Cybersecurity Analyst (CUI & NIST 800-171 Focus)
Contract Opportunity | SC Cleared Required

We are working with a client in the defence and national security space who are looking to bring in a Cybersecurity Analyst on a contract basis. This role will support ongoing security and compliance activity within a highly regulated environment.

The Role

• Support the protection and handling of Controlled Unclassified Information (CUI)
• Work with NIST 800-171 controls, helping ensure compliance across systems and processes
• Assist with the creation and maintenance of security documentation
• Contribute to internal audits and wider assurance activities
• Work closely with stakeholders to uphold security standards

What We’re Looking For

• Active SC Clearance (essential)
• Experience working with NIST 800-171
• Strong understanding of information security and compliance frameworks
• Comfortable working with policies, controls, and documentation
• Experience in secure or regulated environments

Additional Details

• Contract position
• Competitive day rate
• Further details available upon request

If you would like to learn more, feel free to get in touch for a confidential conversation.

Senior Risk Analyst 1634MG

Hinkley Point C, Somerset

PAYE £386.74 or Umbrella £539.18

Job Purpose / Overview

The role of Senior Risk Analyst is to act as an expert of the Risk team across the parts of HPC project following the Risk strategy uniformly across the project. They will act as a technical lead for the Risk team ensuring the implementation of Risk specific processes and framework. They will follow all governance arrangements for the Risk team providing effective reporting of Risk and Opportunity information in a timely and accurate manner, supporting others to achieve the same results. They will manage the delivery of specific contracts which range in value from £10m to £500m. The Senior Risk Analyst will be required to direct workload and provide guidance to the Risk Analysts or Trainee Risk Analysts on a day-to-day basis to enable them to support the Risk and project controls activities on the project.

Principal Accountabilities

• The Senior Risk Analyst will be the face of Risk management in their nominated Programme/Area in the Project, bringing confidence to stakeholders that they are performing the right steps to identify, analyse, respond to and manage their Risk Outputs.
• Providing assurance of the maintenance of all Risk and Opportunity data for the Programme/Area within the Risk software system e.g. ARM.
• Assurance of the delivery of Risk and Opportunity reports to a defined reporting cycle, including commentary on key time-related drivers and performance issues ensuring the quality of the output
• The Senior Risk Analyst will support the Programme/Area Directors implement Risk management by:
• Reviewing and challenging the significant issues that may impact programme/area objectives
• Supporting issue and opportunities reviews and workshops and specialist risk focussed sessions (i.e. scenario planning).
• Analysis of risk data and the connection of this data across the Project, in conjunction with the project controls managers and risk leads;Challenging the uncertainties of risk data over time to allow prioritisation and decision making.
• Ensuring a comprehensive risk portfolio is maintained and reflective of the current project position.
• Working with colleagues in IPC to ensure that the Project schedule and cost estimates are informed by high quality risk information (at delivery and portfolio levels).
• Work with the PCM’s to support the programme/area teams and where appropriate Tier 1 Contractors to assess contractor-held Risk and their views on Programme-held risks and opportunities that impact upon them.
• Identify and support the implementation of enhancements to integrated risk management procedure, process, reporting and tools.
• Accountable for the production and presentation of accurate, insightful project controls information at the Programme Reviews and Board Meetings, ROTCs, Portfolio Risk Review as required.
• Responsible for the management and verification of information within the PowerBI dashboards and providing proposals for improvement from the Programme/Area teams.
• Lead Risk management and Risk software specific training to the Programme/Area team, PM community and apprentices and provide recommendations of additional training requirements, or improvements to existing training.

Knowledge, Skills, Qualifications & Experience

• Able to deliver accurate and concise Risk insights to drive evidence-based decision making, utilising commercial and technical information, to influence project decisions and support the management of risks/opportunities.
• Understanding and/or practical experience of wider project controls disciplines enabling Risk management to be integrated with cost, schedule and change, and provide assurance that risk and opportunity reporting and outputs of risk analysis aligns with other project data.
• Excellent analytical, critical thinking and problem-solving skills.
• Proven ability to facilitate risk conversations with colleagues at all levels, including Executive and Director leadership.
• Effectively communicates complex issues and concepts (unique insights) in simple ways, to both technical and non-technical senior audiences.
• Strong organisational and time management skills, with the ability to prioritise and delegate tasks to other team members.
• Possesses high work standards and sets ambitious, yet attainable goals. Constantly drives to streamline and simplify to deliver business value.
• Ability to effectively collaborate with colleagues within and across organisational boundaries to achieve mutually successful outcomes.
• Ability to assure the quality of others work supporting them in developing to effectively deliver outputs.
• Ability to expertly use and guide others in the use of Risk management software;
• Ability to draw from best practice across industry to implement changes for improved performance

Qualifications & Experience

• Desirable degree level or equivalent qualification in project management, project controls, engineering, or another related field
• Industry recognised project controls and/or risk management qualifications, such as Management of Risk Practitioner and/or APM Risk Level 2.
• Demonstrable experience of working as an expert in risk management and expert knowledge of risk/project controls including the tools, and a variety of techniques used to deliver project insight and assess performance
• Experience of working in a project management environment and desirable construction experience
• Experience of working in the Nuclear Industry or other highly regulated industry
• Tools and Software
• The jobholder will be expected to have expertise in the use and supporting training of others, of the following (or similar equivalent) software tools:
• Microsoft Office software (Excel, Word, PowerPoint, Access);
• ARM (Risks, Opportunities).
• Safran (QSRA).
• Power BI (Business Intelligence Analytics).

Third-Party Cyber Risk Manager (Contract)

Hybrid

6 months Minimum

Start date April

We are supporting a large UK enterprise organisation seeking a Third-Party Cyber Risk Manager to lead cyber assurance activities for suppliers and vendors.

