Your new company
A well-known technology organisation offers almost fully remote working to an Interim IT Security Policy Writer for 3-6 months- flexible locations, but occasional meetings will be required in Reading or London.

Your new role

• Policy Creation & Management: Develop, publish, and maintain security policies, standards, and guidelines in a consistent, AI-friendly, metadata-driven policy format. Translate complex security and regulatory requirements into clear, concise, and structured documentation suitable for both humans and AI models. Ensure all documentation is version-controlled, accessible, and aligned to enterprise governance frameworks.
• ISO & Cybersecurity Alignment: Ensure policies map to and support compliance with: ISO 27001, ISO 27701, ISO 22301, ISO 31000, Cyber Essentials / CE+, NIST Cybersecurity Framework (CSF). Conduct gap analyses against new or updated standards and lead remediation activity.
• Audit & Assurance: Support internal and external audit activities related to policy and governance. Provide evidence, documentation mapping, and subject matter insight as required. Track non-conformities and corrective actions, ensuring timely closure.
• AI-Ready Documentation & Structure: Write policies using structured templates, taxonomies, tagging structures, and semantic headings optimised for AI policy ingestion.
• Cross-Functional Collaboration: Across several diverse teams within the business.
• Continuous Improvement

What you’ll need to succeed

• Demonstrable experience writing policies, standards, or governance documentation for ISO 27001, 27701, 22301, NIST, or similar frameworks.
• Ability to write clear, structured, unambiguous content designed for both human and AI consumption.
• Strong knowledge of cybersecurity principles, frameworks, and best practices.
• Experience of policy lifecycle management, governance workflows, and document control.
• Strong understanding of enterprise risk management, control design, and assurance principles.
• Excellent written communication skills with exceptional accuracy and attention to detail.
• Skilled in MS Word, Excel, and other documentation tooling (e.g., SharePoint, Confluence, GRC platforms).
• Experience working in complex business environments with minimal supervision

What you’ll get in return
3 month assignment initially - very likely to extend to 6 months.
Mostly remote work - with occasional meetings required in Reading or London.
Day rate £500-550 per day in scope of IR35 and via an umbrella company.

What you need to do now
If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.
If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Risk Manager - Contract
450- 500 per day (Inside IR35)
6 month contract
Leeds - 2 days per week on site/ Remote

Our client, a leading Managed Service Provider, is seeking an experienced Risk Manager to support operational, delivery, and technology risk activities across a complex environment. This role will play a key part in strengthening governance, improving risk visibility, and ensuring effective controls are in place across the organisation.

Key Responsibilities
Manage operational, delivery, and technology risk across multiple workstreams
Support the development and maintenance of risk frameworks, controls, and reporting
Work closely with technical and delivery teams to identify, assess, and mitigate risks
Provide clear risk insights and recommendations to senior stakeholders
Contribute to continuous improvement of risk processes and governance

Skills & Experience
Strong background in risk management within technology focused or managed service environments
Experience across operational, delivery, and technology risk
Cloud knowledge: AWS / Azure
Excellent communication and stakeholder management skills
Strong analytical mindset with the ability to interpret and present risk data

Additional Information
A financial background check will be required as part of onboarding

ECS Resource Group are an Equal Opportunity Employer, for more information please click the following link: (url removed) In accordance with the Equality Act 2010, if you require an alternative form of application please click the following link: Flexible Application Process - (url removed)/work/flexible-application-process

Oxfordshire
£400 per day | Inside IR35
Hybrid - strong on-site presence required

We are supporting a public sector organisation in Oxfordshire to appoint an experienced Information Risk Assurer to strengthen information assurance, accreditation and secure-by-design practices across ICT services.

This is a delivery-focused role, working closely with architects, project teams and suppliers to ensure systems, services and data meet national, legal and local security requirements.

Key responsibilities

• Develop and update Information Assurance processes, policies and local standards
• Review system and solution designs to ensure secure-by-design principles are applied
• Identify information security risks and provide proportionate mitigation recommendations
• Produce clear security guidance for users and delivery teams
• Advise on security requirements for new and existing IT systems, including cloud services
• Review third-party security questionnaires and assess supplier suitability during onboarding
• Support accreditation activity through security documentation, risk assessments and assurance artefacts

Experience required

• Proven experience in Information Assurance or Information Security within a complex environment
• Strong understanding of information risk management and secure system design
• Experience assessing technical designs and third-party security controls
• Knowledge of relevant government or policing security standards and frameworks
• Ability to communicate security requirements to technical and non-technical stakeholders
• Public sector or policing experience is highly desirable.

Contract details

• Rate: £400 per day
• Status: Inside IR35

Vetting

• Candidates must hold or be eligible for NPPV3 and SC clearance

This role suits an Information Assurance professional who can provide pragmatic, credible security advice while supporting operational delivery in a public sector environment.

