Principal Cyber Security Consultant

Job Title: Principal Cyber Security Consultant

Contract Type: Permenent

Flexibility: This role is available part-time, job-share or full time. This is because we want the best people for our roles, and we recognise that sometimes those people aren’t available full-time.

Location: In terms of location, we have offices in Bath, Bristol & London, and we are happy to explore flexible and hybrid working arrangements. Please note that travel to customer sites or to attend meetings will be required.

About BMT
BMT is dedicated to tackling the most crucial engineering challenges of our era, fostering an environment where individuals with exceptional technical expertise provide meaningful, practical solutions. Committed to creating a safer, more efficient, effective, and sustainable future, BMT values diversity, equity, and inclusion, recognisng their pivotal role in achieving our business purpose. Learn more about BMT at www.bmt.org .

At BMT, we pride ourselves on being a verified flexible workplace, providing freedom and choice. We understand not everyone has the same needs in order to make work work for them and their lives - we'd love you to discuss any requirements for flexibility with us - we can't promise to fulfil every request but we do promise to listen to what matters to you. Learn more about our flexible status at Flexa Careers

Why Work for Us?

Joining BMT means gaining access to a comprehensive set of employee benefits designed to empower your success. In addition to a competitive salary, our offerings encompass health, family, finance, and personal development, including:

• Private Medical (family coverage)
• Enhanced Pension
• 18 weeks enhanced maternity pay (after a qualifying period of 1 year)
• Family friendly policies
• Committed to an inclusive culture
• Wellbeing Fund – an annual fund for personal hobbies or interests
• Holiday Trading
• Professional Subscriptions

We are seeking an experienced Principal Cyber Security Consultant to join our team and engage in a diverse range of client projects within the defence, national security, environmental, and research sectors.

This includes the provision of strategic risk management advice and/or technical consultancy within the context of cybersecurity.

You will join a team of highly skilled professionals dedicated to safeguarding technologies and systems, many of which are critical to UK defence and national security.

To deliver this outcome, you must be passionate about cyber security and apply your deep understanding and experience of HMG, NCSC, and international cyber standards. The role will require excellent stakeholder management and communication skills to build the trust and support necessary for successful outcomes.

You will be supported by team members in a highly collaborative environment, a structured learning and development programme, and will have opportunities for growth within an expanding team.

If you're ready to make a real impact and work with a fantastic team, we'd love to hear from you.

We’d love to hear from you if you can demonstrate expertise in at least one of the following areas:

• Security governance, risk and compliance (GRC), aligned with HMG cybersecurity and information assurance policies, standards, and guidance with experience in consultancy or supplier roles.
• Securing OT (Operational Technologies) with knowledge and understanding of challenges, particularly within military platforms and/or Critical National Infrastructure (CNI)
• Federation of Security Operations Centre (SOC)operations across two or more organisational environments such as enterprise, edge/deployed environments or cloud . Demonstrable knowledge of cyber detection (e.g., threat identification/intelligence, real-time monitoring, anomaly detection) and cyber response (e.g. incident response, eradication and remediation, recovery, post-incident analysis).
• DevSecOps.
• Zero Trust Architecture (ZTA) expertise for enterprise, cloud and air-gapped environments along with knowledge of operational use of Zero Trust within any of the following: , IdAM systems, application security, supply chain security, data protection, other.

As a Principal Cyber Security Consultant, you will be responsible for leading technical delivery teams, shaping and carrying out complex technical work, leading technical input into bid work, engaging with clients to define the scope of work for new projects, and supporting other cyber security professionals in their career development. People applying for the BMT Principal Cyber Security Consultancy role typically hold or are operating at the least the principal level of the UK Cyber Security Council’s chartership scheme.

Excellent consultancy skills are essential, including verbal and written communication skills, and stakeholder engagement and management. Line management experience would be beneficial for this role.

In addition, the following technical knowledge or experience will be helpful for some of our projects:

• Expertise in consultancy.
• Knowledge of secure by design.
• Cybersecurity industry standards (e.g. NIST, ISO 27001, ISA/IEC 62443, etc).
• An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing).
• An understanding and/or experience with SIEM, SOAR and EDR.
• Knowledge and/or understanding of data and analytics in terms of cybersecurity implications.

Missing skills? Let us be the judge! BMT are passionate about people; we recognise that technology moves quickly and that no one can learn everything, which is why we seek those who can adapt and demonstrate the aptitude to learn. With enthusiasm and the right attitude, we can help you discover your potential.

This role will require full UK security clearance and you should have resided in the UK for the past 5 years

If you are ready to contribute your skills and passion to a dynamic team addressing impactful challenges, we invite you to apply for this exciting opportunity with BMT. Join us in shaping a safer, more efficient, and sustainable future.

A message to recruitment agencies: We receive applications exclusively via our ATS. Please note that we do not accept CVs submitted via email to the HR department or staff within our Operational teams. We will not progress CVs shared on a speculative basis by email and you accept our right to pursue such candidates with no obligation to third-party terms and conditions or liability to a fee