This role focuses on assessing cyber risk during supplier onboarding and contract renewals, ensuring appropriate security controls are in place before access to systems or data is granted.

Key Responsibilities.

• Conduct cyber risk assessments for new and existing third-party suppliers
• Perform initial risk tiering based on services, data access, and system access
• Review supplier security documentation (e.g., ISO 27001, SOC reports)
• Liaise with suppliers and internal stakeholders to gather assurance evidence
• Provide risk recommendations and track remediation actions
• Ensure security requirements are embedded within supplier contracts
• Work closely with procurement, privacy, legal, and business teams

Requirements.

• Experience in third-party cyber risk management or supplier assurance
• Strong understanding of cyber risk principles and security controls
• Experience working in large or complex organisations
• Strong stakeholder engagement skills
• Ability to work independently in a hybrid environment

If you’re looking to add a highly regarded company to your CV, whilst working on a new project - get in touch or APPLY NOW!

Cyber Risk Manager (Contract)

Hybrid

6 months Minimum

Start Date April

We are supporting a large enterprise organisation seeking a Cyber Risk Manager to manage internal cyber risks across business and technology functions.

This role will focus on identifying, assessing, and tracking cyber risks, ensuring appropriate ownership and mitigation plans are in place.

Key Responsibilities

• Identify and assess cyber risks across projects and operational areas
• Maintain the cyber risk register and ensure risks are properly documented
• Define risk ownership and treatment plans
• Track progress of mitigation actions
• Support governance reporting and risk reviews
• Engage with stakeholders across IT, security, and the wider business

Requirements

• Experience in cyber risk management within large organisations
• Strong understanding of risk assessment and treatment processes
• Ability to communicate risks clearly to technical and non-technical stakeholders
• Comfortable working with senior stakeholders
• Self-starter able to operate with minimal supervision

If you’re looking to add a highly regarded company to your CV, whilst working on a new project - get in touch or APPLY NOW!

Active SC clearance required

Location: Warminster (50% Home working, 50% onsite)

Duration: 3 month initial contract (potential extension)

Inside IR35

Role details:

Our client, a notable entity within the Defence & Security sector, is seeking a seasoned Security Contractor to join their team on a contract basis. The client is located in Warminster and the role will be a split of 50% home working and 50% onsite.

This role supports the OMNIA Security Assurance Lead by carrying out a comprehensive Initial Security Risk Assessment for the MOD CTTP programme-analysing risks, threats, vulnerabilities, architectures and compliance requirements, and producing the formal assessment report. It also supports stakeholder engagement by participating in workshops, coordinating with delivery partners, and helping present the final assessment.

Key Responsibilities:

Working closely with the OMNIA Security Assurance Lead to conduct Initial Security Risk Assessment Report activities in alignment with MOD Secure by Design (ISN2023/09) assurance activities.
Attending workshops and meetings, both in-person and virtually, to review progress and agree on actions against deliverable timelines.
Liaising with OMNIA partner delivery stakeholders to understand the architecture and associated security risks, threats, vulnerabilities, and opportunities within the scope defined by the OMNIA Security Assurance Lead.
Conducting formal Initial Security Risk Assessments using the NIST 800-37 Risk Management Framework and associated guidelines.
Ensuring alignment of security risk assessments to UK Defence policies and standards, such as GovS 007: Security and DEFSTAN norms.
Performing threat modelling and assessment utilising STRIDE-LM and MITRE ATT&CK frameworks, integrating results into risk assessment reports.
Conducting Business Resilience and Single Point of Failure (SPoF) assessments across the supply chain, compiling results in the risk assessment report.
Compiling a comprehensive Initial Security Assessment Report and assisting the presentation to stakeholders.
Maintaining strict security integrity when processing and handling classified information.

Job Requirements:

Experience in conducting Security Risk Assessments for UK classified technical solutions, particularly in Information Security and Risk Management.
Proficiency in delivering against MOD policies and procedures specific to information security.
Experience with the NIST 800-37 Risk Management Framework and other NIST guidelines like 800-30 and 800-53.
Solid understanding and experience with UK Defence security frameworks and relevant policies.
Experience in conducting threat modelling and assessments using frameworks such as MITRE ATT&CK and STRIDE-LM.
Experience in reconciling information security risk against critical asset and service lists.
Ability to prioritise and plan complex work in a fast-paced environment.
Strong report writing skills with the ability to convey technical information to non-technical audiences.

Desirable skills:

A secondary knowledge of the Physical Security field/domain in relation to Information Security and GovS007: Security would be desirable.
Understanding/knowledge of the Cabinet Office Technology Code of Practice (TCoP)
Understanding/knowledge of Army Command Standing Orders (ACSO)
Understanding/knowledge of the Government Service Standards for ACT Services
Understanding of formulating, recording and managing security risk and applying risk methodologies via a security risk register.
Good understanding of a technical domain in addition to existing Information Security Risk Assessment e.g. Network, Cloud, Application, Infrastructure.
Able to insightfully derive security requirements from an established solution.
Experience of delivering MoD Secure by Design operational solutions.
Understanding/experience of waterfall and agile delivery methodologies.
Strong knowledge of system architectures. Able to understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities.
If you are an experienced Security Contractor looking to make a significant impact within the Defence & Security sector, we invite you to apply now. Experience the unique challenges and rewards of ensuring security in one of the most dynamic fields

Vulnerability Analyst – SC Cleared

Gloucester, UK hybrid

£inside I35

Contract: 6 Months

Active SC Clearance Required

We are seeking an experienced Vulnerability Analyst (SC Cleared) to join a high-profile IT Infrastructure environment in Gloucester. This role is critical in identifying, analysing, and managing security vulnerabilities to protect enterprise systems and ensure regulatory compliance.

