Cyber Security Consultant(SIAM,GRC)- Active Security Clearance

The Cyber Security Process Alignment & Supplier Onboarding Consultant operates within the Operational Integrator (OI) function to support the onboarding of new service providers into a multi-supplier (SIAM) environment within a Defence programme. The role focuses on translating established security processes, policies, and governance into structured onboarding materials, ensuring that incoming suppliers clearly understand their obligations and are aligned from day one. Working closely with Security Assurance, Incident, and Vulnerability Management leads, the consultant ensures that supplier processes are understood, integrated, and evidenced, rather than redesigned. The outcome is a consistent, controlled onboarding approach that enables suppliers to operate effectively within the existing security operating model. This is a governance, integration, and enablement role, not a hands-on operational security or engineering function.

Key Responsibilities Supplier Onboarding & Process Integration Develop structured onboarding packs for new suppliers covering: o Security processes (eg incident management, vulnerability management, assurance) o Policies, standards, and governance expectations o Reporting and escalation requirements Define and agree: o Supplier roles and responsibilities o Interaction models between Supplier, SI, OI and Client Act as the central integration point for onboarding suppliers into the SIAM security model Process Alignment (SIAM/OI Model) Work with Security Assurance, Incident and Vulnerability leads to translate defined processes into supplier-consumable guidance Ensure suppliers adopt and align to existing processes, with minimal change Identify and manage gaps between: o Supplier capabilities o Client expectations o Established SI/OI processes Compliance & Assurance Enablement Support the assessment of supplier: o Security Management Plans o Compliance reporting and outputs Ensure suppliers understand: o Evidence requirements o Assurance expectations o Audit and governance processes Provide confidence that suppliers can demonstrate compliance from Day 1 of service commencement Governance & Communication Support onboarding for multiple Service Commencement Dates, working across: o Incoming suppliers o Incumbent suppliers (handover) o Client stakeholders o Transition teams Ensure security expectations are: o Clearly communicated o Consistently applied o Understood at both operational and governance levels Documentation & Knowledge Transfer Produce clear, structured documentation including: o Process packs o Supplier guidance materials o Governance and reporting expectations Ensure documentation is: o Consistent across all suppliers o Aligned to NIST CSF and Secure by Design principles o Suitable for reuse in BAU onboarding Transition Support Support phased onboarding aligned to transition timelines Help ensure continuity between: o Existing (incumbent) service delivery o New supplier responsibilities Contribute to establishing a repeatable onboarding model for future suppliers Service Management & Operational Readiness Enablement Support the onboarding of suppliers across core IT Service Management processes, ensuring alignment with client operational standards and governance Work with service management and security leads to ensure supplier readiness in areas such as: o Incident and vulnerability management o Backup and recovery o Monitoring, alerting and operational reporting o Access control and service request processes Ensure suppliers are able to: o Demonstrate operational readiness for Service Commencement (including ORR and service readiness assessments) o Provide appropriate evidence to support operational baselines and ongoing updates Coordinate with transitioning and exiting providers to validate: o Service baselines o Handover completeness o Alignment to agreed operational and security expectations

Essential Experience in cyber security governance, GRC, or security process roles Experience working in multi-supplier or SIAM environments Strong understanding of security processes such as: o Incident Management o Vulnerability Management o Security Assurance Ability to interpret operational outputs (eg SOC reporting) without direct tool ownership Strong stakeholder engagement and coordination skills Experience supporting audit, compliance, and assurance activities Experience working in transition or transformation programmes Desirable Knowledge of: o NIST Cyber Security Framework (CSF) o Secure by Design principles o NCSC/UK Government security guidance Experience in defence or other high-security environments Key Deliverables Supplier onboarding packs aligned to security processes and governance Standardised supplier interaction model within SIAM Supplier-aligned process documentation and guidance Verified supplier readiness for Service Commencement Repeatable onboarding approach for future suppliers