Policy Framework Specialist - Inside IR35 - SC Cleared

Policy Framework Specialist - Cyber & Security Governance - SC Cleared

We are seeking a delivery-aware and detail-focused Policy Framework Specialist to support the development, alignment and communication of policy frameworks within a secure and regulated cyber environment.

You will work at the intersection of security policy, assurance and delivery, ensuring that cyber, information and compliance policies are clear, coherent, and actionable.

Key Responsibilities

• Support the development, drafting and refinement of cyber and information security policy documents, standards and guidance materials.

• Maintain a structured policy framework that aligns with organisational requirements, legal obligations and external standards (eg JSP 440, JSP 604, ISO27001, NCSC, NIST, GDPR).

• Collaborate with cyber, risk, legal, assurance and delivery stakeholders to ensure policies are fit-for-purpose and support effective implementation.

• Track changes to policy inputs (eg regulatory updates, contractual requirements, evolving threat landscape) and recommend updates or mitigations.

• Provide input into awareness materials, training content and communication plans to promote policy understanding.

• Support audit, assurance or accreditation activity through the provision of clear, referenceable policy content.

Skills & Experience

• Active SC Clearance

• Strong understanding of security and cyber policy frameworks including:

• JSP 440/JSP 604

• NCSC Cloud Security Principles

• ISO27001/NIST Cybersecurity Framework

• Information assurance, data protection and risk governance in regulated environments

• Proven experience in writing, reviewing and maintaining formal policy documentation or guidance artefacts.