Information Security / Information Privacy SME (Contract) Location: Central London (Hybrid – 2 days onsite per week) Contract: Inside IR35 or Umbrella Engagement Duration: 6–12 months (with potential extension) Industry: Private Banking / Wealth Management Role Overview: We are seeking a highly experienced Information Security / Information Privacy Subject Matter Expert (SME) to support a leading private bank in London. This role is focused on providing strategic and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and maintenance of security policies, procedures, and frameworks. Review and strengthen current information security architecture and controls. Conduct risk assessments, gap analyses, and privacy impact assessments (DPIAs). Provide expert input on GDPR, UK Data Protection Act, and other relevant regulations. Partner with internal stakeholders across legal, compliance, IT, and operations to improve the organisation’s security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and/or Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST, and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor, CIPM, or similar. Excellent written and verbal communication skills.