The Role

You will be responsible for vulnerability management across enterprise infrastructure using Tenable One, ensuring risks are identified, assessed, tracked, and remediated effectively.

You will work closely with internal technical teams, partners, and vendors to ensure vulnerabilities are resolved within agreed timelines and reported clearly to stakeholders.

Key Responsibilities

* Perform vulnerability scanning, analysis, and reporting using Tenable One

* Track and assess vulnerabilities using CVE and CVSS frameworks

* Manage the full vulnerability lifecycle from identification through remediation

* Produce clear, actionable reports translating technical findings into business impact

* Maintain accurate tracking and documentation of remediation activities

* Collaborate with cross-functional teams, vendors, and offshore teams

* Ensure compliance with regulatory and security standards

* Provide regular updates to senior stakeholders

Essential Skills & Experience

* Active, transferable SC Clearance (minimum 3 months validity remaining)

* Strong hands-on experience with Tenable One

* Solid understanding of CVE & CVSS scoring methodologies

* Proven experience in vulnerability lifecycle management

* Excellent reporting and stakeholder communication skills

* Strong analytical and problem-solving capability

* Experience working in regulated or security-focused environments

Desirable

* Reporting experience using ServiceNow

* Certifications such as CISSP, CISM, or equivalent

* Knowledge of recognised security frameworks and best practices

Person Profile

* Strong communicator who provides clear and informative updates

* Analytical thinker who probes beyond the obvious

* Quick learner with strong technical adaptability

* Collaborative team player with excellent stakeholder engagement skills

People Security Adviser Inside IR35 - £400 - £425 p/d Active SC Required Primarily Remote

We are supporting the build and evolution of a centralised Security Operations & Intelligence function and are seeking a People Security Advisor to play a key role in establishing and embedding a modern, risk-based personnel security capability.

Operating at SFIA Level 4 (Enable), this role will work closely with the Physical & People Security Integration Lead to design, implement and continuously improve People Security frameworks, policies and processes across a complex, nationally significant environment.

This is a hands-on role combining policy development, risk assessment, investigations, and stakeholder engagement, with a strong focus on integrating People Security across wider security and business functions.

Key Responsibilities

• Support the design, implementation and continuous improvement of People Security capability and improvement plans
• Develop and maintain People Security policies, standards, controls and procedures aligned to UK Government frameworks
• Conduct People and Physical Security risk assessments, audits and assurance activities
• Lead or support personnel security investigations, incident response and post-incident reviews
• Contribute to the development and delivery of insider risk programmes
• Provide subject matter expertise and advisory support to business stakeholders on People Security matters
• Enable integration across Security, Threat Intelligence, SOC, IAM, HR and Counter Fraud functions
• Support supply chain engagement on People Security standards and controls
• Define and maintain KPIs for People Security risk management and continuous improvement
• Engage with external bodies including National Technical Authorities (eg NPSA) and wider government/security forums
• Support security governance through forums, working groups and stakeholder engagement

Required Experience & Skills

• Active SC Clearance
• Strong experience in People (Personnel) Security within UK Government or regulated environments
• In-depth knowledge of UK Government vetting standards and security frameworks
• Experience developing and implementing security policies, standards and procedures
• Proven experience conducting security risk assessments and investigations (personnel and/or physical)
• Ability to influence, negotiate and engage effectively with senior stakeholders
• Experience working within change or transformation environments
• Strong written communication skills, with ability to produce high-quality documentation
• Solid understanding of integrated security disciplines (People, Physical, Cyber)

Job Title: Cyber Security Assurance Specialist (Application Security)
Client: Urenco
Rate: £700 per day
Location: Hybrid – Minimum 2 days per week in Paddington, London
Clearance: Active SC Clearance required

About the Client

Urenco is a world leader in the enrichment of uranium for use in the civil nuclear industry. Operating across the United Kingdom, United States, Netherlands, and Germany, Urenco plays a critical role in enabling the safe, sustainable use of nuclear technology worldwide.

The Group CISO function is responsible for continuously developing and enhancing Urenco’s cyber security portfolio to protect the organisation, its customers, and the public. The CISO team is structured across three core areas:

Governance, Risk & Compliance (GRC)
Operational Technology (OT) Cyber & Cyber Assurance
Threat Defence
This opportunity sits within the Cyber Assurance Team, reporting directly to the Head of Cyber Security Assurance.

Role Overview

We are seeking an experienced Cyber Security Assurance Specialist with a strong focus on application security across both on-premises and cloud environments.

You will play a key role in improving cyber security maturity across the organisation by providing assurance over security designs, assessing risk, and developing application security standards and policies. The role requires close collaboration with IT, Information Security, and business stakeholders, translating business requirements into secure, practical solutions.

This is a highly visible position requiring strong communication skills, sound business judgement, and the ability to operate effectively in agile delivery environments.

Key Responsibilities

1. Security Design & Solution Assurance

Review and assure technical designs against security policies and standards
Identify security design gaps and recommend appropriate control improvements
Author and review high-quality security documentation
Provide security oversight for both on-premises and cloud-based solutions
Act as a trusted advisor and security advocate across the business
Communicate effectively with stakeholders to embed secure-by-design principles

2. Security Risk Assessment & Control Assurance

Produce formal security risk assessments in collaboration with GRC, architects, and IT teams
Define and agree risk mitigations and compensating controls
Assure implementation and effectiveness of technical controls
Translate business strategy into secure architecture guidance
Conduct supplier assurance across on-premises, cloud, and hybrid services

3. Security Standards, Policies & Governance

Develop and maintain application security policies, standards, and guidelines
Align security frameworks with broader business strategy
Track emerging security practices and ensure standards remain current
Support the continuous improvement of cyber security maturity

