Cyber Assessment Framework Specialist

Cyber Assessment Framework Specialist - Bristol - Contract

Location: Bristol (Hybrid)

Rate: £300 - £400 per day (Umbrella)

Contract Length: 3 months

IR35 Status: Inside IR35

Role Overview

The Cyber Assessment Framework Specialist will lead the design, implementation, and continuous improvement of an enterprise Cyber Security Controls Framework. This role is governance-focused and does not involve operating security controls directly. Instead, you will act as the architect, custodian, and administrator of the framework, embedding it consistently across business units and ensuring it effectively supports organisational objectives.

You will play a key role in strengthening cyber resilience by improving visibility of control health, enabling risk- and resource-informed decision-making, and driving clear accountability across the full control life cycle. The role requires strong collaboration skills to break down organisational siloes and align integrated business processes.

Key Responsibilities

• Design, implement, and maintain an enterprise Cyber Security Controls Framework aligned to business strategy and regulatory requirements
• Act as the central governance authority for the cyber control framework, ensuring consistency, clarity, and effectiveness across business units
• Embed the framework across the organisation through clear ownership models, accountability structures, and aligned governance processes
• Apply design thinking and systems thinking approaches to improve control visibility, usability, and sustainability
• Establish mechanisms to monitor, assess, and report on control health, maturity, and effectiveness
• Enable informed decision-making by providing transparent insight into cyber risk, control gaps, and resource prioritisation
• Facilitate collaboration between security, risk, technology, and business stakeholders to reduce organisational siloes
• Support internal and external audit and assurance activities related to cyber governance
• Drive continuous improvement of governance processes based on feedback, performance data, and evolving threat landscapes

Skills & Experience Required

Essential:

• Proven experience in cyber security governance, risk, and control frameworks (eg NIST, ISO 27001, CIS, COBIT)
• Strong experience with cyber assessment frameworks and control life cycle management
• Experience operating within large, complex, or regulated enterprise environments
• Ability to influence and engage senior stakeholders without direct authority
• Strong analytical capability, translating technical risk into business-focused insights
• Excellent communication, facilitation, and stakeholder management skills

Randstad Technologies is acting as an Employment Business in relation to this vacancy.