Hays Specialist Recruitment Limited
Cyber Security Risk & Compliance Framework Consultant (Contract)
Duration: 12 months
IR35: In scope
Rate: £600 per day
Location: 60% on site per month in either Bristol or London
We're looking for an experienced Cyber Security Risk & GRC Consultant to help transform how a large, complex organisation measures, manages, and communicates cyber risk.
This is a high-impact, business-critical role focused on building a clear, practical, and transparent approach to security risk – with a strong emphasis on compliance frameworks, measurable controls, and decision-ready reporting for governance boards.
- Define and implement meaningful cyber security risk metrics aligned to compliance frameworks (e.g. national and international standards)
- Establish a robust, repeatable method to measure performance against these frameworks – turning compliance into something measurable, not theoretical
- Create clear, transparent data that shows:
- Current risk exposure
- Performance against controls
- Trends and direction of travel over time
- Design concise, plain-English reporting for senior stakeholders and governance boards
- No jargon – just clear insight, impact, and action
- Map compliance frameworks to real business risks, bridging the gap between:
- Technical controls
- Governance requirements
- Operational reality
- Build practical reporting artefacts, dashboards, and templates to improve visibility and consistency
- Work closely with stakeholders to ensure outputs are:
- Credible
- Usable
- Aligned to executive decision-making needs
Sought:
- Drive a step-change in how cyber risk is measured, understood, and communicated – using compliance frameworks as the backbone, and clear data as the enabler.
- Strong experience in Cyber Security GRC (Governance, Risk & Compliance)
- Proven ability to work with and measure performance against compliance frameworks
- Deep understanding of:
- Security risk metrics & KPIs
- Risk appetite & governance reporting
- Ability to translate technical security data into plain English insights for senior audiences
- Strong analytical and data skills – able to turn complex datasets into clear narratives
- Solid technical awareness of cyber security principles, controls, and risks (without needing to be hands-on engineering)
- Confident engaging with senior stakeholders and governance boards
Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
To apply for this job please visit www.reed.co.uk.
Make this application stronger
Use these quick checks before applying so your CV, interview preparation and job search are better matched to this vacancy.
Before you apply
Check the key details and make sure the role matches what you are looking for.
- Review the job title, company, location, salary and working pattern if provided.
- Check the skills, experience or qualifications requested by the employer.
- Make sure the commute, hours and contract type are realistic for you.
Tailor your CV
For IT Jobs, highlight the most relevant skills, experience and achievements linked to this type of work. Keep it honest, clear and focused on what the employer is asking for.
Use the CV Builder or browse Career Advice.
Prepare for interview
If your application is successful, prepare simple examples that show your motivation, strengths and suitability.
Keep searching smarter
Do not rely on one application. Keep searching similar roles and set up alerts so new vacancies reach you faster.