Essential Experience

Minimum 5 years’ experience in Information Security Assurance with a focus on application security
Experience working in a global organisation
Strong knowledge of regulatory compliance and security frameworks such as:

ISO 27000 series
NIST SP 800 series
NIST Cyber Security Framework

Experience in:

Secure application design and review
Cloud security assurance
Penetration testing and vulnerability management
Supplier security assurance

Desirable Experience

Knowledge of nuclear industry regulations across the UK, US, Netherlands, and Germany
Understanding of government information classifications
Experience in OT security environments

Technical Knowledge

Strong understanding of security controls across multiple asset types including data, networks, devices, and users, covering:

Software Asset Inventory & Control
Data Protection
Secure Configuration Management
Continuous Vulnerability Management
Audit Log Management
Malware Defences
Disaster Recovery
Service Provider Security Management
Application Security & Penetration Testing

Qualifications & Certifications

Degree (BS/MS) in Computer Science, Information Security, or equivalent experience
Relevant certifications such as:

CISSP
CISA
CSSLP
OWASP ASVS / OWASP Top 10
GIAC (GWAPT, GCSA)
CASE
Certified DevSecOps Professional

Key Competencies

Strong business acumen with ability to align security to organisational objectives
Adaptable and responsive to changing risk landscapes
Excellent written and verbal communication skills
Strong analytical and decision-making capability
Team-oriented with experience working across diverse stakeholders
Self-motivated with a sense of urgency and delivery focus
Organised and able to manage multiple priorities

Additional Information

Hybrid working model – minimum 2 days per week onsite in Paddington
Occasional travel may be required
Active SC clearance is mandatory

Environmental, Health, and Safety (EHS) consultant

Desired qualifications and experience:

• Previous H&S data centre experience
• NEBOSH certificate or equivalent
• 5+ years H&S experience
• Experience with ISO45001

Day rate - Outside IR35

Role overview:

• Deliver a more efficient and standardised company-wide H&S processes and policies
• Eliminate regional silos by consolidating diverse occupational health plans into one unified, corporate standard.
• Develop, standardize, and implement a robust, fully auditable Health and Safety Management System aligned with ISO 45001 actions pending for implementation from previous audit requirements.
• The project will consolidate regional methodologies (UU, Finland and Iceland), establishing clear ownership structures, and deliver comprehensive risk assessments to our current library, Safe Systems of Work (SSoW), permit to work process and training programs, across all active operational and construction sites

Scope of work:

• ISO 45001 Alignment: Build and publish a comprehensive H&S Risk Register mapped directly to ISO 45001 and legal H&S requirements.
• Occupational Health & Surveillance: Design a structured business-wide health surveillance program and consolidate existing regional methodologies into a unified Occupational Health plan.
• Governance & Policy: Assist Head of H&S in the defining of the organizational H&S ownership structure. Revise existing safety policies to standardize minimum controls across the business.
• High-Risk Risk Assessments & SSoW: Develop and publish safety-critical procedures for (Not exhausted list):
• Lone Working & Winter Conditions Working.
• Working at Height (WAH) & Machine Guarding.
• Finalising Personal Protective Equipment (PPE) standards.
• Accessing electrical panels and Lock-Out/Tag-Out (LOTO) procedures.
• Working with HV/LV systems
• Permit to work process
• Carry out general site risk assessments of active sites to establish required control

Training & Communications:

• Create supporting tools, templates, and training materials
• Training Matrix
• Training needs analysis
• Policy and procedures documentation
• Specific guidance on Dynamic Risk Assessments.
• Ensure a structured communications plan is in place to deploy these to the workforce.
• Develop toolbox talk template and process

Incident management:

• Deliver incident lessons learnt process

System Packaging: Package all the above into a cohesive, fully auditable program.

Azure Controls & Audit Specialist | £650-£700 p/day (Inside IR35) | Bournemouth (4 days on site) | 6 months (initially)

We’re looking for an experienced Azure Controls & Audit Specialist to join the Public Cloud Engineering team on an initial 6-month contract. This role is critical in supporting an Azure-based environment through a period of increased audit activity, including upcoming EDA Gold DEV.

You’ll be looking at regulatory compliance, strengthening the control environment, and managing audit and risk-related activities across the cloud platform.

Location: Bournemouth (4 days on-site, 1 day remote)
Contract: 6 months initially
Rate: £650-£700 p/day (Inside IR35)
Start: January
Relocation: Open to relocation

Key Responsibilities:

• Drive the execution of cloud platform control assessments, ensuring alignment with regulatory and organisational requirements
• Act as a subject matter expert on control frameworks and audit expectations within Azure environments
• Lead governance of issues raised from assessments, ensuring findings are tracked, managed, and closed effectively
• Proactively assess control effectiveness, identify gaps, and recommend enhancements to strengthen the risk and compliance posture
• Produce clear and comprehensive documentation for control processes, assessments, and compliance reporting

What we’re looking for:

• Previous experience in a similar Azure-focused controls, audit, or cloud risk role
• Knowledge of engineering standards and best practices
• Experience supporting strategic initiatives in complex environments

If this sounds like a good fit, apply now as they’re looking to complete first stages!