Job Title: Resilience Vulnerability Management Lead
Contract Length: 10 months (initial)
Location: Sheffield Hybrid
Sector: Financial Services
IR35 Status: Inside IR35

Overview

We are working with a leading financial services organisation to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This role is critical to supporting the organisations Operational Resilience and Vulnerability Management objectives, ensuring Important Business Services (IBS) are resilient, well-governed, and compliant with internal standards and regulatory expectations.

You will work in a hybrid model from Sheffield, collaborating closely with IT Service Owners, Service Sustainability Leads, and senior stakeholders across technology and the business.

Key ResponsibilitiesResilience Assessment (TRVA)

• Lead resilience assessments (TRVA) for multiple IBS applications across front-office and back-office environments
• Ensure alignment with internal operational resilience standards
• Review architecture documents and application artefacts, leveraging data from enterprise platforms
• Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings
• Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities
• Drive timely sign-off of assessments by all required stakeholders
• Consolidate findings into clear, comprehensive reports with actionable remediation recommendations
• Raise identified vulnerabilities in line with governance requirements
• Contribute to executive-level summaries and participate in stakeholder presentations

Vulnerability Management

• Manage the end-to-end vulnerability lifecycle, including:

  • Creation and approval
  • Tolerance assessments
  • Progress tracking and reporting
  • Remediation and closure governance
  • Closure pack preparation, QA, approval, and final closure

• Conduct control reviews outside standard assessments and raise vulnerabilities where required

• Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans

• Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details

• Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date

• Support other Lines of Business with tolerance assessments for MSS-owned applications

• Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes

• Ensure remediation actions are accurately reflected in golden source systems

• Prepare high-quality closure packs with supporting evidence

• Produce Risk & Control Management Meeting packs and stakeholder reports

• Represent the team in governance forums when required

• Contribute inputs to consolidated CIB-level reporting

• Participate in vulnerability portal feature testing, providing feedback and backlog requirements

• Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums

Qualifications & Experience

• Bachelors degree in IT, Computer Science, or a related discipline (or equivalent professional experience)

• Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution

• Strong understanding of:

  • Operational resilience frameworks
  • Vulnerability lifecycle management
  • Regulatory and governance requirements

• Demonstrated ability to manage complex assessments across multiple applications and stakeholders

Key Capabilities

• Strong analytical and problem-solving skills
• Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences
• High attention to detail and strong commitment to quality
• Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment
• Confident stakeholder manager with experience driving cross-functional outcomes

Whats on Offer

• Competitive inside IR35 day rate
• Long initial contract (10 months) with potential extension
• Hybrid working model in Sheffield
• Opportunity to play a key role in strengthening operational resilience within a major financial services organisation

If you are an experienced Resilience or Vulnerability Management Lead looking for your next contract role, wed be keen to hear from you.

6 months
Remote
700 per day inside IR35 - Umbrella only
Active SC clearance required

Role overview:
Risk Management is anticipating, mitigating, and managing bid, contract and operations risks in every phase of the contract lifecycle, being focused on early detection and being ready to intervene. This is avoiding and minimizing slippages and/or failures in contract execution and delivery to protect the objectives of the business, notably its profitability.
The Risk Manager monitors contract performance and carries out risk assessment within a limited portfolio or local market. You will apply the applicable risk management processes, tools and methods. He/She is advising bid, contract and operation teams on good risk management practices and risk identification, evaluation and mitigation. He/She is advising teams on the treatment of major risks and issues, is supporting in mitigating and remedying these and is escalating major risks and issues to relevant management levels.

Main Tasks & Responsibilities - Methodology

• Makes recommendations to the development of the Group’s Risk Management methodology in conjunction with Group Risk Management.
• Deploy and ensure the execution of, and adherence to, the Rainbow Delivery process within a limited portfolio or local market as the means to monitor and steer contract performance, by global usage of the transversal tool (PARMA RDD), including
• Appropriate monthly status reporting in Rainbow Delivery Dashboards (RDD), in a comprehensive and meaningful default structure, providing update status information on the material contracts
• Regular analysis of the RDD, identifying new and upcoming issues, and aligning appropriate mitigations and corrective actions in Contract Performance Calls, and upfront escalation as required
• Responsibility and ownership for the quality and appropriateness of Risk and Contract reviews, providing conclusions and recommendations.
• Following up on Action assigned in Contract reviews, safeguarding not only their execution, but also their effectiveness.
• From time to time, identifying common root causes and issues, and implementing Lessons Learned across the Account and related Operations
• Supporting the execution of specific risk management activities, as summarized in the Key Principles of Risk and Issue Management, assessing the process compliance, efficiency and effectiveness of individual bid, contract or operation teams.
• Ensure the management and reporting of material risks, issues, assumptions and dependencies in the transversal tool globally (MyRisks), for bids, contracts and operations.
• Analyze and report both the efficiency and the effectiveness of risk management in the accounts through appropriate KPI

Change

• Provide training on contract monitoring and risk management for the benefit of staff and management.
• Promote and share good risk management practices across bids, contracts and operation teams within local market
• Coach and guide bid, contract and delivery teams in the application of the Rainbow Delivery process and the risk management methodologies.

