Cybersecurity Consultant

This role is outside IR35

We are seeking an experienced hands‑on Senior Cybersecurity Consultant to support a major enterprise customer in delivering a Cybersecurity Assessment & Resilience Programme.

This full‑time, 6+ month project combines senior‑level customer engagement and leadership with practical, day‑to‑day delivery.

You will not simply define strategy, but also actively conduct assessments, produce security artefacts, support remediation activities, and work alongside customer teams to implement improvements.

The successful candidate will be comfortable operating both at the whiteboard and in the detail, acting as a trusted advisor while remaining directly accountable for tangible security outcomes.

• Ongoing cybersecurity assessments and reviews of policies, procedures, controls, and governance
• Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on‑prem, cloud, and third‑party environments
• Advisory support for incident response planning, crisis management exercises, and resilience improvements
• Support to SOC operations, including process improvement and escalation protocols
• Supplier and third‑party security assessments, working closely with Procurement, Supplier Management, Bid and Sales teams
• Contribution to security governance forums, risk reviews, and senior stakeholder briefings
• Development and maintenance of security documentation, reports, and recommendations
• Delivery of targeted security awareness and training initiatives
• Provision of regular status updates, monthly progress reports, and end‑of‑phase summary reporting

• Must have extensive experience operating at CISO, Deputy CISO, or Senior Security Leadership level within complex enterprise environments
• Strong hands‑on background in cybersecurity governance, risk management, and security operations
• Proven experience delivering cybersecurity assessments, audits, and improvement programmes
• Demonstrable experience with incident response, crisis management, and cyber resilience planning
• Experience assessing supplier and third‑party cybersecurity risk across the supply chain
• Strong understanding of recognised security frameworks and standards (e.g. ISO 27001, NIST, NIS2, TISAX, Cyber Essentials)
• Ability to engage confidently with senior executives and technical teams, providing clear, pragmatic security advice
• Excellent written and verbal communication skills, with experience producing executive‑level reports and presentations
• Ability to manage priorities, deliver to agreed timelines, and operate effectively in a customer‑facing delivery role

• Relevant security certifications (e.g. CISSP, CISM, CCISO, CRISC, ISO 27001 Lead Auditor)
• Experience working across regulated industries and/or multinational environments
• Previous experience operating as an embedded / virtual CISO or security delivery lead