Associate Director, Cyber Advisory

We now have an exciting opportunity for an experienced Associate Director to join our rapidly growing Digital Risks Protect team in London. This is a unique opportunity that requires a highly motivated and diligent client‑facing individual to join a highly successful team. This key role will support the growth of Digital Risks and the Protect Advisory business across EMEA, specifically leading and supporting on cyber security and digital risk management programmes, focused but not limited to IT/OT security, enterprise security, cloud security and GRC.

Location:

London. The role requires travel up to 50% of working time, including occasional weekend travel. Travel will primarily be in Europe, with possible travel to Africa and beyond. We operate a hybrid working model that requires attendance at our London office at least three days per week.

• Delivering projects (e.g., conducting asset identification exercises, cyber risk assessments against ISO and NIST CSF 2.0 standards, and demonstrating cyber audit expertise).
• Managing different types of client meetings and maintaining positive and respectful client relationships.
• Line management and upskilling of junior resources within the Digital Risks, Protect team.
• Strategic delivery acting as virtual‑CISO for our clients on an ongoing basis.
• Project management of multiple cyber risk advisory engagements (e.g., running kick‑off meetings, refining outputs, developing recommendations).
• Working with key project stakeholders (e.g., gathering information from interviews, document reviews and presenting findings) while maintaining the client’s confidence through clear communication and good project management.
• Provide flexible and responsive support as and when crisis management support is required and can be provided.

• Owning end‑to‑end development and management of proposals for future client work.
• Project scoping and planning, to support pricing.
• Maintain up‑to‑date presales documents.
• Contributing to and building complex, multi‑service line proposals.
• Cultivating long‑term relationships with clients.
• Participating in marketing to build the Control Risks brand.

• Solid experience in cyber security and related disciplines, particularly in technology and infrastructure consulting projects.
• Experience in delivering large, converged programmes of work in EMEA including cyber security risk assessments within an established global consultancy.
• Proven experience in delivering risk assessments for several different clients against industry standards (NIST CSF, 800‑53 and ISO
  27001).
• An excellent knowledge of IT and network infrastructure, alongside cyber security best practices for securing networks.
• Subject matter expertise, including extensive and demonstrable fluency in technology risk issues.
• Proven experience operating in senior security and resilience roles, including knowledge of IT and OT network infrastructure.
• The ability to explain difficult technical concepts and ideas in non‑technical terms to senior executives.

• Strong understanding of operational technology cyber security best practices.
• A working familiarity with personal information and critical infrastructure information and cyber security regulations in the EU and wider European region.
• A deep understanding of governance, standards, and compliance as they pertain to cyber security.
• An undergraduate degree in a field related to security, information security, intelligence, or computer science.
• Experience with corporate outsourcing and managing third‑party cyber and information security risks.
• Good knowledge of cyber risk issues impacting clients in Europe.
• Undergraduate or post‑graduate degree in a related field.
• CISSP, CISM, ISO
  27001 lead auditor, SANs, or similar industry qualifications/certifications preferred.

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• A discretionary global bonus scheme that incentivises and rewards individuals based on company and individual performance.
• Flexible hybrid working arrangements that emphasise in‑person time while supporting remote work.
• As an equal‑opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and are fully committed to equal treatment, free from discrimination, throughout our recruitment process.