Business

• Perform independent reviews on selected bids and contracts, depending on their risk profile.
• Challenge management assumptions, risks and mitigations in order to arrive at optimum assessments; also safeguarding that management assessment of business risks is not affected by the seeming attractiveness of the business case - i.e. prevent tunnel vision.
• Communicate regularly to responsible business managers on the risk status (validation and mitigation) in material bids, contracts and operations.
• Maintain an independent overview of risks to help contract and account executives prevent these and/or mitigate the occurrence.
• Monitoring of the performance of contracts and escalation of minor or moderate issues and deviations to local management.
• Advise bid, contract and delivery teams on actions required to limit the risk exposure.

Contract

Glasgow | Hybrid

We’re looking for a Policy Specialist to shape, develop and continuously improve people policies and guidance across the organisation. You’ll design policy content, manage knowledge resources, and act as a subject matter expert for policy queries, ensuring everything stays aligned with legislation, business needs and our people strategy.

Responsibilities of the Policy Specialist:

• Develop and update people policies, guidance and knowledge content
• Lead or support working groups on policy and contractual change
• Act as the first point of contact for policy queries and exceptions
• Maintain policy documents, contracts and the wider policy framework
• Carry out policy impact assessments, guidance reviews and letter drafting
• Keep knowledge articles accurate, clear and up to date
• Drive continuous improvement across all people policy areas

The successful Policy Specialist will have:

• Experience in a HR generalist role, ideally with policy development exposure
• Strong understanding of employment legislation and how to apply it
• Ability to interpret data and draw insights to support recommendations
• Solid grasp of HR processes and how policy underpins them
• Great organisation, communication and stakeholder management skills
• Proactive approach to research, learning and problem-solving

To apply for the Policy Specialist, please send your CV to (see below)

Project People is acting as an Employment Business in relation to this vacancy.

Job Description and Key Responsibilities

Scope

• Provide evidence-based assurance that our procedures are compliant, effective, and aligned with industry best practise.
• Lead improvement activities where procedures fall short, prioritising actions based on perceived risk.
• Engage collaboratively with customers, CAMO, technical, production, and maintenance teams to ensure compliance and continuous improvement.

Role and Responsibilities

• Act as a focal point for clarifying all procedural / regulatory issues
• Provide advice and guidance on applying the Operating System (OS) and resolving conflicting requirements within the OS
• Perform impact analysis of change to business procedures and regulatory requirements
• Determine best practice based on other industries and the aerospace sector
• Lead the generation / publication of new procedures and improvements to existing procedures (Core Instructions and Departmental Instructions) using structured techniques to satisfy the business and regulatory requirements, engaging with subject matter experts / users
• Generate and deliver communication briefs to improve understanding of the intent to improve compliance to process
• Perform the role of audit guide for internal / external audits
• Perform departmental procedure review audits (First Line of Defence)
• Determine the root cause and drive the implementation of robust containment and corrective plan of any findings
• Produce measures of our compliance and track the status of agreed actions

Training and Education

• Educated to HNC level and/or possess experience in relevant discipline
• Comprehensive understanding of the regulatory requirements, their intent and how they are applied in an aviation environment
• Able to write clear and concise procures
• Experience of performing and managing audits
• Excellent team working skills and the ability to facilitate cross functional teams
• Good business awareness and product knowledge
• Effective problem solving skills
• Good knowledge of the CIETP and Microsoft applications
• Able to navigate the Operating System (OS)

Please apply or get in contact at / 01935403203

Harvey Nash is now inviting candidates to apply for the role of Records Officer, an initial 6-month contract for a public sector client in Aberdeen.

• Hybrid role, work form home and an office in Aberdeen.
• Inside of IR35 / Umbrella.
• 125 - 150 a day.
• Full time hours - Monday to Friday.

Your main responsibilities would be:

• To provide strategic, tactical and operational advice and guidance on information and records management issues including Freedom of Information (FOI) requests.
• To manage and where applicable, develop procedures to receive and monitor Data Subject Access Request (DSAR) and Freedom of Information (FOI) requests.
• To keep abreast of records management, freedom of information, data protection, and information security legislation and best practice.
• To assist in organising and managing information governance and records management, ensuring the efficient and effective planning and delivery of services in order to support the achievement of objectives.
• To ensure that all information and records management systems and processes supports and can deliver upon the PRSA, Freedom of Information (Scotland) Act 2002, Data Protection Act 2018 (DPA) and UK General Data Protection Regulation (GDPR).

