Job Description

LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services.
About the Role

LevelBlue’s Professional Services Organisation is seeking an experienced Cyber Security Consultant to join our growing Security Consulting practice. This is a client-facing delivery role focused on helping organisations across a range of sectors identify, assess, and address their most pressing security challenges — spanning SIEM, Identity, security architecture review and Endpoint Detection & Response (EDR) technologies.
As a Cyber Security Consultant, you will work across the full engagement lifecycle — from scoping and discovery through to delivery, reporting, and client presentation. You will operate with a good degree of autonomy on engagements while drawing on the wider LevelBlue practice for specialist support and peer review. The role suits someone with a solid technical foundation who is equally comfortable translating findings into clear, business-relevant guidance for client stakeholders at all levels.
This role offers a clear development pathway toward Senior Consultant and Principal Consultant levels within the LevelBlue Professional Services career framework, with access to structured mentoring, certification support, and exposure to a broad portfolio of client environments.
Responsibilities

Engagement Delivery
• Deliver AIR engagements across a range of service lines including greenfield SOC builds, SIEM platform implementations (Microsoft Sentinel, Splunk, SentinelOne (AI SIEM), LogRhythm, etc.), EDR deployments (various), and managed security service transitions.
• Perform assessments across Microsoft Purview, Entra ID, Copilot for Security and Azure.
• Produce high-quality, client-ready deliverables: High Level Designs, Low Level Designs, Statements of Work, implementation guides, operational runbooks, and use-case documentation.
• Plan, facilitate, and document client workshops, steering committees, and executive briefings - managing outputs, decisions, and action items to closure.
• Develop business cases and ROI analyses for proposed security programmes, presenting findings to functional managers and senior executive stakeholders.
• Identify and document programme risks, assumptions, dependencies, and constraints; shape governance frameworks appropriate to engagement scale and client maturity.
• Build client technology roadmaps aligned to their security strategy, threat profile, and budget constraints.
• Manage scope and delivery expectations proactively, escalating commercial or delivery risks before they affect client outcomes.
Pre-Sales & Business Development
• Support the sales team on pre-sales activities — contributing technical input to scoping discussions, proposal development, and client presentations for prospective engagements.
• Contribute to bid responses, scope definitions, and commercial frameworks for new and renewal engagements.
Practice Contribution
• Contribute to the development and maintenance of LevelBlue service methodologies, delivery templates, proposal assets, and internal knowledge resources.
• Stay current with the evolving threat landscape, attacker techniques, and relevant vendor and platform developments — sharing insights with the team and incorporating learnings into client advisory.
• Participate in peer review of deliverables, contribute to team knowledge-sharing sessions, and actively engage with the LevelBlue professional development framework.

Experience & Qualifications

Essential Experience
• 3–6 years of hands-on experience in cyber security consulting, managed security services, or an in-house security function, with demonstrable client-facing or stakeholder engagement experience.
• Solid grounding in core security domains including network security, identity and access management, endpoint protection, cloud security, and vulnerability management — with the ability to discuss each in both technical and business-risk terms.
• Strong domain expertise in one or more of the following, with working knowledge across all:
• SIEM design, build, and operationalisation - Microsoft Sentinel/Splunk/SentinelOne (AI SIEM)/LogRhythm
• Security Operations Centre (SOC) design, build, and transformation - including greenfield and transition engagements
• Endpoint Detection & Response (EDR) - deployment, tuning, and integration into detection workflows
• Managed Security Service integration - including service wrap, SIEM/EDR definition, and operational model development
• Experience of Microsoft Purview, Entra ID, Copilot for Security, Azure.
• Proven ability to produce and own senior-level deliverables: HLDs, LLDs, SOWs, operational documentation, and executive-level presentations.
• Experience operating across both greenfield and existing-environment engagements in complex enterprise settings.
• Comfortable working autonomously, managing multiple concurrent engagements, and travelling to client sites as required.
• Track record of producing well-structured, professional written deliverables — reports, policies, gap analyses, and client presentations — to a standard suitable for direct client distribution.
• Comfortable working directly with clients in a workshop, interview, and presentation settings — able to ask incisive questions, capture requirements accurately, and present findings with clarity and confidence.
Skills & Attributes
• Structured problem-solving capability - able to analyse complex security environments and translate findings into clear, actionable client guidance.
• Excellent English written and verbal communication skills; able to calibrate messaging from board-level executive briefings through to hands-on technical workshops.
• Commercial acumen - able to scope engagements accurately, manage client expectations, and contribute to LevelBlue revenue growth without compromising delivery quality.
• High degree of self-direction and accountability; able to operate with minimal supervision while keeping leadership informed of risks and progress.
• Collaborative by nature - contributes to team culture, shares knowledge, and invests in the development of colleagues.
• Professional and credible in client-facing settings — able to build rapport quickly, handle difficult conversations constructively, and represent LevelBlue appropriately at all times.
Certifications
Domain Desirable Certifications
Microsoft Sentinel / Azure SC-200 (Security Operations Analyst), AZ-500 (Azure Security Engineer)
Microsoft Entra/Purview/Copilot for Security Any relevant cert/qualification
Splunk Splunk Certified Architect or Splunk Enterprise Security Certified Admin
Security Management CISSP, CISM, or CRISC
Incident Response / Detection GIAC: GCIH, GCIA, GSOM, or GCFE
Service Management ITIL 4 Foundation (beneficial for managed services engagements)
Security Clearances SC / BPSS

Equivalent demonstrated experience will be considered in lieu of formal certification where substantiated by a clear delivery track record. Candidates actively working toward relevant certifications are also encouraged to apply.
Education
• A high school diploma or equivalent is required; a college or university degree is a plus.
Why Join LevelBlue?
At LevelBlue, you’re not just an employee—you’re part of a team making a real difference in the world of cybersecurity. We foster a culture of innovation and creativity where your contributions are valued, and you’ll have the support and resources to grow and thrive.

This role is open to candidates legally authorized to work in the UK. At LevelBlue, we support flexible work and bring people together in person for key moments based on role, team, and business needs.
LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law.
To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue’s policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.

#LI-MC1