Key skills
Cyber SecurityChange Management
About this role
Role Overview
- Develop and document a Configuration Management Plan aligned to recognised frameworks such as NIST.
- Define and establish secure configuration principles, translating technical requirements into clear, actionable policy.
- Design and document governance processes, including roles and responsibilities across the 2nd Line of Defence.
- Support the rollout and adoption of governance frameworks, working closely with business change and communications teams.
- Enhance change management processes, including contributing to Change Advisory Board (CAB) inputs and governance controls.
- Work with stakeholders to embed security standards into day-to-day operations across technology and business teams.
- Gather and interpret configuration compliance data to support governance and assurance activities.
- Simplify complex security concepts into practical guidance that can be understood and applied by non-technical stakeholders.
- Maintain high-quality documentation to support audit, compliance, and continuous improvement.
Requirements
- Experience working within cyber security governance, risk, or security controls roles.
- Strong understanding of security frameworks such as ISO 27001, NIST, or similar.
- Experience developing or contributing to security policies, standards, or governance frameworks.
- Ability to translate security requirements into practical processes and guidance for business teams.
- Experience working in regulated environments such as energy, utilities, or financial services.
- Strong stakeholder engagement skills, with the ability to work across technical and non-technical teams.
- Excellent documentation skills, with a structured and detail-oriented approach.
It would be great if you also had:
- Experience developing or implementing configuration management or secure configuration standards.
- Exposure to change management processes and governance forums such as CAB.
- Understanding of security controls across areas such as access management, configuration, or asset management.
- Experience supporting the rollout or embedding of new governance processes across an organisation.
Tech Stack
- Cyber Security
Benefits
- Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
- Flexible working: Flexible work arrangements to support your work-life balance. We can’t promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can.
- A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.