Ideal Experience:

• Knowledge and experience of information and records management systems, standards and processes.
• Knowledge of archival systems with particular focus on those records identified as needing permanent retention in an e-record environment.
• Knowledge of records preservation and conservation practices.
• Practical knowledge of legislation governing information and records; Public Records (Scotland) Act 2011, Data Protection Act 2018 and GDPR, Freedom of Information (Scotland) Act 2002 and all their implications.
• Experience of working within a public sector organisation.

Please submit your CV for consideration.

Job title: Risk Data Business Analyst

Location: London/Hybrid

Duration: 6 months initially

We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

The role:

This Risk Data Business Analyst is an important role as part of the EMEA Division’s BCBS239 Programme. The ideal candidate will have knowledge of data management, BCBS239 (Data Governance) as well as good general Risk management knowledge.

Responsibilities:

• Responsible for data governance implementation across the Risk domains in line with BCBS239 requirements.
• Accountable for the data definition, lineage and governance aspects ‘end to end’ for prioritised Use Cases
• Responsible for monitoring changes to business data requirements and ensuring that change and release management activities are executed for the data domains
• Knowledge of Business Analysis & Project Management tools, techniques, artefacts, and methodologies, including running complex workshops and eliciting scope and detailed requirements; working with stakeholders across multiple teams and areas in the business; producing the full suite of BA detailed documentation such as Terms of reference, Requirements Documentation, Requirements traceability matrices and Target Operating Models.
• Contributes to the firm’s objective of meeting industry regulatory expectations with respect to the data governance program as well as establishing processes that generate accurate, complete, timely and reliable data
• Work with stakeholders across the Division on the development and implementation of data standards and adoption requirements for EMEA Data
• Collaborates with business, compliance, technology, and other groups to ensure that data related business requirements are clearly defined and communicated as part of initiative prioritisation and planning
• Support the investigation of Data Quality Issues, development of remediation plans and recommendations to fix at source

Requirements:

• Solid knowledge and expertise in the use of data governance, data quality, metadata, profiling, analysis, and data management tools.
• Has a detailed working knowledge of data programs in a Tier 1 / Tier 2 bank
• Understands complicated data structures and calculations required for Risk
• Understanding of the Risk and Finance Data Domain as well as knowledge of data governance practices, business and technology issues related to management of enterprise data and data related regulatory requirements
• Strong stakeholder engagement skills to communicate and achieve buy-in from stakeholders across EMEA
• Analytically minded with experience in problem solving and being able to implement and deliver solutions.
• Proficient in Microsoft Excel, Visio, and PowerPoint supporting Business Process Modelling
• Proven ability to be a team player, while retaining the ability to work independently with little supervision.
• Confident manner and strong presentation skills
• Educated to degree level in any subject or relevant industry experience, preferably in a quantitative discipline
• Exposure to Collibra and other data governance tools

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven’t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.

Adecco is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone’s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

Cyber Security Auditor / Information Security Auditor - £500 per day - Inside IR35 - Hybrid working from Gloucester - 6 months initial contract - Priority will be given to candidates with active or recently lapsed SC clearance. Applicants must be eligible to obtain SC clearance.

Our client, one of the biggest producers of ZERO CARBON energy in the UK, is seeking a highly skilled Cyber Security Auditor / Information Security Auditor to join their Nuclear Services Information Security team. This role is critical in supporting the company’s information security objectives, ensuring regulatory compliance, and managing the security risks associated with third-party access to sensitive nuclear information.

You will play a central role in delivering assurance activities, performing audits, and providing expert guidance to internal teams and external partners. This position requires strong attention to detail, excellent communication skills, and the ability to navigate complex security frameworks in a regulated environment.

Key Responsibilities:

• Promote information security policies and practices across staff, contractors, and third parties to maintain regulatory compliance and foster an informed workforce.
• Act as a Subject Matter Expert to ensure robust cyber security measures are integrated into third-party agreements.
• Conduct thorough third-party cyber security assessments during onboarding and renewals, identifying risks accurately and consistently.
• Produce reports and dashboards to support informed decision-making.
• Lead initiatives to implement automation and tools that enhance efficiency.
• Investigate, coordinate, and report security findings, ensuring effective follow-up and resolution.
• Support the development of strategies to mitigate information security risks and maintain accredited systems.
• Maintain up-to-date awareness of security threats and technologies to guide appropriate controls.
• Perform formal information security audits and review systems and networks for potential vulnerabilities.

What We’re Looking For:

• Good working knowledge of international standards and frameworks (ISO27001, ISO27017, GDPR, Cyber Essentials Plus).
• Experience in auditing or assurance activities within regulated sectors.
• Familiarity with HMG Security Policy Framework and NCSC/CPNI guidance.
• Understanding of information security threats, risks, and risk assessment methodologies (ISO27005, NIST, IRAM2).
• Excellent written and oral communication skills, with the ability to translate complex findings to non-security audiences.
• Strong problem-solving skills, tenacity, and a willingness to learn and develop professionally.

Key Competencies:

• Championing Change & Improvement
• Managing Relationships
• Communicating with Influence
• Role Modelling the Way
• Emotional Resilience

Additional Information:

This role will involve national travel (UK only).

