Senior Information Security Consultant
Senior Security Consultant with a track record delivering ISO 27001, NIST and CAF engagements. Trusted advisor to senior stakeholders. Combines strong GRC expertise with commercial delivery focus.
Join Cyberfort – Senior Information Security Consultant
Location: Remote, occasional travel as required to meet client/business needs
Department: Private Sector Cyber Consultancy
Contract Type: Full-time
Salary: Competitive + Benefits
About Cyberfort
At Cyberfort, we’re securing the digital future. As a leading UK provider of cybersecurity solutions, we deliver cutting-edge services in Managed Detection & Response (MDR), Penetration Testing, Security Operations, and Strategic Consulting.
We’re large enough to offer exciting opportunities, yet agile enough to ensure every voice is heard. At Cyberfort, you’re not just joining a company, you’re becoming part of a mission-driven team.
About the Role: Senior Information Security Consultant
To lead and deliver information security consulting engagements that help clients assess, improve, and demonstrate their security posture against recognised frameworks, standards, and regulatory requirements.
As a Senior Information Security Consultant, you will act as a trusted advisor to clients, leading complex engagements, managing project delivery, and providing operational and strategic security guidance across governance, risk, compliance, and security improvement initiatives. You will work with stakeholders at all levels, from operational teams to senior leadership, helping organisations make informed, risk-based decisions that align security with business objectives.
In addition to delivery, you will contribute to business improvement through quality engagements, account development, supporting consultants, and continuously improving methodologies and services.
Key Responsibilities
Project & Engagement Leadership
Lead the delivery of information security consulting engagements across frameworks such as ISO 27001, NIST, CAF, Cyber Essentials, CSA CCM, ISO 42001 and related standards.
Manage projects from initiation through to completion, ensuring delivery against agreed scope, timelines, budgets, and quality expectations.
Lead security assessments, gap analyses, risk reviews, audit readiness activities, and compliance improvement programmes.
Oversee project plans, resource allocation, risk management, and stakeholder communications throughout engagements.
Produce and review high-quality client deliverables, ensuring outputs are commercially relevant, technically accurate, and actionable.
Client Advisory & Stakeholder Management
Act as a trusted advisor to clients, providing strategic, operational and practical security guidance.
Build and maintain strong client relationships, developing a deep understanding of business objectives, risks, and operating environments.
Facilitate workshops, executive briefings, and stakeholder meetings.
Present findings, recommendations, and remediation roadmaps to senior management and executive audiences.
Manage client expectations, engagement risks, issues, and escalation points effectively.
Governance, Risk & Compliance
Lead the design, implementation, and improvement of security governance, risk management, and compliance programmes.
Conduct and oversee risk assessments using recognised methodologies including ISO 27005, NIST or equivalent approaches.
Support clients in developing and maintaining security policies, standards, procedures, risk registers, and compliance frameworks.
Provide guidance on security metrics, assurance activities, certification readiness, and regulatory obligations.
Maintain awareness of emerging security, regulatory, and AI governance requirements
Continuous Improvement
Identify opportunities to provide additional value and support the growth of client accounts.
Recognise follow-on engagement opportunities and work collaboratively with account managers and leadership teams.
Support the development of new service offerings, consulting methodologies, and reusable delivery assets.
Share knowledge, lessons learned, and industry best practice across the consulting practice.
Drive continuous improvement of delivery standards, templates, methodologies, and internal processes.
Person Profile
Delivery Excellence
Highly organised with strong project and engagement management capabilities.
Proven ability to manage multiple workstreams simultaneously.
Accountable for delivery quality, timelines, and outcomes.
Comfortable operating independently in complex and ambiguous environments.
Technical & Security Expertise
Strong working knowledge of recognised security frameworks and standards, including ISO 27001, NIST CSF, CAF, Cyber Essentials, CSA CCM, and ISO 42001.
Deep understanding of information security governance, risk management, control design, and assurance principles.
Experience leading security assessments, audit programmes, certification initiatives, and compliance engagements.
Good understanding of cloud and SaaS security, particularly Microsoft 365 and Google Workspace environments.
Knowledge of emerging areas such as AI governance, AI risk management, and regulatory compliance.
Client & Consulting Skills
Excellent stakeholder management and relationship-building skills.
Trusted advisor mindset with the ability to influence and challenge constructively.
Strong facilitation, presentation, and communication skills.
Ability to translate complex security concepts into practical business language.
Commercial awareness and the ability to identify opportunities to expand client value.
Leadership & Professionalism
Demonstrates leadership through coaching, and knowledge sharing.
Maintains high professional and ethical standards.
Proactive, adaptable, and solutions-focused.
Committed to continuous professional development and industry awareness.
Knowledge, Skills & Experience
Essential
Experience delivering information security, risk, governance, compliance, or assurance engagements.
Experience leading client-facing consulting projects and managing stakeholder relationships.
Strong understanding of information security frameworks, standards, and risk management methodologies.
Demonstrable experience delivering assessments, audits, gap analyses, and security improvement programmes.
Experience producing and reviewing senior-level reports and recommendations.
Strong Microsoft 365 skills, particularly Word, Excel, and PowerPoint.
Desirable
Experience leading ISO 27001 implementation, certification, or surveillance programmes.
Experience with NIST CSF, CAF, Cyber Essentials, PCI DSS, DSPT CSA CCM, ISO 42001, or similar frameworks.
Experience using GRC platforms such as Vanta, One Trust, ServiceNow GRC, or equivalent.
Familiarity with Microsoft Azure, Microsoft 365, Google Workspace, and cloud security governance.
Experience with Technical implementation of security tooling
Experience supporting AI governance and AI risk management initiatives.
Project management experience within consulting or professional services environments.
Qualifications & Certifications
Professional certifications are strongly preferred and will be viewed favourably alongside practical consulting experience.
Relevant certifications such as ISO 27001 Auditor/Implementer, ISC2 certifications (e.g. CC, CISSP, CGRC), ISACA certifications (e.g. CISM, CRISC), Cyber Essentials Assessor, PCIDSS QSA, ISO 42001, or equivalent.
Equivalent experience and demonstrable capability will also be considered.
Inclusive Hiring
We understand that one size doesn’t fit all. If you need adjustments during the recruitment process, we’re here to support you. Cyberfort is proud to be a Disability Confident Employer, a CyberFirst partner, and a signatory of the Armed Forces Covenant.
Why Join Us?
Purpose-Driven Work – Help protect businesses and communities from evolving cyber threats.
Growth & Development – Access mentoring, apprenticeships, graduate schemes, and continuous learning platforms.
Inclusive Culture – We champion diversity through our Women’s Network, Neurodiversity Awareness, and Inclusion Committee.
Flexible Working – Hybrid and remote options to support work-life balance.
Top-Tier Benefits – Competitive salary, private healthcare, wellbeing support, generous holiday allowance, and more.
Ready to Apply?
If you’re passionate about cybersecurity and want to make a real impact, we’d love to hear from you.
Learn More
Cyberfort Careers Page: https://careers.cyberfortgroup.com/
Working at Cyberfort: https://cyberfortgroup.com/about-us/careers-working-at-cyberfort/
- Department
- Consultancy
- Role
- Senior Cyber Security Consultant
- Locations
- Remote
- Remote status
- Fully Remote