Cyber Security Consultant
Job Description
Contract Cyber Security ConsultantReading HQ 3-4 days a week onsiteSecurity clearance is essentialUp to £104 p/h Inside IR35We are seeking an experienced security cleared Cyber Security Consultant professional to play a key role in a large scale, complex technology programme operating within a highly regulated environment. This position is responsible for assuring the security, compliance, and resilience of applications, infrastructure, and cloud environments throughout their lifecycle, ensuring adherence to Security by Design principles and industry best practicesKey ResponsibilitiesProvide independent assurance for applications, infrastructure, and cloud environments throughout the development and operational lifecycleEnsure alignment with Security by Design principles, frameworks, and organisational security policiesAssess compliance against relevant standards and regulatory requirements, including ISO 44001, NIST 800-53, NIST 800-171, NIST 800-172, NIS2, DEFSTAN, JSPs, and other applicable frameworksCollaborate with development, engineering, and security teams to embed security requirements throughout the software development lifecyclReview technical designs and security controls to ensure critical data and systems are adequately protectedIdentify vulnerabilities and assure effective mitigation strategies in both development and production environmentIdentify, assess, and manage security risks, recommending tactical and strategic improvements where requiredSkills & ExperienceExtensive experience within a complex, high-technology or highly regulated environment such as defence, aerospace, government, critical infrastructure, or enterprise IT.Strong knowledge and practical application of IT assurance frameworks and standards, including: ISO 144001, NIST 800-53, NIST 800-171, NIST 800-172, NIS2, DEFSTAN and JPS.Proven experience implementing and assuring Security by Design across the full technology lifecycle.Experience working with cloud, infrastructure, and application security technologiesStrong understanding of vulnerability management, security controls, and risk management practicesDemonstrated ability to engage effectively with technical and non-technical stakeholdersExcellent communication, influencing, and collaboration skillsExperience working within large-scale transformation or complex technology programmesRelevant security certifications such as CISSP, CISM, CCSP, SABSA, ISO 27001 Lead Auditor/Implementer, or equivalentOccasional travel to company sites, suppliers or stakeholder locations may be required.TPBN1_UKTJ