Salary: £48,000 - 88,000 per year Requirements: Proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD Achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management Active DV clearance required Strong working knowledge of Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks Security related legislation (e.g. GDPR, PCI DSS, ICO requirements) Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8 HMG, NPSA and NCSC security policies, standards and guidance Experience building and implementing secure by design principles within the software development lifecycle (SDLC) Threat Modelling - Kill Chain - Attack tree analysis Working understanding of cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host-based firewalls, Web Application Firewalls Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS/IPS, DMZs AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans HLD and LLD reviews and analysis Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS/Azure) and endpoint security Proficient in Public Key Infrastructure, Data at Rest/in Transit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls Thrives on tackling challenges with creative solutions, challenging the normal Responsibilities: Deliver Secure by Design risk and security assurance functions within MOD/Public Sector Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management Facilitate security and risk workshops with Authority departments Produce clear reporting on vulnerabilities, risks, controls, and treatment activities Provide pragmatic remediation and risk management guidance Support secure design across technology platforms including cloud infrastructures Contribute to blogs and research within the business community Technologies: AI AWS Azure Cloud Cryptography Support Network REST Security Web More: We are looking for a Senior Cyber Security GRC Consultant to join our team in a hybrid work environment in the East of England. As part of a knowledge-sharing culture, you will collaborate with multi-disciplinary teams to deliver secure risk and security assurance services. Our benefits include hybrid working arrangements, opportunities for career development, and a commitment to respect and equality, fostering a diverse and inclusive community. Join us to tackle challenges with creative solutions and make an impact in the public sector. last updated 5 week of 2026