Cyber Security Controls Consultant - 6-Month Contract (Inside IR35) - London - Hybrid

We are seeking an experienced Cyber Security Controls Engineer to lead enterprise-wide implementation and assurance of CIS security controls within a complex technology environment. This role focuses on identifying security gaps, prioritising remediation, and working closely with cross-functional teams to operationalise robust security controls aligned with industry standards and regulatory requirements.

You will collaborate with technical teams, stakeholders, and auditors to strengthen the organisation's security posture and ensure effective control governance and delivery., * Lead technical assessments to identify existing security gaps and prioritise implementation of CIS Controls across the enterprise.

• Conduct gap analysis and maturity assessments on security controls and align findings with regulatory and compliance requirements.
• Define control ownership, applicable industry standards, and clear definitions of done for each identified control gap.
• Work closely with technical teams to translate and map security gaps to relevant CIS Controls.
• Ensure delivery accountability by performing periodic assurance reviews against defined requirements.
• Coordinate cross-functional teams to manage dependencies and risks.
• Support operationalisation of deployed controls and transition into BAU security operations.
• Assist with internal and external security audits.

• 7-10 years of experience in security roles including GRC, controls implementation and testing, security engineering, or infrastructure security.
• 3+ years of hands-on experience implementing CIS Controls within large enterprise environments.
• Strong technical understanding of enterprise security architectures and controls.
• Extensive knowledge of security assurance frameworks and control processes.
• Experience with cloud security controls.
• Industry-recognised security certifications are advantageous.