Cyber Security Consultant

About the Role

Our client is currently seeking an experienced cyber risk professional to lead and mature our cyber risk management capability. This role plays a critical part in assessing, managing, and communicating cyber risks across the organisation, supporting leadership decision‑making and ensuring alignment with regulatory, legislative, and business requirements.

You will act as a subject matter expert on cyber risk, working closely with technical and non‑technical stakeholders to embed effective risk management practices across systems, architecture, and procurement activities.

• Lead cyber security risk assessments for complex and high‑impact scenarios, applying sound risk management principles and methodologies.
• Maintain and continuously improve the corporate cyber risk register, ensuring risks are clearly articulated, prioritised, and tracked.
• Monitor compliance with applicable regulatory and legislative requirements related to cyber security and risk management.
• Support the design, implementation, and ongoing effectiveness of security controls, recommending improvements where necessary.
• Conduct comprehensive analyses of complex security requirements and deliver clear, actionable cyber risk assessment outcomes.
• Provide guidance on cyber security governance arrangements and risk treatment strategies.
• Shape leadership decision‑making through high‑quality reporting on security process effectiveness and risk posture.
• Embed cyber risk management practices into business activities including system development, security architecture, and procurement processes.
• Apply standardised control frameworks (such as ISO 27001/27002), while recognising their strengths, limitations, and practical business impact.
• Advise on the balance between security controls, user experience, and business needs.
• Proactively gather, analyse, and interpret threat intelligence to understand the evolving threat landscape and strengthen organisational resilience.

• Proven experience delivering cyber security risk assessments in complex environments.
• Strong understanding of risk management principles, governance, and compliance obligations.
• Hands‑on experience with recognised security control frameworks (e.g., ISO 27001/27002).
• Ability to communicate complex cyber risk concepts clearly to senior leaders and non‑technical stakeholders.
• Experience influencing decision‑making through structured analysis and effective reporting.
• Strong analytical mindset with the ability to assess emerging threats and their business impact.
• Collaborative approach, with experience embedding risk practices into broader business processes.