Please check your email .
Information Security & Resilience Consultant - M&A
6-Month contract - Inside IR35 - up to 500 per day
Hybrid working - 2 days a week onsite - either London or Bradford based
We are seeking two highly skilled, hands-on Contract Information Security & Resilience Consultants to support several critical, high-priority strategic initiatives.
In this dual-role, you will be responsible for executing rigorous security due diligence on upcoming M&A activities, maintaining and maturing our Information Security Management System (ISMS) compliance frameworks, and driving our Business Continuity and Resilience programs.
Key Responsibilities
Due Diligence Assessments: Conduct comprehensive cybersecurity risk assessments and security due diligence on target acquisition companies.
Control Evaluation: Review target company security controls, policies, third-party assurance reports (e.g., SOC 2, ISO certifications), and historical security incident logs.
Identify deal-impacting risks, quantify remediation effort (cost/timeline ranges), and advise on onboarding security priorities.
Integration Roadmapping: Identify risk areas and formulate actionable post-acquisition security integration roadmaps and transition plans.
Framework Governance: Assess, maintain, and mature existing security frameworks aligned with ISO/IEC 27001 and SOC 2 Type II.
Develop and maintain information security policies, standards, and procedures aligned to these standards and business objectives.
Run security risk assessments, update risk registers, and drive risk treatment/remediation plans.
Remediation & Evidence: Identify control gaps, collaborate with internal system owners to implement remediation plans, and collect audit-ready evidence.
External Audits: Assist in preparing the business, staff, and control owners for upcoming external surveillance and compliance audits.
Plan Development: Lead the review and update of Business Continuity Plans (BCPs) across key business departments
Impact Analysis: Facilitate Business Impact Analyses (BIAs) to identify critical business processes, evaluate upstream/downstream dependencies, and define Recovery Time Objectives (RTOs)
Testing & Exercises: Design and execute tabletop exercises and simulation tests to validate recovery strategy effectiveness
Perform vendor risk assessments, review security clauses, and ensure suppliers meet security and business continuity requirements.
Manage the relationship with our outsourced managed IT and information security suppliers
Deliver security awareness initiatives and provide advisory support to projects and teams.
Communicate risks and recommendations clearly to leadership and non-technical stakeholders.
Required Skills & Experience
Disclaimer:
This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
Pro Contract Jobs
Sterling House,
East Wing, Suit 310E,
Langston Road,
Loughton, IG10 3TS.
Phone No: 0203 371 1252
2026 © Pro Contract Jobs. ALL Rights Reserved.
Powered by: Talenetic Job Board Software