Job Description
About the Company
We’re working with an established and growing UK cybersecurity consultancy expanding its Defence and Public Sector practice. This is a great opportunity for an experienced security professional to lead high-impact programmes, influence senior stakeholders, and shape security outcomes across MOD and wider Defence environments.
About the Role
As a Lead Cyber Security Consultant, you’ll take ownership of multiple client engagements, delivering expert advice across governance, risk, compliance, and Secure by Design practices. You’ll work closely with senior stakeholders to assess risk, define security controls, deliver assurance activities, and support secure architecture across complex, high-profile systems. This is a hands-on, strategic role that combines leadership, client engagement, and technical depth.
Responsibilities
* Lead Secure by Design and security assurance activities across MOD and Public Sector programmes
* Support and guide the application of risk management frameworks, ISMS, and Enterprise Security Risk Management
* Conduct and lead workshops with technical and business stakeholders
* Produce clear, actionable reporting on risk, vulnerabilities, and remediation
* Provide pragmatic, proportionate recommendations aligned to business goals
* Support secure design across cloud and on-premise platforms
* Contribute to internal knowledge sharing and thought leadership
Experience
Strong background in Technical/Security Architecture or Governance, Risk & Compliance
Experience working in Defence / MOD environments
Required Skills
* Strong analytical and communication skills, with the ability to influence senior stakeholders
* Passion for continuous learning and high-quality security outcomes
Preferred Skills
* SAC (Security Assurance Coordinator) or Delivery Team Security Lead experience
* MOD/GDS Secure by Design
* Familiarity with: JSP440, JSP604/453, JSP490
* Supplier Chain Assurance
* GDPR, PCI DSS, ICO
* ISO 27001, NIST CSF, CIS Controls v8
* Skills in: Threat modelling (kill chain, attack trees, etc.)
* Cloud security (AWS, Azure), containerisation, firewalls
* Secure SDLC
* HLD/LLD review
* ITHC scoping and remediation
Certifications (Desirable)
* CIISE
* CUK Cyber Security Council registration (Chartered or Principal)
* AWS/Azure Security (Professional)
* CCSP, CISSP, CISM
* ISO 27001 Lead Auditor
* Security Vetting / Clearance
* Active and transferable DV clearance is essential
* Must be a sole British National and UK‑based
Interested? Submit your application to learn more about this exciting opportunity.