GRC Consultant

As part of the Consulting team, you will support both new and existing clients to design, assess, and implement effective cyber security risk management solutions tailored to their needs. Working closely with client stakeholders, you will complement in-house Information and Cyber Security teams by providing expert guidance across information security, solution architecture, and business risk.

In this role, you will:

• Provide Secure by Design risk and security assurance services
• Apply strong knowledge of risk management frameworks
• Collaborate with multi-disciplinary teams to ensure solutions align with business risk appetite
• Produce clear, concise reports detailing vulnerabilities, risks, controls, and treatment plans
• Facilitate security and risk workshops with Authority stakeholders
• Deliver practical, business-aligned remediation and risk management advice
• Support security risk assessment within agile delivery environments
• Demonstrate strong teamwork, communication, and stakeholder engagement skills
• Apply broad knowledge of cyber security across public and private sectors
• Understand modern IT and security technologies

• Security Assurance Coordinator or Delivery Team Security Lead experience
• MOD and government standards
• Secure system design
• MOD/GDS Secure by Design principles
• Supplier assurance and supply-chain risk
• Security legislation
• Security frameworks: ISO 27001, NIST CSF, CIS Controls v8
• HMG, NPSA, and NCSC policies and guidance
• Secure by Design within the SDLC
• Threat modelling techniques
• HLD/LLD review and assurance

• Cloud security
• Network and infrastructure security
• AI security and governance
• ITHC scoping and remediation
• Cryptography, PKI, Zero Trust, PAM, RBAC, Cross Domain Solutions
• Cloud security posture management and endpoint security tooling

• Achieved or working toward Full Membership of CIISEC
• UK Cyber Security Council registration

This role will require you to be willing and eligible to undergo a high level of UK security clearance.

If you're interested in the above, apply or reach out to steven.mitchell@sandersonplc.com.

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.