Information Security Consultant

We're seeking an experienced Information Security / Cyber Security Consultant to support client engagement, helping organisations understand risk, strengthen security controls, and demonstrate assurance against recognised standards and frameworks. You'll work as part of delivery teams on client-facing projects, contributing to assessments, remediation activities, and ongoing compliance programmes.

This is a hands-on consulting role combining structured advisory work with practical delivery. You'll gain exposure to organisations of varying size, sector, and maturity, while developing your technical security knowledge, client engagement skills, and consulting capability within a commercial environment.

What You'll Do

• Contribute to security assessment and improvement programmes aligned to frameworks such as ISO/IEC 27001, NIST CSF, Cyber Essentials, CAF, CSA CCM and comparable standards
• Perform structured gap analyses that consider business risk, regulatory drivers, and client priorities
• Support the execution of cyber and information risk assessments using recognised approaches (e.g. ISO 27005, NIST RMF, FAIR or similar methodologies)
• Develop, review, and maintain security documentation including policies, standards, procedures, and supporting guidance
• Assist with the design and implementation of administrative, technical, and physical security controls mapped to relevant frameworks (including ISO/IEC 27001:2022)
• Support internal audits, external assurance activities, and certification or compliance-readiness engagements
• Help clients manage evidence, metrics, and reporting to demonstrate ongoing security posture and compliance
• Contribute to client workshops, briefings, and awareness sessions to embed effective security practices

• Practical experience working with one or more recognised security frameworks such as ISO 27001, NIST CSF, Cyber Essentials, CAF, or CSA CCM
• A solid understanding of core cyber and information security principles, risk management, and control design
• Experience supporting security assessments, audits, or compliance-focused initiatives in a consulting or in-house role
• Strong written and verbal communication skills, with the ability to engage professionally with clients and internal stakeholders
• A structured, proactive approach to analysis, documentation, and problem-solving
• Relevant security certifications, or active progression towards them (e.g. ISO 27001 Implementor or Auditor)
• Awareness of AI risk management and responsible AI standards (e.g. NIST AI RMF, ISO/IEC 42001)
• Familiarity with GRC tooling such as Vanta, OneTrust, or similar platforms
• Working knowledge of Microsoft 365 and Google Workspace environments

• Remote-first flexibility with expected UK travel 1-2 times per month
• Ongoing career development with access to training and certifications
• Comprehensive benefits package including Private Healthcare, Cash-Back Plan, and enhanced wellbeing support
• Opportunity to lead high-impact security programmes across cloud, AI, and modern engineering environments