If you are passionate about cyber security, thrive in a regulated environment, and want to contribute to the safe management of critical nuclear information, we want to hear from you.

6 month contract

Coventry based

Hybrid working

Our client is looking for an experienced QRM Analyst with a strong Treasury/Finance background in Retail Banking. You’ll support BAU activities, manage key stakeholders, and ensure data within QRM is fully reconciled to core systems. The role also involves driving BAU process improvements, delivering QRM enhancements, and supporting data integration initiatives.

You’ll work on identified QRM development items, including GL data integration, production of market risk and group run-off reports, and supporting group FTP forecasting. You will also assist with integrating forecasting into QRM and producing MI covering risk metrics and forecast KPIs.

Skills & Experience:

• Treasury/Finance experience within Retail Banking
• Extensive hands-on QRM expertise
• Strong history of QRM development and model implementation

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.

Cyber Security Policy & Procedure Specialist for a major Offshore Wind Project based in Poland

Responsibilities

• Ensuring alignment of IT and OT cybersecurity governance, including defined roles, responsibilities, and escalation paths
• Defining security interfaces and responsibility boundaries between asset owners/operators, the TSO, external stakeholders, vendors, service providers, and system integrators
• Translatee regulatory and legal requirements into practical, auditable cybersecurity governance documentation
• Ensuring traceability between legal and regulatory requirements, security policies, and implemented controls
• Supporting vendor contracting processes related to Service Agreements in the areas of Cyber Security, IT, and OT
• Work independently and interface with legal, IT, OT, and operational stakeholders

Requirements

• Proven experience delivering cyber security policies and procedures in regulated environments.
• Hands-on experience with NIS2 and European critical infrastructure regulation.
• Familiarity with Polish cyber security legislation and regulatory expectations.
• Strong understanding of IT and OT cyber security, including industrial control systems.

Full-Time 45,000- 55,000 DOE Hybrid Working On-Site Parking
We’re supporting a highly respected organisation in recruiting an experienced Compliance Manager to join their team on an initial 3 month temporary contract, with a potential extension and opportunities for permanent roles within the business.
This is a fantastic opportunity for a compliance professional who enjoys shaping frameworks, managing regulatory relationships, and influencing senior leadership in a regulated environment.

The Role
As Compliance Manager, you’ll lead the organisation’s compliance strategy, ensuring full adherence to relevant legislation, standards, and internal policies. You will oversee risk assessments, audits, investigations, and stakeholder relationships, while providing trusted advice to senior leaders.
Key Responsibilities
Compliance Framework, Oversight & Deployment
Develop, implement, and manage the organisation’s compliance programme.
Conduct risk assessments and maintain an effective risk and compliance framework.
Maintain and update all compliance and risk policies.
Manage internal and external audit processes.
Ensure accurate reporting and recording of compliance breaches to regulatory bodies.
Advise the CEO and SMT on compliance systems, improvements, and risk mitigation.
Lead corrective actions following audits and investigations.
Manage and develop investigation procedures; report material breaches promptly.
Ensure all required documentation is submitted to regulators.
Monitor and maintain fraud prevention safeguards.
Maintain centralised compliance reporting systems.
Provide guidance on compliance risks, corrective actions, and policy improvements.
Act as the primary point of contact for regulatory bodies.
Assist with responses to regulatory enquiries.
Deliver effective training on compliance and risk.
Stay up-to-date with relevant regulations including GDPR, anti-bribery, conflicts of interest, and more.
Communicate regulatory changes across the organisation.
Stakeholder & Relationship Management
Manage day to day relationships with regulatory bodies and Internal Audit.
Ensure suppliers meet compliance expectations.
Team Leadership
Lead and support the Compliance team to deliver high quality results.

Person Specification
Essential
Knowledge & Experience
Strong IT skills.
Deep understanding of ISO 9001.
Knowledge of GDPR and data protection legislation.
Experience in regulated environments.
Previous compliance monitoring and complaint-handling experience.
Degree-level education (preferred).
Behaviours & Skills
Excellent communication and leadership abilities.
Ability to influence senior stakeholders.
Discreet, tactful, and able to handle confidential matters.
Strong commercial judgement with an ability to balance business and compliance risks.
Highly organised, calm under pressure, and proactive.
Professional, resilient, and solution focused.
Desirable
Experience in the oil & gas sector safety standards.
Knowledge of ISO 17024.
Proficiency in Excel, Word, and database systems.

What’s on Offer
45,000- 55,000 DOE salary
Hybrid working
On-site parking
Initial 3 month contract
Opportunity to lead a key organisational function with senior-level visibility

Search is an equal opportunities recruiter and we welcome applications from all suitably skilled or qualified applicants, regardless of their race, sex, disability, religion/beliefs, sexual orientation or age

Outside IR35
Hybrid Working

Our client is about to kick off a series of data transformation projects inline with the implementation of a new data strategy.

