Cyber Governance Consultant

Job Title: Cyber Governance Consultant – Permanent

Location: Hybrid (Client sites, Company offices, and Home – note: cannot be fully remote)

About the Role:

We are looking for a Cyber Governance Consultant to help clients design and implement cyber guidelines and governance frameworks tailored to their specific needs. The role involves working across pre- and post-sales consulting activities, helping clients align their cyber strategy with regulatory frameworks and industry best practices.

Key Responsibilities:

• Conduct gap analysis and rationalisation of controls against regulatory frameworks.
• Perform threat modelling, risk identification, assessment, and mitigation planning.
• Analyse, protect, and manage data outputs, including Data Loss Prevention (DLP) and Rights Management.
• Conduct 3rd party risk analysis, controls, audit, and cyber resilience and recovery assessments.
• Review cloud and network security posture, including mobile data and device protection.
• Manage policy and procedure lifecycle, including development, testing, review, and compliance audit participation (internal and external).
• Support business development and advisory activities in cybersecurity governance.

Skills and Experience:

• Experience designing or implementing secure solutions based on regulatory frameworks such as ISO, NIS, NIST, TISAX, DORA, NCSC CAF, or IEC62443.
• Background in GRC consulting or cybersecurity governance.
• Ability to balance security, compliance, usability, agility, and cost considerations.
• Experience creating business cases, roadmaps, or strategic recommendations for regulatory compliance.
• Strong communication skills and the ability to work effectively with clients and cross-functional teams.

Pre-Employment Checks:

• Identity verification, nationality or immigration status.
• Employment history (3 continuous years).
• Disclosure and Barring Service (DBS) check for unspent criminal records.

Why This Role:

You will join a supportive, inclusive environment that values diversity and innovation, helping clients improve their cyber posture and governance practices while working with a variety of sectors and secure industries.