Information Security Consultant
Role details
Job location
Tech stack
Job description
We are seeking an experienced and proactive Information Security Consultant to join our client's team. This is a fully remote position offering the opportunity to work with a diverse portfolio of clients, helping them strengthen their security posture and manage risk in an evolving threat landscape. You will play a key role in delivering security advisory services, conducting assessments, and supporting organisations in aligning with industry standards and best practices. The role will also involve supporting clients with modern security challenges including threat modelling, secure-by-design practices, and emerging AI security considerations.
Requirements
Key ResponsibilitiesProvide expert guidance on information security strategies, frameworks, and best practicesConduct security risk assessments, gap analyses, and auditsSupport clients in achieving and maintaining compliance (e.g. ISO 27001, NIST, GDPR)Develop and review security policies, procedures, and documentationPerform vulnerability assessments and coordinate remediation effortsDeliver threat modelling workshops and support secure solution design activitiesAdvise on AI security risks, governance, and secure adoption of AI technologiesDeliver security awareness training and workshopsAssist in incident response planning and post-incident reviewsCollaborate with technical and non-technical stakeholders to embed security into business processesRequired Skills & ExperienceProven experience in an Information Security Consultant or similar roleStrong understanding of security frameworks (ISO 27001, NIST, CIS Controls)Experience conducting threat modelling exercises and risk-based security assessmentsKnowledge of AI security principles, AI governance, or securing AI-enabled solutionsKnowledge of risk management methodologiesExperience with vulnerability management tools and techniquesFamiliarity with cloud security (AWS, Azure, or GCP)Understanding of networking, systems architecture, and common attack vectorsExcellent communication and stakeholder management skillsAbility to work independently in a fully remote environmentDesirable QualificationsProfessional certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/AuditorExperience in consultancy or client-facing rolesExposure to penetration testing or security engineeringKnowledge of secure software development practices and DevSecOpsWhat We OfferCompetitive salary up to £75,000Fully remote working with flexible hoursGenerous holiday allowanceProfessional development and certification supportPension scheme and additional benefits