Cyber Security - Senior GRC Consultant (DV Cleared)

Cyber Security GRC Consultant (DV Cleared)

Location: Hybrid / Southeast Region - on-site presence required

Contract Type: Permanent & Full-time

Salary: Competitive + Benefits

About the Role

As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You’ll collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You’ll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning.

Key Responsibilities

• Deliver Secure by Design risk and security assurance functions within MOD/Public Sector.
• Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management.
• Facilitate security and risk workshops with Authority departments.
• Produce clear reporting on vulnerabilities, risks, controls, and treatment activities.
• Provide pragmatic remediation and risk management guidance.
• Support secure design across technology platforms including cloud infrastructures.
• Contribute to blogs and research within the Cyberfort community.

Experience Required

The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management.

• Active DV clearance required
• Strong working knowledge of Security Assurance Coordinator or Delivery Team Security Lead roles
• JSP440, JSP604/453 & JSP490
• Working with system secure design & MOD/GDS Secure by Design Principles
• Supplier Chain Assurance and Risks.
• Security related legislation (e.g. GDPR, PCI DSS, ICO requirements).
• Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8.
• HMG, NPSA and NCSC security policies, standards and guidance.
• Have experience building and implementing secure by design principals within the software development lifecycle (SDLC).
• Threat Modelling – Kill Chain – Attack tree analysis.

Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered or Principal).

What’s in it for You

• Hybrid Working: 3 days onsite per week
• Competitive Salary
• Career Development: Continuous learning and professional growth.

Interested?

Submit your application to learn more about this exciting opportunity.