, enabling risk- and resource-informed decision-making, and driving clear accountability across the full control lifecycle. The role requires strong collaboration skills to break down organisational siloes and align integrated business processes.Key ResponsibilitiesDesign, implement, and maintain an enterprise Cyber Security Controls Framework aligned to business strategy and regulatory requirementsAct as the central governance authority for the cyber control framework, ensuring consistency, clarity, and effectiveness across business unitsEmbed the framework across the organisation through clear ownership models, accountability structures, and aligned governance processesApply design thinking and systems thinking approaches to improve control visibility, usability, and sustainabilityEstablish mechanisms to monitor, assess, and report on control health, maturity, and effectivenessEnable informed decision-making by providing transparent insight into cyber risk, control gaps, and resource prioritisationFacilitate collaboration between security, risk, technology, and business stakeholders to reduce organisational siloesSupport internal and external audit and assurance activities related to cyber governanceDrive continuous improvement of governance processes based on feedback, performance data, and evolving threat landscapesSkills & Experience RequiredEssential:Proven experience in cyber security governance, risk, and control frameworks (e.g. NIST, ISO 27001, CIS, COBIT)Strong experience with cyber assessment frameworks and control lifecycle managementExperience operating within large, complex, or regulated enterprise environmentsAbility to influence and engage senior stakeholders without direct authorityStrong analytical capability, translating technical risk into business-focused insightsExcellent communication, facilitation, and stakeholder management skillsRandstad Technologies is acting as an Employment Business in relation to this vacancy.JBRP1_UKTJ

Created: 2026-01-05