Cyber Assessment Framework Specialist - Bristol - Contract
Location: Bristol (Hybrid)
Rate: £300 - £400 per day (Umbrella)
Contract Length: 3 Months
IR35 Status: Inside IR35
Role Overview
The Cyber Assessment Framework Specialist will lead the design, implementation, and continuous improvement of an enterprise Cyber Security Controls Framework. This role is governance-focused and does not involve operating security controls directly. Instead, you will act as the architect, custodian, and administrator of the framework, embedding it consistently across business units and ensuring it effectively supports organisational objectives.
You will play a key role in strengthening cyber resilience by improving visibility of control health, enabling risk- and resource-informed decision-making, and driving clear accountability across the full control lifecycle. The role requires strong collaboration skills to break down organisational siloes and align integrated business processes.
Key Responsibilities
Design, implement, and maintain an enterprise Cyber Security Controls Framework aligned to business strategy and regulatory requirements
Act as the central governance authority for the cyber control framework, ensuring consistency, clarity, and effectiveness across business units
Embed the framework across the organisation through clear ownership models, accountability structures, and aligned governance processes
Apply design thinking and systems thinking approaches to improve control visibility, usability, and sustainability
Establish mechanisms to monitor, assess, and report on control health, maturity, and effectiveness
Enable informed decision-making by providing transparent insight into cyber risk, control gaps, and resource prioritisation
Facilitate collaboration between security, risk, technology, and business stakeholders to reduce organisational siloes
Support internal and external audit and assurance activities related to cyber governance
Drive continuous improvement of governance processes based on feedback, performance data, and evolving threat landscapes
Skills & Experience Required
Essential:
Proven experience in cyber security governance, risk, and control frameworks (e.g. NIST, ISO 27001, CIS, COBIT)
Strong experience with cyber assessment frameworks and control lifecycle management
Experience operating within large, complex, or regulated enterprise environments
Ability to influence and engage senior stakeholders without direct authority
Strong analytical capability, translating technical risk into business-focused insights
Excellent communication, facilitation, and stakeholder management skills
Randstad Technologies is acting as an Employment Business in relation to this vacancy.