Cyber Security Consultant
Contract Cyber Security Consultant
Reading HQ 3-4 days a week onsite
Security clearance is essential
Up to £104 p/h Inside IR35
We are seeking an experienced security cleared Cyber Security professional to play a key role in a large scale, complex technology programme operating within a highly regulated environment. This position is responsible for assuring the security, compliance, and resilience of applications, infrastructure, and cloud environments throughout their life cycle, ensuring adherence to Security by Design principles and industry best practices
Key Responsibilities
- Provide independent assurance for applications, infrastructure, and cloud environments throughout the development and operational life cycle
- Ensure alignment with Security by Design principles, frameworks, and organisational security policies
- Assess compliance against relevant standards and regulatory requirements, including ISO 44001, NIST 800-53, NIST 800-171, NIST 800-172, NIS2, DEFSTAN, JSPs, and other applicable framework
- Collaborate with development, engineering, and security teams to embed security requirements throughout the software development life cycle
- Review technical designs and security controls to ensure critical data and systems are adequately protected
- Identify vulnerabilities and assure effective mitigation strategies in both development and production environment
- Identify, assess, and manage security risks, recommending tactical and strategic improvements where required
Skills & Experience
- Security cleared currently (We are not able to consider candidates with lapsed or no SC clearance )
- Extensive experience within a complex, high-technology or highly regulated environment such as Defence, Aerospace, Government, critical infrastructure or enterprise IT
- Strong knowledge and practical application of IT assurance frameworks and standards, including: ISO 44001, NIST 800-53, NIST 800-171, NIST 800-172, NIS2, DEFSTAN and JSP
- Proven experience implementing and assuring Security by Design across the full technology life cycle
- Experience working with cloud, infrastructure, and application security technologies
- Strong understanding of vulnerability management, security controls, and risk management practice
- Demonstrated ability to engage effectively with technical and non-technical stakeholders
- Excellent communication, influencing, and collaboration skills
- Experience working within large-scale transformation or complex technology programmes
- Relevant security certifications such as CISSP, CISM, CCSP, SABSA, ISO 27001 Lead Auditor/Implementer, or equivalent
Occasional travel to company sites, suppliers or stakeholder locations may be required