Location: Preston Job Type: Contract Industry: Cyber Security Job reference: BBBH439789_1780052876 Posted: 5 days ago
Role Title: Cyber Security Consultant - OI Process alignment and Onboarding
Duration: contract to run until 30/11/2026
Location: Preston. Hybrid 2 days per week onsite
Rate: up to £600 p/d Umbrella inside IR35
Clearance required: Must Be MOD SC Cleared And Be A Sole UK National.
SC must have been actively used within the last 12 months and must have 3 months left on the clearance
Role purpose / summary
The Cyber Security Process Alignment & Supplier Onboarding Consultant operates within the Operational Integrator (OI) function to support the onboarding of new service providers into a multi-supplier (SIAM) environment within a Defence programme.
The role focuses on translating established security processes, policies, and governance into structured onboarding materials, ensuring that incoming suppliers clearly understand their obligations and are aligned from day one.
Working closely with Security Assurance, Incident, and Vulnerability Management leads, the consultant ensures that supplier processes are understood, integrated, and evidenced, rather than redesigned. The outcome is a consistent, controlled onboarding approach that enables suppliers to operate effectively within the existing security operating model.
This is a governance, integration, and enablement role, not a hands-on operational security or engineering function.
Key Responsibilities
Supplier Onboarding & Process Integration
1. Develop structured onboarding packs for new suppliers covering:
2. Security processes (e.g. incident management, vulnerability management, assurance)
3. Policies, standards, and governance expectations
4. Reporting and escalation requirements
5. Define and agree:
6. Supplier roles and responsibilities
7. Interaction models between Supplier, SI, OI and Client
8. Act as the central integration point for onboarding suppliers into the SIAM security model
Process Alignment (SIAM / OI Model)
9. Work with Security Assurance, Incident and Vulnerability leads to translate defined processes into supplier-consumable guidance
10. Ensure suppliers adopt and align to existing processes, with minimal change
11. Identify and manage gaps between:
12. Supplier capabilities
13. Client expectations
14. Established SI/OI processes
Compliance & Assurance Enablement
15. Support the assessment of supplier:
16. Security Management Plans
17. Compliance reporting and outputs
18. Ensure suppliers understand:
o Evidence requirements
19. Assurance expectations
20. Audit and governance processes
21. Provide confidence that suppliers can demonstrate compliance from Day 1 of service commencement
Governance & Communication
22. Support onboarding for multiple Service Commencement Dates, working across:
23. Incoming suppliers
24. Incumbent suppliers (handover)
25. Client stakeholders
26. Transition teams
27. Ensure security expectations are:
28. Clearly communicated
29. Consistently applied
30. Understood at both operational and governance levels
Documentation & Knowledge Transfer
31. Produce clear, structured documentation including:
32. Process packs
33. Supplier guidance materials
34. Governance and reporting expectations
35. Ensure documentation is:
36. Consistent across all suppliers
37. Aligned to NIST CSF and Secure by Design principles
38. Suitable for reuse in BAU onboarding
Transition Support
39. Support phased onboarding aligned to transition timelines
40. Help ensure continuity between:
41. Existing (incumbent) service delivery
42. New supplier responsibilities
43. Contribute to establishing a repeatable onboarding model for future suppliers
Service Management & Operational Readiness Enablement
44. Support the onboarding of suppliers across core IT Service Management processes, ensuring alignment with client operational standards and governance
45. Work with service management and security leads to ensure supplier readiness in areas such as:
46. Incident and vulnerability management
47. Backup and recovery
48. Monitoring, alerting and operational reporting
49. Access control and service request processes
50. Ensure suppliers are able to:
51. Demonstrate operational readiness for Service Commencement (including ORR and service readiness assessments)
52. Provide appropriate evidence to support operational baselines and ongoing updates
53. Coordinate with transitioning and exiting providers to validate:
54. Service baselines
55. Handover completeness
56. Alignment to agreed operational and security expectations
Key Skills & Experience
Essential
57. Experience in cyber security governance, GRC, or security process roles
58. Experience working in multi-supplier or SIAM environments
59. Strong understanding of security processes such as:
60. Incident Management
61. Vulnerability Management
62. Security Assurance
63. Ability to interpret operational outputs (e.g. SOC reporting) without direct tool ownership
64. Strong stakeholder engagement and coordination skills
65. Experience supporting audit, compliance, and assurance activities
66. Experience working in transition or transformation programmes
Desirable
67. Knowledge of:
68. NIST Cyber Security Framework (CSF)
69. Secure by Design principles
70. NCSC / UK Government security guidance
71. Experience in defence or other high-security environments
Key Deliverables
72. Supplier onboarding packs aligned to security processes and governance
73. Standardised supplier interaction model within SIAM
74. Supplier-aligned process documentation and guidance
75. Verified supplier readiness for Service Commencement
76. Repeatable onboarding approach for future suppliers
All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!