Cyberfort

Senior Information Security Consultant

Cyberfort  •  London, GB (Hybrid)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Join Cyberfort – Senior Information Security Consultant

Location: Remote, occasional travel as required to meet client/business needs

Department: Private Sector Cyber Consultancy

Contract Type: Full-time

Salary: Competitive + Benefits

About Cyberfort

At Cyberfort, we’re securing the digital future. As a leading UK provider of cybersecurity solutions, we deliver cutting-edge services in Managed Detection & Response (MDR), Penetration Testing, Security Operations, and Strategic Consulting.

We’re large enough to offer exciting opportunities, yet agile enough to ensure every voice is heard. At Cyberfort, you’re not just joining a company, you’re becoming part of a mission-driven team.

About the Role: Senior Information Security Consultant

As a Senior Information Security Consultant, you will lead and deliver client engagements across a broad range of security, risk, compliance and assurance programmes. You will work with organisations to assess, improve and evidence their security posture while supporting complex transformation, audit and governance initiatives.

This is a senior consulting role requiring strong stakeholder management skills, broad experience across information security frameworks, and the ability to apply pragmatic security solutions in diverse client environments. You will be framework agnostic in your approach, focusing on business outcomes and risk reduction rather than compliance for compliance’s sake.

The role combines strategic advisory services with hands-on technical and assurance delivery. You will work with clients across multiple sectors, helping them navigate evolving regulatory requirements, AI governance challenges, technical control assessments and security maturity improvement programmes.

Key Responsibilities
  • Lead delivery of security assessments, assurance reviews and improvement programmes across frameworks including ISO 27001, NIST CSF, CAF, Cyber Essentials, DSPT, ISO 42001, CSA CCM and other industry-recognised standards

  • Conduct complex gap analyses aligned to client risk appetite, regulatory obligations and business objectives

  • Provide expert guidance on security governance, risk management and control frameworks, applying a framework agnostic approach to client challenges

  • Assess, design and enhance technical, administrative and physical controls across cloud, on-premise and hybrid environments

  • Review and optimise Microsoft 365 security controls, ensuring organisations achieve effective and proportionate security outcomes

  • Lead risk assessments using recognised methodologies such as ISO 27005, NIST RMF, FAIR and equivalent approaches

  • Deliver DSPT assessments, assurance activities and remediation programmes within healthcare and regulated environments

  • Support organisations in developing governance and assurance models for AI adoption, including AI risk assessments, control reviews and compliance with emerging AI standards

  • Develop, review and maintain security policies, standards, procedures and guidance documentation

  • Lead internal audits, external audit preparation, certification readiness activities and compliance assessments

  • Present findings, recommendations and remediation plans to senior stakeholders, technical teams and executive leadership

  • Facilitate workshops, tabletop exercises and stakeholder engagement sessions to support security maturity improvement

  • Mentor junior consultants and contribute to the development of Cyberfort's consulting capability

What We're Looking For
  • Proven experience operating as a Senior Information Security Consultant, Information Security Manager, Security Assurance Consultant or similar role

  • Strong experience across multiple information security and assurance frameworks including ISO 27001, NIST CSF, CAF, Cyber Essentials, DSPT, CSA CCM and related standards

  • Demonstrable ability to work in a framework agnostic manner, selecting and applying the most appropriate controls and approaches for specific client requirements

  • Strong understanding of security governance, risk management, assurance, compliance and audit principles

  • Hands-on experience assessing and implementing technical security controls across enterprise environments

  • Experience reviewing and enhancing Microsoft 365 security configurations and controls

  • Experience supporting AI governance, AI risk management and assurance activities, including exposure to standards such as NIST AI RMF and ISO 42001

  • Experience leading security audits, compliance reviews and control effectiveness assessments

  • Strong understanding of technical security domains including identity and access management, endpoint security, cloud security, data protection and security monitoring

  • Excellent written and verbal communication skills with the ability to influence stakeholders at all levels

  • Experience producing high-quality client deliverables, reports and executive presentations

  • Strong MS Office skills, particularly Word, Excel and PowerPoint

  • Experience working with GRC and compliance platforms such as OneTrust, Vanta or similar solutions

Desirable Certifications
  • CISSP

  • CISM

  • ISO 27001 Lead Auditor

  • ISO 27001 Lead Implementer

  • CRISC

  • ISO 42001 Lead Implementer or Auditor

  • Microsoft Security certifications

Inclusive Hiring

We understand that one size doesn’t fit all. If you need adjustments during the recruitment process, we’re here to support you. Cyberfort is proud to be a Disability Confident Employer, a CyberFirst partner, and a signatory of the Armed Forces Covenant.

Why Join Us?
  • Purpose-Driven Work – Help protect businesses and communities from evolving cyber threats.

  • Growth & Development – Access mentoring, apprenticeships, graduate schemes, and continuous learning platforms.

  • Inclusive Culture – We champion diversity through our Women’s Network, Neurodiversity Awareness, and Inclusion Committee.

  • Flexible Working – Hybrid and remote options to support work-life balance.

  • Top-Tier Benefits – Competitive salary, private healthcare, wellbeing support, generous holiday allowance, and more.

Ready to Apply?

If you’re passionate about cybersecurity and want to make a real impact, we’d love to hear from you.

Learn More
Cyberfort

About Cyberfort

At Cyberfort we are passionate about the cyber security services we deliver for our customers which keeps their people, data, systems and technology infrastructure secure, resilient and compliant.

Our business offers National Cyber Security Centre assured Consultancy services, Identification and Protection against cyber-attacks, proactive Detection and Response to security incidents through our security operations centre and a Secure and Recover set of Cloud solutions which keeps data safely stored, managed and available 24/7/365.

Over the past 20 years we have combined our market leading accreditations, peerless cyber security expertise, strong technology partnerships, investment in our future cyber professionals and secure locations to deliver a cyber security experience for customers which enables them to achieve their business and technology goals in an ever-changing digital world.

Industry
IT & Software
Company Size
51-200 employees
Headquarters
Thatcham, GB
Year Founded
2017
Social Media