They are now looking to appoint an experienced Information Governance Officer who will have key responsibility for designing and implementing robust IG standards that will enable the planned data strategy and directly support delivery priorities.

Key Responsibilities

• Creating, designing, and maintaining end-to-end data flows for the organisation’s data ecosystem, clearly documenting how data is collected, processed, stored, shared and disposed of.
• Mapping data relationships across systems, products, and organisations to identify ownership, accountability, risks, and control points.
• Using data flow mapping to advise on the most appropriate Information Governance frameworks, controls, and operating models for complex, multi-system environments.
• Providing expert advice on Information Governance requirements for data projects, including data protection and privacy & Records Management.
• Working closely with Data Protection Officers, Information Governance teams, Legal, IT, and Security colleagues within partner organisations.

Key Skills Required

• Demonstrable track record of Information Governance, including data protection, records management, and data lifecycle management.
• Ability to deliver complex data or information-led projects.
• Strong understanding of IG requirements within data platforms, analytics, and digital transformation projects.
• Experience of working across multi-partner environments

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

QDC Subject Matter Expert - Hybrid

Must have an Active SC Clearance

An opportunity has arisen for a QDC Subject Matter Expert to support Defence and National Security programmes focused on Qualifying Defence Contracts and Single Source Contract Regulations. This role suits a specialist with strong post award contract management experience who understands the regulatory, commercial, and governance requirements of QDC and QSC delivery. The position offers hybrid working, with travel to Basingstoke and Bracknell as required.

About the Role - QDC Subject Matter Expert

• As a QDC Subject Matter Expert, you will provide specialist support across post award contract management, compliance, and risk management for QDC and QSC engagements.
• You will support contract administration, stakeholder engagement, and dispute resolution in line with SSRO regulations.
• The role involves working closely with commercial and delivery teams to ensure correct application of pricing, allowable costs, and statutory reporting.
• You will liaise with MOD commercial teams and the SSRO to ensure regulatory guidance is applied accurately and consistently.

What We’re Looking For - QDC Subject Matter Expert

• Strong knowledge of the Defence Reform Act 2014 and Single Source Contract Regulations 2014.
• Experience with contract pricing methods, allowable cost assessments, and risk and incentive mechanisms.
• Proven ability to manage statutory reporting and regulatory compliance for QDC and QSC contracts.
• Excellent communication and stakeholder management skills.
• Experience in contract negotiation and business risk management.
• Single UK national with active SC clearance and willingness to progress to higher clearance if required.

Support secure Defence delivery and provide trusted commercial expertise as a QDC Subject Matter Expert.

To apply, please send your CV by pressing the apply button.

Cyber Risk Analyst (Contract)

Location: London/Southeast - Hybrid / Remote working
Duration: 6+ months (12+ months programme of work)
Day Rate: Up to 600 a day DOE (Inside IR35)

Start date: ASAP.

Overview

We are seeking a skilled, proactive, and analytical Cyber Risk Analyst to support the Governance, Risk and Compliance (GRC) function of my client. You will be responsible for identifying, assessing, and helping to mitigate Cyber, Information Security, and OT security risks across the organisation.

You will work closely with IT, compliance, security assurance, and business stakeholders to ensure the organisation’s cyber risk posture aligns with regulatory requirements and recognised industry best practices.

Essential skills and Experience

• 3-5 years’ experience in an Information Security or Cyber Risk assessment role.
• Ability to clearly articulate Cyber Risk to both technical and non-technical audiences.
• Hands-on experience working with recognised Cyber Risk management frameworks and methodologies such as:

• ISO 27005
• Or other structured cyber risk quantification approaches

• Strong understanding of Information Security principles, Governance, and Risk Management practices.
• Proven experience maintaining compliance documentation aligned to industry standards, regulations, and legislative requirements, including but not limited to:

• NIS Directive - Cyber Assessment Framework (CAF)
• ISO/IEC 27001 and ISO/IEC 27002
• NIST Cybersecurity Framework (CSF) 2.0
• IEC 62443
• GDPR and the Data Protection Act

Desirable Skills

• Experience working in regulated or Critical National Infrastructure environments.
• Familiarity with OT and Industrial control system (ICS) security risk.
• Strong stakeholder engagement and communication skills.

The rate is dependent on skills and experience, and the contract is inside IR35.

For further information, please apply online and I will contact you to discuss the role in more detail.

Data Protection, Legal & Regulatory Compliance Manager - SC Cleared

We are seeking an experienced Data Protection, Legal & Regulatory Compliance Manager to provide oversight, governance and assurance across data protection, legal and regulatory compliance activities within a secure and complex delivery environment.

This role is responsible for ensuring that data handling, operational processes and delivery practices comply with relevant legal, regulatory and policy requirements.