Azure Controls & Audit Specialist | £650-£700 p/day (Inside IR35) | Bournemouth (4 days on site) | 6 months (initially)

Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

Closing Date: 30/03/2026 at 23:59 Interviews will take place week commencing 06/04/2026 FTC until 30/04/2027 A bit about the role... Working in close partnership with the Business Continuity Manager and the Head of Platforms & Infrastructure Engineering, the Disaster Recovery Specialist will play a critical role in strengthening Homes Englands operational resilience. You will be joining a highly skilled and collaborative Digital and Risk community, committed to safeguarding mission-critical services and ensuring business continuity across the agency. This role will lead the development and implementation of a robust disaster recovery testing framework, providing assurance that Homes Englands mission critical systems and infrastructure can be restored quickly and effectively following a disruption, minimising downtime, data loss and operational disruption. You will design, coordinate and embed quarterly disaster recovery tests, beginning with a critical system in Q1& Q2 2026/27, ensuring testing is structured, proportionate and aligned to government standards. You will work collaboratively with Digital, Business Continuity and Risk Management partners, as well as function owners and other key stakeholders. You will take a leading role in the design and execution of scenario-based exercises to validate DR & BC arrangements and managing risks identified through testing to drive continuous improvement. You will also produce clear reporting and executive-level papers, ensuring compliance with Government Cyber Security Policy 007 and evidencing controls for GovAssure. This is a rare opportunity to lay the foundations of a comprehensive disaster recovery testing approach within a fast-evolving national organisation with real social purpose. As Homes England modernises its technology estate and operating model, your work will ensure the agency can respond confidently to disruption and protect the services communities rely on. A bit about you Youll be comfortable leading the development and delivery of disaster recovery and business continuity testing within a complex organisation. With deep technical knowledge and practical experience of disaster recovery, risk management and business continuity you will confidently translate technical detail into clear, actionable insights for business stakeholders. Delivering resilience at this scale requires working at pace with confidence and influence. You will be resilient, organised and comfortable working with senior stakeholders across the wider business who have competing priorities. Your discussions will always be shaped by a strong understanding of operational impact, regulatory requirements and organisational risk. As an experienced disaster recovery professional, you will bring excellent written and verbal communication skills, strong stakeholder management capability and the ability to navigate complex challenges with sound judgement. Youll enjoy working collaboratively, leading scenario-based exercises and driving continuous improvement as threats, technologies and business needs evolve. If you also bring experience within the public sector, familiarity with government digital standards, or professional accreditation such as BCI or DRII membership, that would be highly advantageous. Who are we? Homes England: The Housing and Regeneration Agency We believe that affordable, quality homes in well-designed places are key to improving peoples lives. As the governments housing and regeneration agency, we create thriving new places and transform urban areas, combining the full breadth of our powers, expertise, land, capital and influence to bring investment to communities and get more homes built. How? We form long-term partnerships that bridge the gap between the public and private sector to meet local needs and aspirations. We use our influence to champion the creation of sustainable homes, communities and places that are brilliantly designed for the people that live there now, and in the future. And we use our funding and support to build a more resilient, diverse and innovative housing sector, helping new entrants in the market, encouraging modern methods of construction and design, and promoting the utmost attention to building safety. Together with our partners, were accelerating the pace of house building, remediation and regeneration across the country, as we seek to deliver ever more affordable homes in places people are proud to call home for generations to come. What we offer... As well as a competitive salary and 33 days annual leave, we are committed to 50/50 hybrid working. Well support you, wherever possible, so that you dont miss out on what matters to you. Membership of the Homes and Communities Agency Pension Scheme, which is a contributory defined benefit scheme with the amount you receive on retirement based on your salary and years worked at the Agency. Internal applicants: please note that if you are successful, the salary you are offered will be in accordance with our pay policy. You can find details on the HR Hub SharePoint site. If you ever need a bit of extra help, we have a great employee assistance programme, a wide range of healthcare plans, financial wellbeing support and access to many great discounts with leading high street names. Our range of network groups are also there to support you to be yourself at work and play a key role in helping shape our future. If you are a member of a professional body, well pay for your membership and once you get your digital kit, youll be good to go. Homes England are a geographically diverse community. We work to a 50/50 office/ home based model. Moving back into our office environments has enabled us to utilise our space and time together in the most collaborative way. We would encourage all applicants to apply as soon as possible as we may close vacancies early should we receive a high number of applications. We also encourage you to apply using the full application option as opposed to quick apply, this is especially important if you would like to indicate to us that you would like to be considered under the disability confident scheme. Were a diverse team of more than 1,000 professionals spanning 17 professions, helping Homes England to be effective, efficient and deliver for communities. Our people remain at the heart of everything we do, and were committed to building an Agency that not only reflects the diverse communities we serve, but also champions inclusion in how we shape homes and places across the country. For more information about our EDI strategy please see ourEquality, Diversity and Inclusion Report 2024 to 2025 Second Edition - GOV.UK You will be required to have the Right to Work in the UK and Homes England do not offer visa sponsorship. If your application is shortlisted to interview we will require you to provide proof of your Right to Work in the UK at this stage. Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Morgan Hunt are currently working with a leading Government Executive Agency in their search for an experienced Compliance Officer to support workload and project-based initiatives within the Operational Risk & Compliance team.This interim contract is focused on revisiting and refining compliance frameworks, improving policy and procedures, and delivering enhancements to IT surveillance systems for the next financial year. The role involves close collaboration with senior stakeholders, providing strategic input and credible compliance expertise to move key projects forward.The successful candidate will have extensive experience in financial markets compliance within either a regulated financial services firm or a regulatory authority. You will be confident working with senior stakeholders and have the ability to design and improve compliance structures in a project-led environment.Why Apply? This role offers the opportunity to work with a highly respected financial markets body at the interface of public and private sectors. You will play a key role in shaping future compliance structures, contributing to major projects, and influencing strategic decision-making.Job Title: Compliance Officer Location: Hybrid - 3 days on-site (London-based office)Daily Rate: £450.00 - £515.00 per day (Umbrella)Contract Type: Temporary (up to 6 months, potential extension)Hours: Full-time (36 hours per week)Start Date: ASAPKey Responsibilities Review, refine, and enhance the existing compliance framework. Drive improvements to policies and procedures, with a focus on IT surveillance systems (project delivery for next financial year). Lead on compliance-related projects, providing input on structure, governance, and monitoring. Assess team structures and produce recommendations through case studies. Collaborate with senior stakeholders across operational and risk teams, ensuring credibility and strategic alignment. Support ongoing regulatory and compliance initiatives to strengthen best practices.Candidate Profile Proven financial markets compliance experience within a regulated firm or regulatory authority. Strong understanding of compliance risk assessment and mitigation. Experience leading compliance projects, including policy and IT system improvements. Demonstrable ability to engage and influence senior stakeholders with credibility. Excellent organisational, analytical, and communication skills. A structured, professional approach with the ability to deliver high-quality outputs under tight deadlines.How to ApplyTo apply for this role, please submit your CV or contact for a confidential discussion about this opportunity. Morgan Hunt is a multi-award-winning recruitment business for interim, contract and temporary recruitment and acts as an Employment Agency in relation to permanent vacancies. Morgan Hunt is an equal opportunities employer. Job suitability is assessed on merit in accordance with the individual's skills, qualifications and abilities to perform the relevant duties required in a particular role.

