Project manager/ Business Analyst - 9 months contract - Fully Remote

Project manager/ Business Analyst
Up to £600 per day - Inside IR35
9 months contract - Fully Remote
We are looking for a Cyber Security Project Manager / Business Analyst to lead and coordinate multiple security workstreams across risk, controls, and engineering domains.
This role will focus on driving delivery across control framework alignment (NIST), KRI measurement, and security tooling implementation, ensuring clear governance, stakeholder alignment, and measurable risk reduction.
Key Responsibilities
Project Delivery & Governance
Lead end-to-end delivery of cyber security initiatives across control, risk, and engineering workstreams

Define project scope, timelines, deliverables, and success metrics

Establish and maintain strong governance, reporting, and documentation standards

Track progress against milestones, risks, and dependencies

Business Analysis & Requirements
Conduct gap analysis across existing controls vs. target frameworks (e.g. NIST, internal/Tier 1-aligned standards)

Translate business and regulatory requirements into clear technical and operational deliverables

Define and document requirements for control implementation, tooling, and process improvements

Work closely with SMEs across risk, security engineering, and infrastructure

Risk, Controls & KRI Alignment
Support alignment of security controls to Key Risk Indicators (KRIs) and enterprise risk frameworks

Measure and report on control effectiveness against defined risk indicators

Help prioritise remediation efforts based on risk exposure and business impact

Ensure initiatives drive sustainable and auditable improvements in security posture

Stakeholder Management
Engage senior stakeholders across security, IT, and the business

Act as the central coordination point between risk, engineering, and governance teams

Facilitate workshops, drive decision-making, and remove delivery blockers

Present clear, commercially focused updates to leadership

Delivery Across Key Security Domains
Support programmes across:
Control framework adoption (NIST / internal standards)

Microsoft Security stack (Defender, E5, CSPM tooling)

Network security initiatives (NTA, NetSec reviews, detection improvements)

Ensure alignment between technical implementation and risk/compliance objectives

Key Experience
Proven experience as a Project Manager and/or Business Analyst within Cyber Security programmes

Strong understanding of cyber security frameworks (NIST ideally)

Experience delivering control framework alignment and gap remediation programmes

Background in risk, governance, and KRI-driven environments

Experience working across security engineering, infrastructure, and risk teams

Strong documentation, requirements gathering, and stakeholder management skills

Ability to translate complex security concepts into clear delivery plans and outcomes

Desirable
Experience within financial services or regulated environments

Exposure to Microsoft security ecosystem (Defender, M365 E5)

Understanding of network security concepts (NTA, traffic analysis, NetSec controls)

Familiarity with audit, compliance, and regulatory requirements