Job Specifications
Security Programme Manager, 12 months, £600 - £700/day, SW London (Hybrid)
We are seeking an experienced Senior Technical Programme Manager to lead a comprehensive security improvement initiative across our client's hospitality organisation. This is a contract role responsible for coordinating internal teams and external consultants to deliver a multi-faceted security enhancement programme expected to span 12+ months. You'll be driving a full-scale transformation of our client's digital security environment, turning up the heat on legacy systems, and building a next-gen, Zero Trust security architecture that scales with their brand.
Key Responsibilities
Lead and coordinate a comprehensive security improvement programme spanning multiple workstreams
Manage and synchronize efforts between internal teams and external security consultants
Lead and facilitate programme planning activities including:
Conducting planning workshops and sessions with stakeholders Developing detailed implementation roadmaps
Creating and maintaining programme backlogs
Prioritizing workstreams based on risk assessment and business impact
Coordinating resource allocation across multiple concurrent initiatives
Develop and maintain detailed programme plans with clear milestones, dependencies, and resource requirements
Establish effective metrics and reporting mechanisms to track security posture improvements
Apply security frameworks (such as NIST) to assessments and reporting, surfacing actionable, structured insights
Turn security data into strategy and deliver measurable improvements across the security landscape
Oversee specific security improvement initiatives including:
Device management and enrolment into our managed estate
Microsoft 365 tenant architecture redesign
Implementation of data governance and cleanup processes
Strategic isolation and decommissioning of legacy systems while maintaining operational continuity
Leading the retirement of Active Directory, guiding the shift to modern, cloud-native identity infrastructure
Remediation of penetration testing findings
Transition to a zero-trust network architecture
Network segmentation and decommissioning of MPLS infrastructure
Optimization of Okta implementation—streamlining access, enforcing MFA, and reducing risk
Design and establishment of a new Unified Security Operations Centre (SOC), integrating detection, response, threat intelligence, and automation
Qualifications & Experience
Proven experience (7+ years) in technical programme management, with a strong focus on IT/security transformation initiatives
Demonstrated success delivering large-scale, complex security programmes across multiple workstreams
Strong planning and facilitation skills with experience leading cross-functional planning sessions
Experience managing programmes in multi-site environments, preferably in the hospitality industry
Deep understanding of Zero Trust, IAM, endpoint management, and network segmentation
Strong understanding of infrastructure security, risk management, and compliance requirements
Practical knowledge of key security domains including endpoint management, identity management, network security, and security operations
Experience working with Microsoft 365 security features implementations
Strong stakeholder management skills with the ability to communicate effectively with both technical and non-technical audiences
Excellent documentation, reporting, and presentation skills
Experience managing external security consultants and vendors Contractor mindset: You hit the ground running, work autonomously, and know how to deliver value quickly