Key Responsibilities

• Provide oversight and assurance of data protection compliance, including GDPR and UK data protection legislation
• Define and maintain compliance frameworks, policies and controls aligned to legal and regulatory obligations
• Act as a senior point of contact for data protection, legal and regulatory compliance matters
• Support the identification, assessment and management of compliance risks and issues
• Provide guidance on lawful data use, information governance and data sharing arrangements
• Engage with internal teams, partners and suppliers to ensure consistent compliance standards are applied

Skills & Experience

• Active SC Clearance or above
• Proven experience in data protection, legal compliance or regulatory compliance roles
• Strong understanding of UK data protection legislation (including GDPR) and information governance principles
• Experience operating in complex, regulated or safety-critical environments
• Ability to translate legal and regulatory requirements into practical, delivery-focused guidance
• Experience developing and maintaining compliance frameworks, policies and assurance processes

Job Title: Senior Business Analyst - Transaction Monitoring

Location: London

Contract Type: Fixed Term Contract
Contract Length: 6 Months (Potential to extend up to 2 years)
Working Pattern: Full Time

About Us:
Our client is a leading organisation in the Financial Services sector, dedicated to delivering innovative solutions to meet evolving regulatory standards and business needs. We are currently seeking a Senior Business Analyst specialising in Transaction Monitoring to join our dynamic team.

Role Overview:
As a Senior Business Analyst, you will play a critical role in assessing and responding to the changing needs of the business. Your primary responsibility will be to analyse the impacts of regulatory changes and effectively translate EMEA regulatory requirements into actionable business requirements. Your expertise will be pivotal in identifying areas of impact on the target operating model and providing solutions to mitigate any adverse effects.

Key Responsibilities:

• Collaborate with multi-disciplinary teams to communicate complex regulatory changes and their implications to stakeholders.
• Conduct gap analysis and document business requirements to support regulatory compliance and operational improvements.
• Lead the tracking and analysis of regulatory communications across EMEA, ensuring all associated systems and processes are aligned.
• utilise data modelling and analytical practises to formulate recommendations for strategic enhancements.
• Document workflow processes and ensure all changes are governed effectively, with clear timelines and accountability.
• Present findings and recommendations to senior management, facilitating informed decision-making regarding potential impacts on services and systems.
• Ensure the delivery of high-quality business requirement documents and regulatory technical specifications.
• Support the QA and testing processes, addressing any issues that arise during implementation.

Qualifications & Skills:

• Educated to degree level; professional BA qualifications are desirable.
• Extensive knowledge of financial services, banking products, and regulatory frameworks.
• Proven experience in delivering complex projects within the financial sector, particularly in regulatory change.
• Strong analytical skills and a keen ability to translate business and regulatory requirements into practical solutions.
• Exceptional communication skills, both written and verbal, with the ability to build strong relationships with stakeholders at all levels.
• Experience in Financial Crime Prevention, including knowledge of sanctions, AML, fraud prevention, and transformation programmes.
• Strong organisational skills, with the capability to manage multiple priorities and work under pressure.
• Ability to work collaboratively in teams, demonstrating flexibility and initiative in problem-solving.

Why Join Us?
This is an excellent opportunity to contribute to impactful projects within a supportive and professional environment. Our client is committed to fostering a culture of collaboration and innovation, providing you with the chance to enhance your skills and grow your career in the financial services industry.

Join us in making a difference in the financial services landscape!

Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.

We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

EPR Programme Information Governance Lead (Contract)

We are recruiting an EPR Programme Information Governance Lead to support a major NHS Electronic Patient Record (EPR) programme. This is a senior, hands-on role focused on ensuring Information Governance, Data Protection and GDPR compliance across the design, implementation and adoption of a large-scale clinical system.

You will act as the programme-level IG and Data Protection subject matter expert, working closely with senior stakeholders to embed data protection by design and by default throughout the EPR lifecycle.

Key Responsibilities:

• Lead Information Governance activity across EPR design, testing, implementation and adoption
• Own and deliver Data Protection Impact Assessments (DPIAs)
• Ensure compliance with UK GDPR, Data Protection Act 2018, DSPT, Caldicott Principles
• Provide expert advice on data sharing agreements, data processing contracts and IG policies
• Act as the primary contact for data protection matters within the EPR programme
• Liaise with regulators including the ICO where required
• Report IG risks and compliance to senior programme and board-level stakeholders
• Support and manage additional IG resources as needed

Essential Experience:

• Strong background in Information Governance or Data Protection within the NHS or healthcare
• Experience supporting EPR / EHR or large clinical system programmes
• Hands-on delivery of DPIAs and DSPT
• Excellent stakeholder management skills, including senior leadership engagement
• Deep knowledge of UK GDPR and healthcare information law

Contract Details:

• Contract role, hybrid working
• Initial 6 months
• Competitive day rate

Apply now if you are an experienced Information Governance Lead with proven NHS EPR programme experience.

