Location: Bristol Job Type: Contract Industry: Cyber Security Job reference: BBBH438895_1778765250 Posted: 1 day ago
Senior Cyber Security Consultant - CAF Assurance (x3)
Contract - Outside IR35 | 6 Months (Likely Extension)
Location: Mostly Remote (UK-based with occasional travel)
Clearance: Active SC Clearance Required
Role Overview
We are currently seeking three experienced Senior Cyber Security Consultants to support the delivery of Cyber Assessment Framework (CAF) assurance and cyber resilience work across public sector and critical environment programmes.
This role will involve conducting structured CAF assessments, engaging stakeholders, reviewing evidence, identifying risks, and delivering high-quality assurance outputs aligned to NCSC guidance and best practice. You will be part of a collaborative, high-performing team delivering across multiple assurance engagements.
Key Responsibilities
1. Deliver Cyber Assessment Framework (CAF) assurance activities across organisations and critical systems
2. Conduct stakeholder workshops, interviews, and evidence reviews to assess cyber resilience maturity
3. Support clients in understanding CAF objectives, principles, and outcomes
4. Review policies, governance, and technical/operational controls against CAF requirements
5. Assess cyber capabilities across:
6. Risk management
7. Protective security
8. Monitoring & logging
9. Incident management
10. Supply chain security
11. Operational resilience
12. Produce high-quality outputs including:
13. Assessment reports
14. Risk findings
15. Observations
16. Improvement recommendations
17. Contribute to assurance documentation, reporting, and delivery artefacts
18. Support engagement onboarding, planning, and scheduling
19. Collaborate with technical leads and delivery teams to ensure consistent quality
20. Drive continuous improvement of CAF methodologies and templates
21. Maintain strong stakeholder relationships in complex, fast-paced environments
22. Ensure alignment with government security standards and policies
Essential Skills & Experience
23. Proven experience delivering cyber security assurance / GRC engagements
24. Strong knowledge of the NCSC Cyber Assessment Framework (CAF) or similar frameworks
25. Experience facilitating stakeholder interviews and evidence-based assessments
26. Ability to analyse both technical and non-technical controls
27. Excellent report writing and communication skills
28. Experience working within public sector, regulated, or enterprise environments
29. Solid understanding of cyber security domains, including:
30. Identity & Access Management
31. Vulnerability Management
32. Incident Response
33. SIEM / Monitoring & Logging
34. Resilience and business continuity
35. Supply chain security
36. Ability to manage multiple priorities and deliver under tight deadlines
37. Experience working in remote, blended delivery team