Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber security projects and provide expert advice to improve government resilience.
- Company: Join HM Revenue & Customs, a key player in UK government cyber security.
- Benefits: Enjoy hybrid working, competitive pay, and the chance to make a real impact.
- Why this job: Be part of a mission-driven team enhancing national security and shaping best practices.
- Qualifications: 5+ years in cyber security, strong stakeholder management, and relevant certifications preferred.
- Other info: Active SC Clearance required; this is a non-technical testing role.
The predicted salary is between 48000 - 72000 £ per year.
Join to apply for the Cyber Security Consultant role at HM Revenue & Customs
Join to apply for the Cyber Security Consultant role at HM Revenue & Customs
Get AI-powered advice on this job and more exclusive features.
Direct message the job poster from HM Revenue & Customs
Hybrid Working from one of our Regional Centres
Active SC Clearance must be held to be considered
Initial 6 month contract
The Team
The Government Security Centre for Cyber (Cyber GSeC) develops and provides, consultancy and advice services to government departments to build their cyber security resilience, and the cyber security posture across HMG. We work directly in support of the Government Cyber Security Strategy (GCSS).
The Cyber GSeC is hosted by, and sits with HMRC Security, which is part of the Chief Digital and Information Officer (CDIO) area of HMRC. Though the GSeC sits within these functions, it is a distinct entity that is separate from the day-to-day HMRC security function.
The Project
Cyber GSeC also has the responsibility for delivering projects on behalf of the Government Security Group (GSG) within the Cabinet Office and has commenced work to build a new service capability helping government departments build and improve their cyber incident response plans and exercising.
We are seeking a Senior Cyber Security Professional to provide subject matter expertise across cyber incident response planning and exercising to support to this project and build the service capability.
Deliverables will include the production of artefacts to support departments in the formation of their cyber security incident response plans, including guidance documents, templates, plans and procedures for handling cyber security incidents or carrying out exercises.
The role will also include liaison with senior cross-government stakeholders including National Technical Authorities, third party service providers and department leads to ensure transfer of knowledge and alignment to government policy, and industry best practice and standards, regarding this specialism.
Please note this is not a technical testing role.
The Role
As a Senior Cyber Security Professional leading service delivery within Cyber GSeC, you will play a key role in improving the cyber security posture of His Majesty’s Government. Championing the outcomes of the Government Cyber Security Strategy you will oversee the design, implementation, uptake, and continued improvement of Cyber Security best practice and Cyber GSeC services that provide tangible improvement to the cyber security of Lead Government Departments and their underlying ALBs. You may also be required to contribute to other outcomes of HMRC’s Cyber Security Technical Services function.
You will be assigned to one of our technical services or projects, delivering against project plans and milestones. You will be confident in your ability to engage at senior levels across the UK security community and will be expected to be involved in our engagement with a wide range of key stakeholders that may include the Government Security Group (GSG), National Cyber Security Centre (NCSC) and the Central Digital and Data Office (CDDO).
The core element of the Senior Cyber Security Professional role will be to provide targeted, expert and risk-based technical security advice and guidance across the breadth of HM Government. The successful candidate will be able to evidence their technical skills and experience in cyber security fields relevant to the services we deliver.
Responsibilities can include:
- Delivering outcomes against one of our service lines or projects in support of the Government Cyber Security Strategy (GCSS).
- The development, implementation, delivery, and continuous improvement of Cyber GSeC advice and guidance services across circa 400 government organisations, ensuring alignment to relevant cyber security standards and architectural requirements.
- Selecting suitable security techniques, tools, and test strategies to confirm compliance with relevant HMG security standards, providing suggested remediation actions.
- Leading the development of Security Principles, Policies and Technical Standards aligned to business context and risk appetites and curating communication campaigns for a wide range of stakeholders to encourage an improved cyber security stance and the uptake of Cyber GSeC services.
- Supporting the delivery of balanced and efficient cyber security risk management decisions, identifying vulnerabilities and resolutions in sophisticated technical environments.
- Recognising when security measures impact on users or business needs, providing targeted and expert advice to inform business decision making, and handle partner concerns.
- Identifying, raising, and advancing cyber risks in keeping with HMG risk appetite and delivering effective cyber services from our catalogue.
- Research, identify, validate, and lead the adoption of new technologies and methodologies and engage with and contribute to a wider security technology and tooling strategy providing direction to the organisation and HMG.
At application and interview, you must demonstrate extensive experience of:
- Minimum 5 years’ experience working as a Cyber Security Consultant or IT Security Consultant, ideally within an Incident Response Team or related role.
- Demonstrate extensive senior stakeholder management across partner organisations, clients, and suppliers, using strong communication skills to communicate effectively at all levels to technical and non-technical audiences.
- Having a deep subject matter knowledge across key incident response specialist areas and demonstrating understanding of the technical and procedural concepts, and their application.
