Cyber Security Consultant

We are working with a UK cyber security consultancy to bring in Cyber Risk & Compliance Consultants into their advisory practice. The team supports a varied client portfolio across regulated and non-regulated sectors, with a strong focus on helping clients evidence security maturity, manage regulatory exposure, and improve control environments in practical, defensible ways.

The role is broad. One week you might be running a controls gap assessment against ISO 27001; the next, supporting a client through a regulatory submission, building out a risk register, or working through third-party risk on a critical supplier. You'll be working alongside senior consultants on live engagements from the start, with structured support to grow into more independent delivery., * Cyber risk assessments, controls gap analyses and maturity reviews against ISO 27001, NIST Framework, GDPR etc.

• Supporting clients through certification and audit cycles - evidence, control mapping, remediation.
• Producing risk registers, treatment plans and improvement roadmaps clients can actually execute.
• Cloud and SaaS security reviews, translating findings into pragmatic recommendations.
• Third-party and supply chain risk assessments.
• Drafting and reviewing policies, standards and procedures calibrated to client risk appetite.
• Clear reporting and stakeholder communication, from technical teams to board level.

• 3-7 years in cyber risk, information security, compliance or audit.
• Working knowledge of ISO 27001, NIST, GDPR.
• Certifications: ISO 27001 LI/LA, CISA, CRISC, CISM, CISSP.
• Cloud security review experience (AWS, Azure, M365).
• Strong written and verbal communication across technical and executive audiences.

• £60,000 + benefits package
• Hybrid working
• Clear career progression pathway