Join a fast-growing cyber consultancy delivering across public, private, and defence sectors
Location: Hybrid (UK-based, with occasional travel to client sites)
Employment Type: Full-time, Senior level
Overview
Sanderson Government & Defence are working with a scaling cyber security consultancy that’s delivering high-value security solutions to some of the UK’s most complex organisations across public, private, and defence sectors.
We are looking for a Senior Security Consultant with a deep understanding of ISO 27001 implementation and delivery to join a collaborative, fast-growing team. You’ll be working on varied and challenging engagements, providing both hands-on delivery and strategic security advice to a broad portfolio of clients.
With the consultancy in a period of rapid growth, this role offers significant scope for progression, flexibility in how you work, and the chance to shape the way security is delivered at scale.
Key Responsibilities
* Lead ISO 27001 implementation projects, from initial gap analysis to certification readiness
* Advise clients on information security management systems (ISMS) design, deployment, and continuous improvement
* Conduct risk assessments, security audits, and compliance reviews against ISO 27001 standards
* Support clients in achieving and maintaining compliance with security frameworks and regulatory requirements
* Engage with stakeholders at all levels to embed security best practice in business processes
* Mentor junior consultants and contribute to knowledge sharing within the team
* Stay current with security trends, regulatory changes, and industry best practices
Required Skills & Experience
* Proven track record of ISO 27001 implementation and delivery (end-to-end)
* Strong consultancy background with client-facing experience
* Ability to conduct risk assessments and security audits confidently
* Excellent communication skills, able to explain technical concepts to non-technical stakeholders
* Solid understanding of broader information security frameworks and governance practices
* Willingness to travel to client sites as required (UK-wide)
Desirable
* ISO 27001 Lead Implementer or Lead Auditor certification
* Experience in public sector, defence, or highly regulated industries
* Knowledge of additional standards such as NIST, Cyber Essentials Plus, or PCI DSS
Why Join This Consultancy?
* Flexible, hybrid working with trust and autonomy in how you deliver
* Variety of projects across multiple sectors – no two engagements are the same
* Clear progression pathways in a growing, ambitious company
* Collaborative, knowledge-sharing culture where your expertise is valued
* Competitive salary and benefits, plus investment in ongoing training and certifications
Apply via Sanderson to join a forward-thinking consultancy where you’ll make a real impact on client security maturity while developing your own career.
All applications are handled in strict confidence.