Senior / Technical Security Risk Consultant (SC)

Senior / Technical Security Risk Consultant

Location: Remote with occasional UK travel

Contract Type: Permanent & Full-time

Security Clearance: Active SC clearance required

Salary: Competitive + Benefits

About the Role

As a Technical Cyber Risk Consultant, you will work closely with clients across government, defence and regulated sectors. You will operate as a trusted advisor, working alongside senior stakeholders and technical teams to deliver pragmatic, risk-led outcomes.

Key Responsibilities

• Provide expert advice on cyber risk management frameworks including ISO 27005 and NIST RMF
• Lead risk identification, assessment and treatment across applications, infrastructure and digital services
• Facilitate structured risk workshops and threat modelling sessions
• Assess solution architectures to identify security risks and control gaps
• Review and interpret IT Health Check outputs and define clear remediation plans
• Produce concise reporting on risks, vulnerabilities and treatment options
• Maintain and manage risk registers including residual risk position
• Conduct gap analysis against recognised security frameworks
• Evaluate third party suppliers and assess control effectiveness
• Produce audit reports, controls assessments and security briefings
• Work with delivery teams to ensure security is embedded throughout

Experience Required

This role is aligned to a technically credible and delivery focused consultant / cyber risk practioner; with an emphasis on real world risk assessment, not theory. Success will come from strong judgement, hands-on experience and the ability to operate effectively in a clearance constrained, stakeholder heavy environment.

• Proven experience as a technical cyber risk practitioner, not purely advisory
• Strong technical background with hands-on delivery of system level risk assessments across infrastructure, applications and cloud environments
• Demonstrable experience identifying, assessing and treating risk within live systems, not just framework alignment
• Experience operating in secure and regulated environments, ideally government or defence
• Proven ability to engage senior stakeholders and influence decisions
• Ability to translate technical findings into clear, actionable risk outcomes
• Confident leading risk workshops, threat modelling and control assessments
• Experience working within Agile delivery environments
• Strong analytical capability and sound judgement
• Any candidates must have an active SC level of security clearance to be considered.

Technical Knowledge

• Security frameworks including ISO 27001, NIST CSF, CIS and NCSC guidance
• Regulatory landscape including GDPR and PCI DSS
• Familiarity with HMG and NCSC standards
• Modern technology environments:
• Cloud platforms such as Azure, AWS and Google Cloud
• Microsoft 365
• Infrastructure and network security
• Zero Trust principles
• Understanding of security architecture concepts

Certifications

Relevant industry certifications such as CISSP, CISM, CRISC or equivalent. Candidates should either hold, or be working towards, Full Membership of CIISEC and professional registration with the UK Cyber Security Council at Chartered or Principal level in Cyber Security Governance and Risk Management.

What’s in it for You

• Exposure to complex, high impact work in high trust environments
• Direct engagement with senior client stakeholders
• Opportunity to shape risk led security decisions
• Ongoing professional development
• Flexible working / Remote first

Interested?

Submit your application to learn more about this exciting opportunity.