Advanced Resource Managers
Information Security & Resilience Consultant

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Information Security & Resilience Consultant – M&A
6-Month contract – Inside IR35 – up to £500 per day
Hybrid working – 2 days a week onsite – either London or Bradford based
We are seeking a highly skilled, hands-on Contract Information Security & Resilience Consultant to support several critical, high-priority strategic initiatives.
In this dual-role, you will be responsible for executing rigorous security due diligence on upcoming M&A activities, maintaining and maturing our Information Security Management System (ISMS) compliance frameworks, and driving our Business Continuity and Resilience programs.
Key Responsibilities
M&A Security Due Diligence
- Due Diligence Assessments: Conduct comprehensive cybersecurity risk assessments and security due diligence on target acquisition companies.
- Control Evaluation: Review target company security controls, policies, third-party assurance reports (e.g., SOC 2, ISO certifications), and historical security incident logs.
- Identify deal-impacting risks, quantify remediation effort (cost/timeline ranges), and advise on onboarding security priorities.
- Integration Roadmapping: Identify risk areas and formulate actionable post-acquisition security integration roadmaps and transition plans.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Information Security Standards & Compliance (ISO 27001 & SOC 2)
- Framework Governance: Assess, maintain, and mature existing security frameworks aligned with ISO/IEC 27001 and SOC 2 Type II.
- Develop and maintain information security policies, standards, and procedures aligned to these standards and business objectives.
- Run security risk assessments, update risk registers, and drive risk treatment/remediation plans.
- Remediation & Evidence: Identify control gaps, collaborate with internal system owners to implement remediation plans, and collect audit-ready evidence.
- External Audits: Assist in preparing the business, staff, and control owners for upcoming external surveillance and compliance audits.
Business Continuity & Disaster Recovery
- Plan Development: Lead the review and update of Business Continuity Plans (BCPs) across key business departments.
- Impact Analysis: Facilitate Business Impact Analyses (BIAs) to identify critical business processes, evaluate upstream/downstream dependencies, and define Recovery Time Objectives (RTOs).
- Testing & Exercises: Design and execute tabletop exercises and simulation tests to validate recovery strategy effectiveness.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Third-Party & Supplier Security
- Perform vendor risk assessments, review security clauses, and ensure suppliers meet security and business continuity requirements.
- Manage the relationship with our outsourced managed IT and information security suppliers.
Security Awareness & Stakeholder Management
- Deliver security awareness initiatives and provide advisory support to projects and teams.
- Communicate risks and recommendations clearly to leadership and non-technical stakeholders.
Required Skills & Experience
- M&A Security Expertise: Proven track record of executing security due diligence on target entities during corporate acquisitions.
- Compliance Mastery: Deep, hands-on experience implementing, auditing, or managing ISO 27001 and SOC 2 compliance programs.
- Business Continuity Planning: Experience designing, updating, and testing Business Continuity frameworks (experience aligning with ISO 22301 is a plus).
- Consultative Approach: Outstanding stakeholder management skills, with the ability to communicate complex security risks to business leads and M&A deal teams.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location