Cyber Security Consultant - GRC

Cyber Security Consultant - GRC

Remote with travel to client site when required.

We’re partnering with a growing cyber security consultancy that is expanding its Cyber GRC and Risk Advisory practice, and they’re particularly keen to speak with professionals experienced in Cyber Essentials and Cyber Essentials Plus assessments.

This role is ideal for someone who enjoys helping clients improve their security posture while working across a variety of industries and regulatory frameworks.

You’ll play a key role in delivering Cyber Essentials advisory and assessments, while also supporting broader GRC and third-party risk programmes.

Key areas you’ll work across:

• Cyber Essentials & Cyber Essentials Plus assessments

• Supporting organisations preparing for Cyber Essentials certification

• Governance, Risk & Compliance (GRC) advisory

• Third-Party Risk Management (TPRM) and supplier assurance

• ISO 27001 audit readiness and compliance

• Cyber risk assessments and maturity reviews

• Security policy and operating model design

• Regulatory frameworks including NIS2 and DORA

Cyber Essentials Assessor accreditation is highly desirable, particularly for candidates experienced in delivering Cyber Essentials Plus assessments.

What we’re looking for:

• Experience delivering or supporting Cyber Essentials / CE+ assessments

• Background in Cyber Security Consulting or Cyber GRC

• Experience in third-party risk management (TPRM) or supplier risk programmes

• Knowledge of ISO 27001 implementation and audit processes

• Strong client-facing and stakeholder engagement skills

Why join?

• Fast-growing consultancy with clear promotion pathways

• Strong investment in training, certifications and development

• Primarily remote working with occasional client engagement

• Collaborative team culture where knowledge sharing is encouraged

If you’re looking to develop your Cyber Essentials expertise while broadening your exposure across cyber advisory and GRC, apply now