Cyber Security Consultant
Full Time
Hybrid (Cambridge - flexibility for the right person)
We are looking for an experienced, proactive, and client-facing Cyber Security Consultant to join a growing cyber security practice. In this role, you will work closely with a wide range of clients, helping them improve their security posture through practical consultancy, trusted advice, and high-quality reporting.
This is a consultancy-led role rather than a pure hands-on technical security position. You will be responsible for delivering one-off security engagements, supporting recurring consultancy clients, and acting as a trusted advisor across a variety of security, risk, and compliance-related matters.
Key Responsibilities
• Lead client meetings and workshops to understand security challenges, priorities, and business objectives.
• Deliver consultancy services including Cyber Essentials support, gap analysis against frameworks such as ISO 27001, and broader security posture reviews.
• Build trusted relationships with clients, acting as their go-to cybersecurity advisor across ongoing engagements.
• Produce clear, high-quality reports for both technical and non-technical stakeholders, including senior leadership teams.
• Develop practical security improvement plans and roadmaps tailored to each client’s environment, maturity, and risk appetite.
• Work closely with internal teams, including project managers, sales, and technical delivery teams, to ensure successful client outcomes.
• Support recurring monthly consultancy engagements, helping clients make measurable progress against agreed security objectives.
• Maintain strong awareness of evolving cybersecurity threats, frameworks, and best practices, applying that knowledge commercially and pragmatically.
• Contribute to the development of internal services, processes, reporting standards, and best practices across the wider cyber team.
• Mentor junior team members where appropriate and help raise the overall capability of the function.
Required Skills & Experience
• Experience in a client-facing cybersecurity, information security, or IT consultancy role.
• Strong understanding of security frameworks and standards such as Cyber Essentials, ISO 27001, and broader security best practice.
• Ability to translate technical issues into clear business language for stakeholders at varying levels of seniority.
• Experience producing well-structured reports, recommendations, and security improvement plans.
• Strong communication and relationship-building skills, with the ability to become a trusted advisor to clients.
• Good understanding of wider IT operations, infrastructure, or service environments, with the commercial awareness to balance security against operational realities.
• Ability to manage multiple priorities and client engagements in a fast-paced consultancy environment.
• Passion for cybersecurity and a desire to stay current with changes across the threat and compliance landscape.
Desirable Skills & Experience
• Exposure to additional frameworks such as NIST, NCSC CAF, or SOC 2.
• Previous background in IT support, infrastructure, systems administration, or IT management before moving into cybersecurity.
• Industry-recognised certifications in cyber security or information security.
• Experience supporting clients across different sectors and adapting approach based on industry, regulation, and business context.