Senior Cyber Resilience Consultant; GRA

We have an exciting opportunity for a Senior Cyber Resilience Consultant to join our growing Governance, Risk and Assurance (GRA) team. In this role you will be instrumental in delivering cyber resilience projects for our clients using your GRA and cyber security expertise and experience to advise clients on current posture, improvement strategies and enable them to gain assurance and preparedness through exercising cyber incident response capabilities and co‑ordination.

• Lead delivery of proactive incident response preparedness activities including Incident Response Planning, maturity assessments and exercises including Tabletop (TTX), Live Play and other bespoke activities.
• Lead cyber governance, risk and assurance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes for our clients.
• Review and assess client documentation, processes and governance in relation to Cyber Incident Response, preparedness and alignment with Business Continuity and Emergency Response capabilities.
• Design, plan and deliver a variety of exercises to meet the needs of organisations across diverse industries and sectors.
• Engage and communicate with stakeholders from board and executive through to operational and other responders to understand their threat landscape and business context, and roles and responsibilities.
• Deliver quality reports, with actionable information tailored to the specific needs of clients and capturing the key learnings from assessments and exercises.
• Contribute to continuous improvement of service offerings, delivery methodologies and internal team knowledge by sharing insights and learning gained from client engagements.
• Support the wider delivery of cyber governance risk and assurance activities and delivery working with other service and client leads and functions.
• Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community.
• Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism.

• Extensive experience in designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading cyber incident response and resilience outcomes.
• Strong knowledge of recognised cyber security frameworks and standards, including MITRE ATT&CK, ISO/IEC 27001, NIS, NIST, and UK Government Functional Standards, with demonstrable experience applying these to relevant cyber roles and engagements.
• Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high‑quality outcomes.
• Hold relevant academic or professional qualifications, such as an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification.
• Hold, or are actively working towards, a relevant cyber resilience, cyber incident response, or similar qualification or accreditation.
• Eligible to work in the UK and able to obtain and maintain UK security clearance.

• Strong alignment with FSP values and ethos
• Commitment to teamwork, quality and mutual success
• Proactivity with an ability to operate with pace and energy
• Strong communication and interpersonal skills
• Excellent planning and organisational skills
• Dedication to excellence and quality

FSP is an equal opportunity employer and welcomes applications from all suitably qualified candidates. We assess applicants based on their skills, experience, and potential, without regard to age, disability, sexual orientation, gender identity, family or parental status, race, colour, nationality, ethnic or national origin, religion or belief, or any other protected characteristic.

Visa sponsorship is available for some roles, subject to eligibility and business requirements.

Research indicates that individuals from underrepresented groups may be less likely to apply where they feel they do not meet every requirement, or where there is uncertainty about who a role is intended for. If you are interested in a role with us but are concerned that you may not meet all the criteria, we encourage you to apply. You may be a strong candidate for this role or for other opportunities within FSP.

We are committed to providing a fair and inclusive recruitment process. If you require any reasonable adjustments to participate fully in an interview or meeting (whether virtual or in person), please let us know.