Principal Cyber Security Consultant - Critical National Infrastructure (CNI)

Qodea is Europe’s largest Google Cloud specialist partner and a leading cloud consultancy with offices in the UK, Netherlands and Romania. This role is working for tmc3 who is part of the Qodea group of companies.

tmc3 is a cyber security consultancy that helps organisations of all sizes protect, comply and thrive in the digital era. Our leadership team founded tmc3 with a shared goal of making data protection and cyber security a business enabler. We strive for passion, collaboration, and perseverance to ensure the best outcomes for our customers and partners every time.

We are looking for a Principal Cyber Security Consultant to play a key role to our success within the Critical National Infrastructure (CNI) sector, focusing on the successful delivery of projects and identifying opportunities to partner with organisations in this space.

Please note: There would be a requirement for the role holder to undergo SC Clearance. We are unable to consider candidates who are unable to obtain SC level clearance.

We are looking for a leader with enviable consulting experience helping public sector organisations with complex cyber security challenges. As a Principal Consultant, you will be a key member of the tmc3 team, developing new business and strong customer relationships while leading and delivering great work.

With one foot in the delivery, one foot in the strategic and a leading proposition development, this role is highly varied and calls for someone who is autonomous and a self-starter.

With a range of customers across the public sector, we’ll offer you fascinating work, excellent opportunities for growth and the freedom to realise your potential. Combining strategies, technologies and innovation, we make cyber security a business enabler, delivering enduring results and enabling you to build a successful and rewarding career.

To do this, we would expect you to have strong contacts in relevant sectors and be passionate about leveraging your network and your technical knowledge to meet customer’s needs. This is an exciting chance to drive cyber security change through helping customer organisations navigate this ever-changing space.

• Build and manage excellent networks and customer relationships (typically at CIO, CTO, COO, CISO or Head of Technology level) across a range of organisations within the public sector.
• Take accountability for the delivery of cyber security engagements and leading multiple engagements on a day to day basis.
• Be a trusted and respected leader. Building and running a highly effective team that delivers customer outcomes and develops the team and individuals.
• Introduce systems, processes and experience to improve delivery output.
• Support business development initiatives and produce compelling consultancy propositions for public sector opportunities.
• Draw on your sector network and take responsibility for initiating, leading and winning new business.
• Develop and maintain industry awareness and best practices, relating to legislation & regulations, emerging threats, areas of operation and technology, surrounding Information Security and Data Protection; and compete in knowledge transfer activities.
• Offer advice and guidance on Information Security and Data Protection, to employees at all levels, to safeguard the confidentiality, integrity and availability of client and business information.

• Build and manage excellent networks and customer relationships (typically at CIO, CTO, COO, CISO or Head of Technology level) across a range of organisations within the public sector.
• Take accountability for the delivery of cyber security engagements and leading multiple engagements on a day to day basis.
• Be a trusted and respected leader. Building and running a highly effective team that delivers customer outcomes and develops the team and individuals.
• Introduce systems, processes and experience to improve delivery output.
• Support business development initiatives and produce compelling consultancy propositions for public sector opportunities.
• Draw on your sector network and take responsibility for initiating, leading and winning new business.
• Produce thought-provoking pieces to raise the profile of tmc3 in the sector
• Lead, engage and motivate the Information Security team to execute customer delivery objectives.
• Build the capability of the team by providing subject matter expertise, support and coaching.
• Develop and maintain industry awareness and best practices, relating to legislation & regulations, emerging threats, areas of operation and technology, surrounding Information Security and Data Protection; and compete in knowledge transfer activities.
• Offer advice and guidance on Information Security and Data Protection, to employees at all levels, to safeguard the confidentiality, integrity and availability of client and business information.

• Proven experience delivering major cyber security or digital transformation programmes within Critical National Infrastructure (CNI), ideally across energy generation, utilities, or similar regulated sectors.
• Strong understanding of Operational Technology (OT) environments, with hands-on experience in securing and modernising legacy systems, including DCS, SCADA, and ICS, aligned to NCSC CAF, IEC 62443, and NIST 800-82.
• Direct experience supporting Ofgem regulatory reporting and compliance, including preparation of ISSA returns, evidence packs, and action tracking in line with NIS Regulations and sector-specific cyber expectations.
• Demonstrated ability to lead complex programme delivery, including resource prioritisation, mobilisation of multidisciplinary teams, and effective engagement with business, technical, and regulatory stakeholders.
• Skilled in operating at both strategic and delivery levels, with a track record of aligning cyber and digital programmes to broader organisational goals, risk appetites, and performance outcomes.

• Competitive Market Salary
• Annual and referral bonus schemes
• 25 days holiday (increasing after time)
• Remote working
• Flexible Working (around core office hours)
• Company Pension
• Dedicated training and development budget
• Professional membership budget
• Home office equipment (for remote working employees)
• Electric Vehicle Scheme
• Group Life Insurance
• Private Medical Cover
• Enhanced Maternity / Paternity
• Employee discount and rewards platform
• Vision Care
• Regular team social events