Job Description

Cyber & Information Security Programme Manager - Contract
Location: Bishopsgate, London (Hybrid - 3 days onsite)
Contract Length: 6 months
IR35 Status: Outside IR35
Start Date: ASAP
Day Rate: Competitive

We are recruiting for a Cyber & Information Security Programme Manager to lead the delivery of security programmes for a major construction industry client. This role covers both on-premise information security and Microsoft Azure cloud security, with a strong emphasis on vendor and consultancy selection.

The successful candidate will bring a hands-on background in cyber security, deep knowledge of Microsoft's cloud security stack, and experience overseeing complex programmes from end to end.

About the Role

This is a strategic and delivery-focused role requiring a strong understanding of both technical and governance aspects of security. You will be responsible for evaluating and selecting third-party vendors and consultancies, ensuring the right partners are in place to support the organisation's security objectives.

You'll oversee the implementation of security controls across both cloud and on-prem environments, ensuring alignment with compliance frameworks such as ISO 27001 and GDPR.

Key Responsibilities:

• Lead and manage cyber and information security programmes across cloud and on-prem environments
• Evaluate and select third-party vendors and consultancies to support programme delivery
• Oversee implementation of Microsoft security tools and frameworks
• Ensure alignment with compliance, governance, and regulatory standards
• Collaborate with internal stakeholders across IT, operations, and risk functions
• Support secure-by-design principles and Zero Trust architecture

Tech Environment:

Cloud Security (Microsoft Azure): Microsoft Sentinel, Microsoft Defender (Cloud, Endpoint, Office 365), Microsoft Entra ID (Azure AD), Microsoft Purview, Microsoft Intune, Azure Security Centre

Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet), Intrusion Detection/Prevention Systems (IDS/IPS), Endpoint Protection Platforms (EPP), SIEM tools (on-prem or hybrid), Identity & Access Management (IAM), Patch management and vulnerability scanning tools, Data Loss Prevention (DLP) solutions

Candidate Profile:

Strong hands-on experience in cyber and information security

• Deep understanding of Microsoft Azure security architecture
• Experience managing vendor selection and consultancy engagement
• Proven track record of delivering security programmes end to end
• Excellent stakeholder management and communication skills
• Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer)