My client is seeking an experienced Lead Information Security Engineer to support its Shadow IT and Data Protection programme. This role focuses on governance, enforcement, and escalation for unapproved SaaS and cloud applications, helping the business manage data security and third‑party risk while balancing operational impact. The role will be an initial 12 month day rate contract with the requirement to be onsite 2-3 days a week. Responsibilities Own key elements of the Shadow IT enforcement and governance process Define and operate a blocking and escalation framework for unapproved applications Assess risk based on data sensitivity, access, and exposure Manage exceptions, unblock requests, and high‑impact escalations Document decisions clearly, including technical impact and policy alignment Work closely with security, technology, legal, privacy, and business teams Track and report Shadow IT metrics, trends, and outcomes Contribute to the ongoing maturity of a scalable Shadow IT governance model Strong background in information security engineering within large environments Hands‑on experience with security governance, data protection, and risk management Exposure to SaaS, cloud applications, and third‑party risk Confidence making and defending risk‑based decisions Experience with policy interpretation, enforcement, and escalation management Strong analytical and documentation skills Experience with CASB, SSPM, or DSPM Cloud security exposure Automation or data analytics experience (e.g. Power BI, Alteryx, Power Automate) For more information, reach out to imran.jiwo@nicollcurtin.com
#J-18808-Ljbffr