Project manager/ Business Analyst - 9 months contract -...

Project manager/ Business Analyst

Up to £600 per day - Inside IR35

9 months contract - Fully Remote

We are looking for a Cyber Security Project Manager / Business Analyst to lead and coordinate multiple security workstreams across risk, controls, and engineering domains.

This role will focus on driving delivery across control framework alignment (NIST), KRI measurement, and security tooling implementation, ensuring clear governance, stakeholder alignment, and measurable risk reduction.

Key Responsibilities

Project Delivery & Governance

• Lead end-to-end delivery of cyber security initiatives across control, risk, and engineering workstreams

• Define project scope, timelines, deliverables, and success metrics

• Establish and maintain strong governance, reporting, and documentation standards

• Track progress against milestones, risks, and dependencies

Business Analysis & Requirements

• Conduct gap analysis across existing controls vs. target frameworks (e.g. NIST, internal/Tier 1-aligned standards)

• Translate business and regulatory requirements into clear technical and operational deliverables

• Define and document requirements for control implementation, tooling, and process improvements

• Work closely with SMEs across risk, security engineering, and infrastructure

Risk, Controls & KRI Alignment

• Support alignment of security controls to Key Risk Indicators (KRIs) and enterprise risk frameworks

• Measure and report on control effectiveness against defined risk indicators

• Help prioritise remediation efforts based on risk exposure and business impact

• Ensure initiatives drive sustainable and auditable improvements in security posture

Stakeholder Management

• Engage senior stakeholders across security, IT, and the business

• Act as the central coordination point between risk, engineering, and governance teams

• Facilitate workshops, drive decision-making, and remove delivery blockers

• Present clear, commercially focused updates to leadership

Delivery Across Key Security Domains

• Support programmes across:

  • Control framework adoption (NIST / internal standards)

  • Microsoft Security stack (Defender, E5, CSPM tooling)

  • Network security initiatives (NTA, NetSec reviews, detection improvements)

• Ensure alignment between technical implementation and risk/compliance objectives

Key Experience

• Proven experience as a Project Manager and/or Business Analyst within Cyber Security programmes

• Strong understanding of cyber security frameworks (NIST ideally)

• Experience delivering control framework alignment and gap remediation programmes

• Background in risk, governance, and KRI-driven environments

• Experience working across security engineering, infrastructure, and risk teams

• Strong documentation, requirements gathering, and stakeholder management skills

• Ability to translate complex security concepts into clear delivery plans and outcomes

Desirable

• Experience within financial services or regulated environments

• Exposure to Microsoft security ecosystem (Defender, M365 E5)

• Understanding of network security concepts (NTA, traffic analysis, NetSec controls)

• Familiarity with audit, compliance, and regulatory requirements