Information Security Consultant

Information Security Consultant

📍 Remote | Full-time

We’re partnering with a leading, forward-thinking cyber security consultancy that delivers innovative, resilient security solutions across multiple sectors. With a strong heritage spanning government, finance, and technology, they help organisations protect critical assets, sensitive data, and increasingly complex digital ecosystems.

As part of their continued growth, they are looking to appoint an Information Security Consultant to join their high-performing technical team.

The Role

As an Information Security Consultant, you will provide expert security advice across a diverse portfolio of projects, supporting both internal teams and external clients. You’ll play a key role in embedding security into modern technology solutions - including cloud, digital transformation, and emerging AI-driven systems.

This is a hands-on, client-facing role combining security architecture, risk management, governance, and advanced threat modelling to ensure risks are identified, assessed, and effectively managed throughout the project lifecycle.

Key Responsibilities

• Provide security advice and guidance across IT and business projects
• Conduct threat modelling across traditional and AI-enabled systems
• Perform security impact assessments (SIAs) and risk evaluations
• Define and review security requirements for applications, infrastructure, and AI solutions
• Review conceptual, logical, and physical solution designs
• Assess risks associated with AI/ML technologies, including data security, model integrity, and adversarial threats
• Manage and oversee vulnerability assessments and penetration testing
• Support risk identification, remediation, and ongoing risk management
• Contribute to enterprise security architecture frameworks and standards
• Perform ISO 27001 compliance assessments and security reviews
• Conduct third-party security assessments and audits
• Develop and maintain security policies, standards, and guidelines
• Engage with stakeholders across technical and business teams
• Support governance forums, reporting, and security awareness initiatives

Key Skills & Experience

• Experience in information security consulting or security architecture within complex environments
• Strong knowledge of ISO 27001 / ISMS and security governance frameworks
• CISSP (or equivalent certification)
• Proven experience in threat modelling and security design reviews
• Exposure to or interest in securing AI/ML systems and emerging technologies
• Broad technical understanding across:
• Application security (e.g. OWASP, IAM, cryptography)
• Infrastructure security (networks, endpoints, cloud)
• Operational security (incident management, DR/BCP, patching)
• Experience managing or supporting vulnerability assessments and penetration testing
• Ability to produce high-quality documentation and deliver presentations to stakeholders
• Strong stakeholder engagement and communication skills

Desirable

• Experience with TOGAF, SABSA, or ITIL
• Exposure to security tooling, DevSecOps, or application development
• Experience in supplier assurance or third-party risk
• Familiarity with AI security frameworks or responsible AI principles

What They’re Looking For

• A proactive and collaborative team player
• A strong communicator who can influence both technical and non-technical stakeholders
• Someone who can balance security best practice with business needs
• A passion for cyber security, innovation, and continuous improvement

Why Apply?

• Fully remote working
• Opportunity to work on diverse, high-impact security projects
• Exposure to enterprise-level security architecture, governance, and cutting-edge AI security challenges
• Collaborative, expert-led environment with strong career development opportunities