- Communicating with all different stakeholders to convey the relevant points about incident response and cyber security, whilst being sensitive to stakeholders’ knowledge levels, role within organisation and experience in a way that builds trust and confidence.
- Developing and managing cyber security response plans and building exercises that are credible and robust, this could also include experience of being a key member of a Cyber Incident Response Team.
- Providing sources of reference to resolve problems and help mentor team members and having suitable knowledge to answer questions directly regarding a broad range of technical matters.
- Security and privacy risks and associated threats with a solid understanding of key considerations such as confidentiality, integrity, availability, non-repudiation, and privacy.
- Successful delivery of security aspects of major projects, demonstrating professional credibility and authority.
- Crafting and conveying information security and risk management guidance aligned to corporate risk appetite across several enterprises.
- Working with leading standards such as NIST, ISO, CIS, and Cyber Essentials
- Extensive experience consulting on security assurance and conducting audits
Please ensure your CV clearly demonstrates how you meet this essential criteria.
Desirable Qualifications
It is desirable that candidates hold some relevant qualifications.
Relevant IT Security qualifications include (but are not limited to):
- NCSC Certified Cyber Professional (CCP)
- Certified Information System Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Certified Information Security Manager (CISM)
Please note that SC Clearance is required for this position.
Seniority level
-
Seniority level
Mid-Senior level
Employment type
-
Employment type
Contract
Job function
-
Job function
Information Technology
-
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at HM Revenue & Customs by 2x
Get notified about new Cyber Security Consultant jobs in England, United Kingdom.
Bristol, England, United Kingdom 1 month ago
London, England, United Kingdom 1 month ago
London, England, United Kingdom 1 month ago
Waterside, England, United Kingdom 1 week ago
Business Information Security Officer, Europe
London, England, United Kingdom 4 hours ago
Manchester, England, United Kingdom 2 months ago
Information Security Officer ( Talent Pool )
Selby, England, United Kingdom 5 months ago
Associate Information & Cyber Security Consultant
West Midlands, England, United Kingdom 2 weeks ago
Crawley, England, United Kingdom 2 weeks ago
London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 1 day ago
Greater London, England, United Kingdom 2 weeks ago
Bristol, England, United Kingdom 1 day ago
Portsmouth, England, United Kingdom 4 hours ago
Information Security Engagement Consultant
Consultant- Cyber Security Consulting & Advisory
London, England, United Kingdom 1 week ago
Leeds, England, United Kingdom 2 weeks ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Cyber Security Consultant employer: HM Revenue & Customs
Contact Detail:
HM Revenue & Customs Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Consultant
✨Tip Number 1
Familiarise yourself with the Government Cyber Security Strategy (GCSS) and the specific goals of the Cyber GSeC. Understanding their objectives will help you align your experience and skills with what they are looking for in a candidate.
✨Tip Number 2
Network with professionals in the cyber security field, especially those who have experience working with government departments. Engaging with them can provide insights into the role and may even lead to referrals.
✨Tip Number 3
Prepare to discuss your experience with incident response planning and stakeholder management in detail. Be ready to share specific examples that demonstrate your ability to communicate effectively with both technical and non-technical audiences.
✨Tip Number 4
Stay updated on the latest trends and best practices in cyber security, particularly those relevant to government standards like NIST and ISO. This knowledge will not only help you in interviews but also show your commitment to continuous learning in the field.
We think you need these skills to ace Cyber Security Consultant
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your relevant experience as a Cyber Security Consultant. Focus on your skills in incident response, stakeholder management, and any specific qualifications you hold that align with the job description.
Craft a Strong Cover Letter: Write a cover letter that directly addresses the key responsibilities and requirements outlined in the job description. Use specific examples from your past experience to demonstrate how you meet these criteria.
Highlight Relevant Qualifications: If you have any relevant IT Security qualifications such as CISSP or CISM, make sure to mention them prominently in your application. This will help you stand out as a qualified candidate.
Showcase Communication Skills: Since the role involves liaising with senior stakeholders, emphasise your communication skills in both your CV and cover letter. Provide examples of how you've effectively communicated complex security concepts to diverse audiences.
How to prepare for a job interview at HM Revenue & Customs
✨Showcase Your Experience
Make sure to highlight your extensive experience in cyber security, particularly in incident response. Be prepared to discuss specific projects you've worked on and the outcomes you achieved, as this will demonstrate your capability to handle the responsibilities of the role.
✨Understand Stakeholder Engagement
Since the role involves liaising with senior stakeholders, it's crucial to convey your experience in managing relationships across various organisations. Prepare examples of how you've effectively communicated complex technical concepts to both technical and non-technical audiences.
✨Familiarise Yourself with Relevant Standards
Brush up on key standards such as NIST, ISO, and Cyber Essentials. Being able to discuss how these frameworks apply to the role will show that you are well-versed in industry best practices and can contribute to the development of security policies.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in cyber security incidents. Think through past experiences where you identified vulnerabilities or managed a security incident, and be ready to explain your thought process and actions taken.
