Governance & Risk Management Consultant
Posted Today by Infoplus Technologies UK Limited
£500 Per day
Inside
Hybrid
Leeds, England, United Kingdom
Summary: The Governance & Risk Management Consultant role requires a seasoned professional with over 15 years of experience, focusing on compliance mapping and vulnerability risk management. The consultant will work primarily in Leeds, managing security frameworks and vulnerability lifecycles across hybrid and cloud environments. The position demands strong stakeholder engagement and governance oversight to ensure compliance and risk management. This role is expected to last for six months with a hybrid working arrangement.
Key Responsibilities:
- Map NHS platforms against Security Controls Frameworks with focus on vulnerability management
- Track and manage security issues via Security Issue Management Tracker
- Escalate unresolved risks to Cyber Operations and governance forums
- Conduct weekly risk reviews and support audit readiness
- Work with product owners to identify risks and prioritize vulnerability remediation
- Report to senior management on remediated, mitigated, and residual risks
Key Skills:
- Security Controls Framework mapping (NIST, ISO 27001, NHS DSP Toolkit, NCSC CAF)
- Strong exposure to vulnerability risk management across hybrid and cloud estates (AWS, Azure)
- Governance oversight of vulnerability burn-down across platforms, applications, servers, and systems
- Compliance reporting aligned to hardening standards (permissive accounts, IaC, etc.)
- Risk and issue assessment, tracking, and lifecycle management
- Compliance evidence collation and governance reporting
- Stakeholder engagement and program oversight
Salary (Rate): £500 daily
City: Leeds
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: Senior
Industry: Other
Rate – 500/day Inside IR 35 SC Cleared – Leeds based – 2 days a week so preferred from this location and for 6 months. We are looking for a Governance & Risk Management Consultant (15+ years experience) with strong expertise in compliance mapping, vulnerability risk management, and risk escalation. The role focuses on aligning platforms to security frameworks and managing vulnerability lifecycles across hybrid and cloud environments.
Key Skills Required
- Security Controls Framework mapping (NIST, ISO 27001, NHS DSP Toolkit, NCSC CAF)
- Strong exposure to vulnerability risk management across hybrid and cloud estates (AWS, Azure)
- Governance oversight of vulnerability burn-down across platforms, applications, servers, and systems
- Compliance reporting aligned to hardening standards (permissive accounts, IaC, etc.)
- Risk and issue assessment, tracking, and lifecycle management
- Compliance evidence collation and governance reporting
- Stakeholder engagement and program oversight
Key Responsibilities
- Map NHS platforms against Security Controls Frameworks with focus on vulnerability management
- Track and manage security issues via Security Issue Management Tracker
- Escalate unresolved risks to Cyber Operations and governance forums
- Conduct weekly risk reviews and support audit readiness
- Work with product owners to identify risks and prioritize vulnerability remediation
- Report to senior management on remediated, mitigated, and residual risks