Senior Advisory Consultant

About Us:

Beazley Security is a global cybersecurity firm committed to helping clients enable advanced cyber defenses that reduce risk with quantifiable results. We’re comprised of top talent from private industry, government, intelligence, and law enforcement who are specialists in threat detection, incident response, digital forensics, offensive security, risk management, and cyber resilience. As a subsidiary of specialty insurance giant, Beazley Insurance, we’ve been at the forefront of cyber insurance management and breach response activities for business clients in the US, UK, and Europe since 2017. As Beazley Security, the company will have an expanded scope, leveraging nearly two decades of cyber incident experience, a strong services division, and a business strategy focused on growth, to realize our goals and deliver benefit for clients.

As a company, we are committed to upholding our core values of Belonging, Integrity, Service, Accountability, and Curiosity. We believe these values are essential to creating a strong and inclusive workplace culture, as well as to delivering world-class cybersecurity solutions to our clients worldwide. As Beazley Security, these values will continue to thrive, with an extra emphasis on expansion of our capabilities and capacity in helping solve unique client challenges.

Summary:

We are seeking a talented and experienced Advisory Consultant to join our dynamic team. In this role, you will play a critical part in advising clients and internal stakeholders on governance, risk management, and compliance strategies to strengthen cybersecurity posture and align with regulatory requirements, internal policies, and industry best practices. You will work cross-functionally to identify, assess, treat, and report on security risks while supporting strong governance and effective risk management frameworks.

Key Responsibilities:

Governance & Risk Management

  • Ensure governance and risk processes are aligned with regulatory requirements, internal policies, and industry best practices.
  • Assist in the identification, assessment, and mitigation of security risks across the organization and client environments.
  • Work alongside IT Risk and Second Line Risk teams to ensure alignment, appropriate governance, and effective reporting.
  • Support governance committees through accurate reporting and escalation of Key Risk Indicators (KRIs) where appropriate.

Security Risk Assessment

  • Conduct comprehensive security risk assessments of key assets to identify vulnerabilities and evaluate threats in line with the organization’s risk appetite.
  • Perform risk assessments for policy exceptions, ensuring exceptions are logged, owned, monitored, and reviewed.
  • Conduct ad hoc risk assessments as identified by the business or clients.
  • Collaborate with cross-functional teams to implement security enhancements and remediation plans.

Risk Treatment & Remediation

  • Oversee the creation of risk treatment plans, ensuring remedial actions are appropriate, clearly owned, and time-bound.
  • Track risk remediation activities through to completion.
  • Identify delays to remediation timelines and report issues in a timely manner.

Risk Register & Reporting

  • Maintain an up-to-date Risk Register, ensuring all identified risks are accurately logged and tracked.
  • Prepare detailed reports on risk assessments, risk status, risk treatment plans, and Key Risk Indicators for stakeholders.
  • Ensure all risk management processes, policies, and procedures are documented and kept current.

Client Advisory & GRC Consulting

  • Provide expert guidance to clients on GRC frameworks and cybersecurity risk management strategies.
  • Conduct thorough assessments of clients’ security programs, identifying gaps and areas for improvement.
  • Develop and implement GRC policies, procedures, and standards aligned to business objectives and best practices.
  • Advise on regulatory and compliance requirements, including HIPAA, GDPR, NIST, ISO 27001, and other relevant standards.
  • Design and support implementation of risk mitigation strategies and incident response plans.
  • Conduct virtual and in-person incident response tabletop exercises.
  • Serve as a subject matter expert, delivering client training sessions and workshops on GRC topics.
  • Stay current on emerging cybersecurity threats, trends, and regulatory changes to provide informed and practical guidance.

Qualifications

  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field.
  • Master’s degree or relevant certifications (CISSP, CISA, CISM, CRISC, GIAC, etc.) are highly desirable.
  • Proven experience in GRC advisory or consulting roles within the cybersecurity domain.
  • Strong understanding of regulatory requirements, industry standards, and GRC best practices.
  • Excellent analytical, problem-solving, and attention-to-detail skills.
  • Strong written and verbal communication skills, with confidence in client-facing environments.
  • Ability to work independently while contributing effectively within a collaborative team.
  • Strong project management skills with the ability to manage multiple initiatives and stakeholders simultaneously.

Beazley Security Offers:

  • Competitive salary and bonus.
  • Flexible working arrangements.
  • Generous leave policies including 3 months paid paternal leave.
  • 100% of employee-only insurance premiums covered (healthcare, dental and vision).
  • Opportunities for career advancement and ongoing training.
  • Participation in industry conferences and events.

Beazley Security is an equal opportunity employer. We embrace diversity and are committed to creating an inclusive environment for all employees.

Apply Now
Apply Now

Job Details

Company
Beazley Security
Location
United Kingdom, UK
Posted