Senior Cyber Risk Advisory Consultant

Job Description

Join a fast-growing, inclusive, and collaborative cybersecurity consulting firm where your expertise is valued and your career can thrive!

Our client, a specialised Cyber Security Consulting firm, is expanding rapidly. They’re looking for an ambitious and driven Senior Cyber Security Consultant to join their Cyber GRC Risk Advisory team.

About the role:

As a Senior Cyber Security Consultant, you’ll play a key role in Governance, Risk, and Compliance (GRC), helping clients across a number of sectors strengthen their security posture. You’ll work with industry-leading frameworks like Cyber Essentials (CE), Cyber Essentials Plus (CE+), NIST 2, ISO 27001/223001, DORA, and more.

This is the perfect opportunity if you’re looking for more autonomy, rapid career growth, and a dynamic environment—far from the rigid structures of large corporate consultancies.

As a Senior Cyber Security Consultant, what will you be doing?:

• Offer consultancy services to a wide range of clients with varying needs across different industries and regions. This may involve working as part of a team or taking the lead on projects. The role is expected to independently manage small to medium-sized engagements, collaborating with senior and principal consultants as needed.
• Lead and contribute to diverse security projects, including third-party risk management, mergers and acquisitions, security policy development, ISO 27001 implementation, audits and compliance (NIS 2, DORA), risk assessments, remediation programs, and more.
• Lead, manage, and deliver full cyber security engagements end-to-end, including preparing for and conducting Cyber Essentials Plus assessments, advising on required technical controls, and assisting with any required external audits.
• Support clients in establishing and enhancing third-party and supplier risk management processes, conducting maturity assessments, and advising on industry best practices.
• Identify target security operating models and maturity, helping senior client management to define and transform their security postures.
• Collaborate internally to strengthen and expand consulting capabilities in line with industry trends and client needs.

What You Bring as a Senior Cyber Security Consultant:

• 2+ years of information security consulting
• Experience of Governance, Risk, and Compliance (GRC) frameworks such as ISO 27001, ISO 223001, NIST, DORA and other regulatory standards.
• Experience conducting Cyber Essentials and Cyber Essentials Plus assessments and guiding clients through the certification process, with a strong understanding of the technical and governance requirements.
• Experience with risk assessments, gap analyses, and creating security operating models tailored to client needs.
• Confidence in client-facing roles, delivering actionable insights and security advice to stakeholders at all levels.
• A commitment to knowledge sharing, with the ability to mentor and uplift team capabilities.
• Excellent communication skills, with the ability to clearly explain and document concepts and solutions for both technical and non-technical audiences.
• Strong adaptability to juggle multiple projects simultaneously while ensuring client needs and deadlines are met.

What’s in It for You?

• Flexible Working – Mostly remote with occasional client-site visits. Office available for those who prefer hybrid working.
• Training & Certifications – Generous annual training budget to support your professional development.
• Collaborative Culture – Work in a diverse, supportive and fun environment with networking opportunities and access to industry events.

Ready for the next step in your Cyber Security career? Apply now to join an innovative team shaping the future of cyber risk advisory!