Portfolio Analyst (Risk & Reporting)
Contract Length: Initial 6 months
Location: Remote, with occasional on-site meetings as required
Day Rate: From 500 (via umbrella)

About

We are working with a leading organisation in the Information Technology and Digital sector to recruit an experienced Portfolio Analyst to support a critical Cyber portfolio. This is a high-visibility role within a fast-paced environment, offering the opportunity to play a key part in portfolio risk management, reporting, and assurance activities.

The successful candidate will work closely with portfolio and delivery teams to provide clear, accurate reporting, support Cyber PCD governance, and help identify, track, and mitigate risks across a complex IT portfolio.

What You Will Do

• Support Cyber PCD reporting, with a strong focus on portfolio risk, issues, and dependencies
• Produce clear, concise portfolio reports and dashboards for senior stakeholders
• Identify, track, and support the mitigation of risks and issues across the portfolio
• Maintain and improve portfolio reporting processes, standards, and controls
• Work collaboratively with Portfolio, PMO, and delivery teams to ensure accurate and timely information
• Contribute to governance activities, reviews, and assurance processes

What We’re Looking For

• Proven experience as a Portfolio Analyst or PMO professional within an IT or Digital environment
• Strong experience in portfolio reporting, risk and issue management, and governance
• High attention to detail with the ability to analyse complex information and present it clearly
• Comfortable working with senior stakeholders and supporting decision-making through insight and reporting
• Experience within large, complex organisations; Utilities sector experience is desirable but not essential
• Experience using JIRA is also advantageous.

Why choose this role?

This role offers a varied and engaging workload within a well-established portfolio team, making it an excellent opportunity for a Portfolio Analyst looking to deepen their experience in risk-focused portfolio reporting within a major digital environment.

Is this of interest? If so, apply now with an up-to-date CV for consideration!

Note - if you do not hear back within 48 hours of applying, please assume you have been unsuccessful on this occasion, however, we will have your CV and contact details on files should something more suitable arise.

We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone’s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.

Contract role - outside IR35 - Start January 2025 - Initial three months

(4 days a week in Milton Keynes - falling back to 3 days after settled into the role/stride)

Senior Business Analyst - Operational Resilience - 3-month contract role initially

Min. of five years financial services experience is essential

This role will work across Operations, Technology, Risk and Information Security teams - within the Lending and Savings part of the Bank

A modern business bank built to support the UK’s SMEs with tailored lending and savings
The vision is building stronger futures with bespoke financial solutions. We understand that no two financial needs are the same, which is why we work closely with UK SMEs and individuals to unlock potential others often overlook. Through smart, flexible lending and savings products, we’re here to build and grow stronger futures for lasting success.

About the role
Delivering a programme to strengthen its Operational Resilience framework to support future growth.
This is a 3-month contract role as a Senior Business Analyst - Operational Resilience required to help the team achieve their objectives. This role will work across the business to review Important Business Services and Impact Tolerances, update process maps, assess risks and vulnerabilities, and support resilience testing and BCP reviews. The role will also contribute to improving Operational Resilience MI and reporting for senior committees.
This is a hands-on interim role requiring strong stakeholder engagement, workshop facilitation, and the ability to work autonomously across Operations, Technology, Risk and Information Security teams.

Key Responsibilities

• Facilitate workshops with stakeholders across the business to review Important Business Services & Impact Tolerances
• Update Process Mapping for all Important Business Services
• Manage Risk & Vulnerability Registers
• Support execution of Testing
• Complete current state assessment of BCP plans
• Lead improvements to Operational Resilience MI and reporting in Operations and Risk Committees
• Review and update Policy documents where necessary
• Support Programme Steering Committee

Required Skills & Experience

• 5+ years’ experience as a Business Analyst within Financial Services
• Prior Operational Resilience experience preferred
• Strong experience working with technology, operations, risk, and information security teams
• Experience delivering within complex change programmes
• Process mapping and workshop facilitation
• Risk identification and analysis
• Data analysis, MI, and reporting
• Strong questioning and stakeholder challenge
• Project management

Mindset:

• Someone with a ‘can do’ attitude who is happy to work autonomously but who recognises when to escalate and seek support
• A natural curiosity and analytical approach - the ideal candidate will ask questions that others are over-looking and bring new insight into internal discussions
• We’re a small risk team within a growing Bank - we need someone who can challenge the status-quo whilst maintaining strong working relationships and a positive working environment.

Please note you will receive an automated response advising you that we have received your CV.

Morgan Philips Group is a global talent solutions business that disrupts conventional thinking in executive search, recruitment and talent consulting. We operate in over 18 markets in Europe, North & South America, Asia, and the Middle East & Africa. We understand that the future is digital and social, so we embrace the latest technology, including video ads and CVs, as well as social recruiting. Our innovative services are tailored to the new world of work yet we do not lose sight of the fact that employees be they existing and potential are ultimately human beings.

We are committed to ensuring that all job applicants are treated equally, without discrimination because of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.