Role Overview

We’re looking for an experienced Senior Cyber Risk Analyst to join a purpose-driven organisation on a part-time basis. In this role, you’ll take the lead in strengthening the organisation’s security posture by driving forward incident response, vulnerability management, and compliance initiatives. You’ll be a key player in embedding security best practices across the business and ensuring alignment with industry standards.

Responsibilities

• Work 7-hour days, 3 days a week

• Act as a trusted advisor on information security matters, supporting projects, solution development, and change initiatives with expert guidance.

• Perform regular risk evaluations to uncover and address potential security gaps.

• Lead the end-to-end management of security incidents, ensuring swift and effective resolution.

• Design and deliver engaging training sessions to raise awareness and promote a security-first mindset across the organisation.

• Monitor the evolving threat landscape and develop proactive strategies to mitigate risks.

• Coordinate internal and external audits, ensuring readiness and compliance with relevant standards.

• Oversee the performance and strategic direction of the Security Operations Centre (SOC).

• Contribute to the development of a long-term security roadmap that supports the organisation’s strategic goals.

• Ensure ongoing compliance with frameworks and certifications such as Cyber Essentials Plus, ISO 27001, and PCI DSS.

What you'll need to succeed

• Willingness to work 7-hour days, 3 days a week

• Demonstrated expertise in conducting technical security risk assessments and developing threat models.

• Comprehensive knowledge of core cybersecurity domains, including network, endpoint, and cloud security.

• Skilled at translating technical vulnerabilities into business-relevant language for diverse audiences.

• Hands-on experience operating in or collaborating with a Security Operations Centre (SOC).

• Well-versed in applying recognised risk management methodologies such as ISO 27005 and NIST Risk Management Framework.

• Strong written and verbal communication abilities, with a focus on clear reporting and stakeholder engagement.

• Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH would be preferred.

• Familiarity with Governance, Risk, and Compliance (GRC) platforms and maintaining structured risk registers.

• Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates.

What you'll get in return

• Guaranteed 3-Month contract

• £28.49 p/h PAYE or £36.98 p/h UMB

• Fully remote working - if travel is needed it will be expensed

• Part-time work whereby you work 3 days a week

What you need to do now

If you're interested in this role, send your CV to Julia.Hernandez@Hays.com.

If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.