Role: FOSS Licensing SME / Software Licensing Analyst
Location: London, UK
Business Area: Technology - Engineering Practice

Role Summary

A leading global financial services organisation is seeking a Software Licensing Analyst / FOSS Licensing SME to support the development of processes and controls governing the use and contribution of Free and Open-Source Software (FOSS) across the organisation.

This role sits within the Technology CTO / Engineering Practice function and will play a key part in strengthening open-source governance, compliance, and licensing frameworks.

The role requires a proactive self-starter who can work independently, manage competing priorities, and deliver results under tight deadlines.

Key Responsibilities

• Evaluate and communicate the implications of open-source software licenses to both technical and non-technical stakeholders.
• Support training and awareness initiatives within engineering teams regarding software licensing and compliance.
• Document and summarise risks associated with open-source licenses.
• Categorise licenses not recognised by automation tools into appropriate categories such as Liberal, Weak Copyleft, Copyleft, or restricted/banned licenses.
• Analyse outputs from software license scanning tools to identify incorrectly reported or missing license data

GCS is acting as an Employment Business in relation to this vacancy.

Role Title: Cyber Risk Analyst Location: Knutsford 3 days on site Duration: 30/10/2026 Rate £404 MUST BE PAYE THROUGH UMBRELLA Role Description: "Role Overview: The Cyber Risk Analysts will work under the guidance of the Lead Consultant to execute the detailed risk assessments and analysis of End-of-Life technologies. In this role, you will collect and analyze data on EOL systems, evaluate cyber risks using the defined methodology, and support the implementation of remediation plans. Key Responsibilities: Perform Risk Assessments: Conduct in-depth cyber risk assessments for identified EOL systems and technologies, following the methodology and framework established by the project. Gather necessary information on assets (software, hardware, applications that are end-of-life or end-of-support) and assess the potential cyber threats, vulnerabilities, and business impacts associated with each5. Document findings meticulously, ensuring each risk item is well-described (likelihood, impact, severity) in the risk register. Required Skills & Competencies: Analytical Skills: Strong analytical and problem-solving skills are essential. The analyst must be able to assess complex IT systems and identify risk factors, interpret vulnerability data, and quantitatively rate risks. Attention to detail is critical for reviewing large lists of EOL assets and ensuring nothing is missed. Cybersecurity Knowledge: Good understanding of foundational cybersecurity principles (confidentiality, integrity, availability) and how outdated technologies can pose threats. Familiarity with common vulnerabilities and exploits affecting older systems (Legacy OS, unsupported software) is beneficial. Knowledge of cyber risk frameworks and standards (such as NIST, ISO27001) and basic concepts of risk assessment is expectedxxiv. Qualifications & Certifications: Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent experience in cyber risk or IT security roles can be considered in lieu of a formal degree. Certifications: Relevant industry certifications are not mandatory but highly valued. Certifications demonstrating knowledge of security and risk principles (eg, CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC/GSEC) would be a plus. Certifications specifically in risk management or governance (such as CRISC, Certified Information Systems Auditor (CISA), or ISO 27001 Lead Auditor/Implementer) are also advantageous for this role, as they indicate a grasp of risk and control assessment practices. Experience: Years of Experience: Approximately 3-5+ years of experience in cybersecurity or IT risk roles. This could include experience as a Cyber Risk Analyst, IT Risk Analyst, Security Analyst, Vulnerability Management Specialist, or GRC (Governance, Risk & Compliance) Analyst. Candidates with slightly more or less experience will be considered based on skill fit, but a baseline understanding from a few years in the field is expected. Risk Assessment Background: Hands-on experience conducting risk assessments or security assessments is required. For example, experience in identifying and assessing risks for IT systems, writing risk or control reports, or supporting risk treatment projects. Familiarity with creating or maintaining risk registers and tracking mitigation actions is important (eg, experience ensuring "risks and remediation plans are regularly addressed" in previous rolesxxvii). Industry-Specific Experience (Desirable): Experience in the financial services sector or other highly-regulated industries is a plus.

Azure Controls & Audit Specialist | £650-£700 p/day (Inside IR35) | Bournemouth (4 days on site) | 6 months (initially)

We’re looking for an experienced Azure Controls & Audit Specialist to join the Public Cloud Engineering team on an initial 6-month contract. This role is critical in supporting an Azure-based environment through a period of increased audit activity, including upcoming EDA Gold DEV.

You’ll be looking at regulatory compliance, strengthening the control environment, and managing audit and risk-related activities across the cloud platform.

