Enterprise organisation Hybrid working arrangements AO7 contract role to the end of the year We are seeking an experienced Cyber Security Specialist to join a large enterprise organisation. This role sits within an established Information Security Governance, Risk & Compliance (GRC) team, providing specialist security advice, governance and risk management expertise across a diverse portfolio of technology and business initiatives. Working closely with technical teams, project delivery teams and business stakeholders, you will help strengthen the organisation's cyber security posture by delivering practical, risk-based security guidance aligned to industry best practice. Key Responsibilities Provide expert information security advice, guidance and recommendations aligned with recognised security frameworks and best practices. Review project and technical documentation, including solution designs, technical specifications, implementation plans and control documentation from a governance and risk perspective. Conduct security risk and threat assessments, identifying vulnerabilities, control gaps and practical mitigation strategies. Translate complex business and technical requirements into clear, actionable security recommendations. Partner with business and technology stakeholders throughout the project lifecycle to embed security into solution delivery. Support governance, risk management, reporting and continuous improvement activities within the Information Security function. Contribute to the ongoing development of cyber security capability, policies, standards and governance processes. Collaborate across multiple business units to improve organisational security outcomes. About You You will be an experienced cyber security professional with strong Governance, Risk & Compliance (GRC) capability and the ability to engage confidently with both technical and non-technical stakeholders. You will ideally bring: 5 years' experience in cyber security, information security or security architecture. Experience working in Governance, Risk & Compliance (GRC) functions within large, complex enterprise environments. Strong understanding of information security frameworks such as ISO 27001, ASD Essential Eight, ASD ISM, NIST Cybersecurity Framework, PCI DSS and similar standards. Experience performing security risk assessments and providing security assurance across technology projects. Demonstrated experience developing or improving Information Security Management Systems (ISMS), policies, standards and governance frameworks. Excellent stakeholder engagement, communication and relationship management skills. The ability to provide pragmatic, risk-based security advice that balances business objectives with security requirements. Apply Now