Cyber Security Consultant - Risk

Location: Remote with travel as required (40–60%)
Contract Type: Full-time / Permanent
Salary: Competitive + Benefits

At Cyberfort, we’re securing the digital future. As a leading UK provider of cybersecurity solutions, we deliver cutting-edge services in Managed Detection & Response (MDR), Penetration Testing, Security Operations, and Strategic Consulting.

We’re large enough to offer exciting opportunities, yet agile enough to ensure every voice is heard. At Cyberfort, you’re not just joining a company, you’re becoming part of a mission-driven team.

• Purpose-Driven Work – Help protect businesses and communities from evolving cyber threats.
• Growth & Development – Access mentoring, apprenticeships, graduate schemes, and continuous learning platforms.
• Inclusive Culture – We champion diversity through our Women’s Network, Neurodiversity Awareness, and Inclusion Committee.
• Flexible Working – Hybrid and remote options to support work-life balance.
• Top-Tier Benefits – Competitive salary, private healthcare, wellbeing support, generous holiday allowance, and more.

As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You’ll collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals.

You’ll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. This role supports the next phase of Cyberfort’s growth and contributes to our mission of enabling clients to make proportionate, risk-informed decisions.

• Deliver Secure by Design risk and security assurance functions within MOD/Public Sector.
• Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management.
• Facilitate security and risk workshops with Authority departments.
• Produce clear reporting on vulnerabilities, risks, controls, and treatment activities.
• Provide pragmatic remediation and risk management guidance.
• Support secure design across technology platforms including cloud infrastructures.
• Contribute to blogs and research within the Cyberfort community.

Proven experience working in Governance, Risk and Compliance within Public Sector/MOD.

Strong analytical, communication, and teamwork abilities. Passion for cybersecurity and continuous learning.

• Security Assurance Coordinator or Delivery Team Security Lead roles
• MOD/GDS Secure by Design Principles
• JSP440, JSP604/453, JSP490
• Supplier Chain Assurance
• Security legislation (GDPR, PCI DSS, ICO)
• ISO 27001, NIST CSF, CIS Controls v8
• Threat modelling, kill chain, attack tree analysis
• Cloud security (AWS, Azure), containerisation, firewalls
• Secure SDLC implementation
• HLD/LLD reviews
• ITHC scoping and remediation
• AI security (ISO42001 desirable)

Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered or Principal).

Clearance:

• Must hold an active and transferable NSV SC clearance
• Due to the nature of the projects, you’ll be working on, you will also be eligible and willing to undergo / maintain appropriate Developed Vetting security clearance
• Must be a British citizen / UK resident

We understand that one size doesn’t fit all. If you need adjustments during the recruitment process, we’re here to support you. Cyberfort is proud to be a Disability Confident Employer, a CyberFirst partner, and a signatory of the Armed Forces Covenant.

If you’re passionate about cybersecurity and want to make a real impact, we’d love to hear from you.

• Cyberfort Careers Page: https://careers.cyberfortgroup.com/
• Working at Cyberfort: https://cyberfortgroup.com/about-us/careers-working-at-cyberfort/
• LinkedIn: https://www.linkedin.com/company/cyberfortgroup/