Location: Bournemouth (4 days on-site, 1 day remote)
Contract: 6 months initially
Rate: £650-£700 p/day (Inside IR35)
Start: January
Relocation: Open to relocation

Key Responsibilities:

• Drive the execution of cloud platform control assessments, ensuring alignment with regulatory and organisational requirements
• Act as a subject matter expert on control frameworks and audit expectations within Azure environments
• Lead governance of issues raised from assessments, ensuring findings are tracked, managed, and closed effectively
• Proactively assess control effectiveness, identify gaps, and recommend enhancements to strengthen the risk and compliance posture
• Produce clear and comprehensive documentation for control processes, assessments, and compliance reporting

What we’re looking for:

• Previous experience in a similar Azure-focused controls, audit, or cloud risk role
• Knowledge of engineering standards and best practices
• Experience supporting strategic initiatives in complex environments

If this sounds like a good fit, apply now as they’re looking to complete first stages!

Azure Controls & Audit Specialist | £650-£700 p/day (Inside IR35) | Bournemouth (4 days on site) | 6 months (initially)

Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

London | Real Estate Investment & Development

5 days per week on-site

Salary: £70,000 to £90,000

An outstanding opportunity has arisen for a junior to mid-level lawyer (c. 2–4 PQE) to join the London-based real estate investment and development company of a sovereign wealth fund. This is a broad, business-facing role offering exceptional exposure to senior stakeholders and a diverse UK and international real estate portfolio.

Working closely with the General Counsel, you will play a key role in supporting the business across a wide range of legal matters. While the position has a strong real estate focus, it is also well suited to a lawyer seeking variety and responsibility across commercial contracts, employment law, and IP/data protection.

The Role

This role will evolve over time, but initially will involve advising on a broad range of matters across the portfolio, including:

• Real estate matters, including retail and office leases and associated asset management documentation
• Commercial contracts, including service agreements (with a sound understanding of data protection principles and contractual requirements)
• Event agreements and licences
• Employment matters, supporting the General Counsel and Corporate Services team on employment contracts and HR-related issues
• Intellectual property, including management of company domains and brands, protective actions, and working with property managers and media/communications contractors on various projects
• Review and management of consumer and service contracts entered into with third parties
• Updating company policies and delivering associated drafting for the General Counsel and Board in response to key legal and regulatory developments affecting the UK assets, with implementation across the wider portfolio where appropriate
• Administering and running legal projects and document/case management, including use of SharePoint, oversight of the deeds archive and adherence to document retention policies and procedures
• Over time and as you gain experience opportunity to be involved in divestment/acquisition projects

About You

• Qualified lawyer with approximately 2–4 years’ PQE
• Ideally trained in real estate, though candidates from other backgrounds with strong experience in commercial contracts, employment law, and IP/data protection — and a genuine interest in real estate — are encouraged to apply
• Comfortable working independently, while maintaining clear reporting lines and a strong appreciation of risk management Confident in providing clear written and verbal reporting to the General Counsel, the business, and the Board
• Able to manage multiple matters, balancing risk, priorities, and project timelines

International Exposure

The company operates across an international real estate portfolio, and the role will involve working across English law and other jurisdictions. You will build strong relationships with external counsel and stakeholders in multiple jurisdictions and develop an understanding of local legal and regulatory requirements.

Additional Advantages (Desirable but Not Essential)

• Experience using SharePoint or similar document management systems

• Exposure to company secretarial work

• Interest in legal technology and cyber security

• Language skills in Polish, French and/or Turkish

Please note our advertisements use PQE/salary levels purely as a guide. However we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role.

At LAW Absolute we endeavour to respond to all applications within 48 hours. However due to the volume of applications we receive we may not be able to respond to every candidate individually.

If you have not heard from us within a 48 hour timeframe your application has not been successful and your details have not been retained. LAW Absolute acts as an employment business for temporary recruitment and as an employment agency for fixed term contract and permanent recruitment.

We are seeking an experienced Health & Safety Advisor to support a critical Home Office programme operating within a highly regulated, national security environment.

This role will provide professional Safety, Health & Environment (SHE) advice across multiple UK sites, ensuring full compliance with statutory legislation, Home Office standards, and programme governance requirements. The successful candidate will play a key role in maintaining safe operational delivery across complex, high-profile environments.

Given the nature of the programme, regular UK-wide travel will be required.

What You’ll Be Doing

• Providing competent and practical SHE advice in line with UK legislation, Home Office policy, and internal governance standards
• Supporting operational teams to ensure compliance with Health & Safety at Work Act and associated regulations
• Conducting audits, inspections and site reviews in accordance with ISO 45001 and ISO 14001 standards
• Investigating incidents, accidents and near misses, producing detailed reports including root cause analysis and corrective action plans
• Supporting risk assessments and ensuring effective risk mitigation strategies are Embedded in operational activities
• Promoting a strong safety culture across geographically dispersed teams
• Supporting SHE workshops, briefings and continuous improvement initiatives
• Working collaboratively with stakeholders, suppliers and operational leads across the UK
• Contributing to wider SHE activities and maintaining high standards of professional conduct and compliance

Skills & Experience Required

• NEBOSH General Certificate (essential); working towards Diploma or equivalent desirable
• Proven experience operating as a SHE Advisor within a regulated, operational, or government environment
• Experience conducting audits and inspections aligned to ISO 45001/ISO 14001
• Strong understanding of high-risk activities and effective risk reduction methodologies
• Demonstrable experience investigating incidents and producing structured reports with clear recommendations
• Excellent stakeholder engagement and communication skills
• Ability to work independently across multiple sites and manage competing priorities
• Full UK driving licence and willingness to travel nationally
• SC Security Clearance (or eligibility to obtain - must have resided in the UK for the required period)

Desirable

• Experience within government, defence, policing, border force, or critical national infrastructure environments
• Membership of IOSH (TechIOSH/GradIOSH or above)
• Experience supporting operational field-based teams

This is an opportunity to contribute to a nationally significant programme, ensuring safety excellence across a complex and high-impact operational environment.

