Senior / Technical Security Risk Consultant (SC)

About the RoleAs a Technical Cyber Risk Consultant, you will work closely with clients across government, defence and regulated sectors. You will operate as a trusted advisor, working alongside senior stakeholders and technical teams to deliver pragmatic, risk-led outcomes. Key ResponsibilitiesProvide expert advice on cyber risk management frameworks including ISO 27005 and NIST RMFLead risk identification, assessment and treatment across applications, infrastructure and digital servicesFacilitate structured risk workshops and threat modelling sessionsAssess solution architectures to identify security risks and control gapsReview and interpret IT Health Check outputs and define clear remediation plansProduce concise reporting on risks, vulnerabilities and treatment optionsMaintain and manage risk registers including residual risk positionConduct gap analysis against recognised security frameworksEvaluate third party suppliers and assess control effectivenessProduce audit reports, controls assessments and security briefingsWork with delivery teams to ensure security is embedded throughout

Experience RequiredThis role is aligned to a technically credible and delivery focused consultant / cyber risk practioner; with an emphasis on real world risk assessment, not theory. Success will come from strong judgement, hands-on experience and the ability to operate effectively in a clearance constrained, stakeholder heavy environment.Proven experience as a technical cyber risk practitioner, not purely advisoryStrong technical background with hands-on delivery of system level risk assessments across infrastructure, applications and cloud environmentsDemonstrable experience identifying, assessing and treating risk within live systems, not just framework alignmentExperience operating in secure and regulated environments, ideally government or defenceProven ability to engage senior stakeholders and influence decisionsAbility to translate technical findings into clear, actionable risk outcomesConfident leading risk workshops, threat modelling and control assessmentsExperience working within Agile delivery environmentsStrong analytical capability and sound judgementAny candidates must have an active SC level of security clearance to be considered. Technical KnowledgeSecurity frameworks including ISO 27001, NIST CSF, CIS and NCSC guidanceRegulatory landscape including GDPR and PCI DSSFamiliarity with HMG and NCSC standardsModern technology environments:Cloud platforms such as Azure, AWS and Google CloudMicrosoft 365Infrastructure and network securityZero Trust principlesUnderstanding of security architecture concepts CertificationsRelevant industry certifications such as CISSP, CISM, CRISC or equivalent. Candidates should either hold, or be working towards, Full Membership of CIISEC and professional registration with the UK Cyber Security Council at Chartered or Principal level in Cyber Security Governance and Risk Management. What's in it for You Exposure to complex, high impact work in high trust environmentsDirect engagement with senior client stakeholdersOpportunity to shape risk led security decisionsOngoing professional developmentFlexible working / Remote first

Senior / Technical Security Risk ConsultantLocation: Remote with occasional UK travelContract Type: Permanent & Full-timeSecurity Clearance: Active SC clearance requiredSalary: Competitive + Benefits