IT Business Continuity Manager

Up to £525 per day - Inside IR35

Hybrid

6 months

My client is an instantly recognisable consultancy who urgently require a Business Continuity & Disaster Recovery Consultant to join a business-critical programme.

Key Requirements:

• Proven experience delivering IT Business Continuity and Disaster Recovery (BCDR) programs in large enterprise environments.
• Active SC Clearance.
• Strong facilitation skills for Business Impact Analysis (BIA) workshops and dependency mapping.
• Knowledge of service-led continuity planning and hands-on experience creating practical runbooks.
• Understanding of regulatory and business requirements for Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
• Excellent communication skills with the ability to produce clear, actionable documentation for both technical and non-technical stakeholders.

Nice to have:

• Immediate availability.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found on our website.

Sheffield or Birmingham Hybrid (3-days onsite)

We’re partnering with a leading financial services client who are looking for a Data Risk & Controls Manager to join their global team responsible for strengthening data risk governance and control frameworks across the organisation. This is an initial 8-month contract inside IR35.

The Role

This position plays a key role in ensuring that global data control frameworks align with UK regulatory requirements, acting as the UK representative within an international team. You will support risk and control owners, challenge existing risk assessments, and drive continuous improvement across the organisation’s data control environment.

Key Responsibilities

• Act as the UK representative within a global data risk and controls team
• Support risk and control owners in strengthening control frameworks
• Develop and drive action plans to address control gaps
• Assess the effectiveness and sustainability of data controls
• Challenge whether risks have been appropriately identified and mitigated
• Influence improvements and next steps across the control environment
• Confidently engage with senior stakeholders and leadership
• Provide constructive challenge within governance and risk discussions

Focus Areas:

• Data privacy
• Data storage and retention
• Data usage and governance
• Metadata management
• Data movement between applications

Requirements:

• 5+ years of experience within financial services and in operational risk, non-financial risk, or data risk.
• Hands-on experience with data control frameworks (1st, 2nd or 3rd Line of Defence)
• Strong knowledge of data privacy and regulatory requirements (UK experience beneficial)
• Experience working across Data, IT, Risk, or Audit functions
• Proven ability to influence, challenge and engage stakeholders
• Experience identifying control gaps and driving process improvements
• Ability to present complex issues clearly to senior non-technical stakeholders
• Experience working within financial services or another highly regulated industry preferred
• Exposure to automation initiatives is advantageous
• Experience engaging with regulatory bodies is beneficial
• Relevant industry certifications are a plus

More details available on successful application.

Senior Fraud Investigator

Start ASAP - pending security clearance Pay: £23.68 per hour Hours: Monday-Friday, 36 hours per week Duration: 6 months, possible extension Location: Charing Cross Security Clearance: SC

Role Overview

We are seeking an experienced Senior Investigator to join a leading law enforcement organisation that investigates and prosecutes serious and complex fraud, bribery, and corruption, including high-profile matters and potential Deferred Prosecution Agreements.

You will lead complex investigations, manage investigative staff, and work closely with a Principal Investigator and multidisciplinary teams to progress cases from inception to prosecution.

Key Responsibilities

• Conduct investigations in line with legislation, policy, and organisational procedures.
• Lead key lines of enquiry and investigative activity in complex, multi-strand cases.
• Line manage investigators, allocating work, supervising activity, and ensuring delivery against objectives.
• Maintain oversight of investigations, keeping matters under constant review and providing updates to senior colleagues.
• Ensure suspect and witness accounts are obtained and used strategically.
• Produce investigation and financial witness statements and give evidence in court when required.
• Manage the disclosure process in accordance with the Criminal Procedure and Investigations Act 1996.
• Manage staff performance and development, including setting objectives, providing feedback, and addressing performance issues.
• Take responsibility for the quality, timeliness, and evidential robustness of investigative work.
• Provide cover for the Principal Investigator when required.

Essential Criteria

• Experience delivering successful outcomes in complex, multi-strand investigations.
• Experience working on complex economic crime investigations.
• Experience supervising or line managing investigators.
• Strong financial literacy and ability to analyse financial records.
• Experience drafting clear and accurate witness statements or reports.
• Comprehensive knowledge of investigatory practice, including disclosure and interviewing.
• Good understanding of risk management, information security, and operational security.
• Working knowledge of the criminal justice system.

Desirable Criteria

• Experience interrogating large data sets.
• Experience using or managing eDiscovery platforms.

Qualifications

• Recognised investigative qualification or accreditation and/or
• Recognised accountancy qualification and/or
• Demonstrable experience leading serious and complex crime investigations.

Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.

Network Business Analyst
Based in Cheshire
Hybrid - 3 days in the office
10+ month Contract

Hiring for a Network Business Analyst to operate at the intersection of business risk, network/security controls, and technical change within a regulated Financial Services environment. This role focuses on bridging business objectives with technical remediation, ensuring requirements are traceable, measurable, and aligned to risk reduction outcomes.

Responsibilities include:
Elicit and document user journeys, process maps, and control requirements
Maintain traceability to NIST CSF categories and regulatory obligations
Write clear user stories with measurable acceptance criteria
Lead UAT coordination and evidence pack preparation
Map as-is / to-be processes across incident, problem, change, and vulnerability
management
Support CAB documentation and stakeholder communications
Quantify risk reduction, SLA improvements, and user impact
Maintain reporting dashboards demonstrating measurable value

Skills and Experience:
5+ years’ Business Analyst experience within FSI, network, or security programmes
Strong knowledge of ITIL practices and ServiceNow workflows
Strong data literacy with ability to convert qualitative risk into measurable
outcomes
Excellent stakeholder engagement and facilitation skills
Cisco / Splunk / Zscaler experience would be desirable.

Please apply for immediate interview!

CBSbutler is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. CBSbutler is an Equal Opportunities employer and we encourage applicants from all backgrounds.