Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead clients in enhancing their security and achieving certifications like ISO/IEC 27001.
- Company: Join a growing, innovative firm with a focus on information security.
- Benefits: Enjoy a competitive bonus, generous holiday, and extensive health benefits.
- Why this job: Make a real difference in clients' security while developing your expertise.
- Qualifications: Experience in ISO/IEC 27001 and Cyber Essentials certification is essential.
- Other info: Flexible hybrid working and a supportive environment for career growth.
The predicted salary is between 43200 - 72000 £ per year.
We have an exciting, permanent opportunity for a Senior Risk & Resilience Consultant / Information Security Consultant to join any of our 11 UK offices (hybrid working) as we continue to grow following the Howden acquisition. We are looking for an experienced Information Security Consultant to support our clients in improving their security posture and achieving recognised certifications. This role is hands-on and client-facing.
A Snapshot Of Your Day:
- Lead and support clients through the implementation of ISO/IEC 27001, from gap analysis to readiness for certification.
- Plan and conduct internal audits against ISO/IEC 27001, including reporting findings and recommending improvements.
- Guide organisations through the Cyber Essentials and Cyber Essentials Plus certification process.
- Design, review, and improve information security policies, processes, and controls that are proportionate and practical.
- Explain information security risks to stakeholders in clear, business-focused terms, linking technical issues to business impact such as operational disruption, financial loss, regulatory exposure, or reputational damage.
- Deliver information security training and awareness sessions to staff at different levels of the organisation.
- Support and guide clients in the event of an information security incident, helping them understand next steps, containment, and reporting obligations.
- Support clients with third-party security assessments, including responding to customer security questionnaires; assessing supplier security posture and risks; advising on proportionate assurance and risk treatment approaches.
- Manage security projects, including planning, tracking progress, managing risks, and meeting deadlines.
- Act as a trusted advisor, translating security requirements into clear business actions.
- Facilitate workshops and meetings with stakeholders ranging from operational teams to senior leadership.
- Produce clear, well-structured documentation and reports suitable for both technical and non-technical audiences.
- Support continuous improvement of clients' information security management practices.
We would love to hear from you if you have:
- Proven experience implementing ISO/IEC 27001 within an organisation or as a consultant and performing or supporting internal audits against ISO/IEC 27001.
- Practical experience guiding organisations through the Cyber Essentials certification process.
- Experience delivering information security training or awareness sessions.
- Experience supporting or responding to third-party security assessments or questionnaires.
- Demonstrated ability to communicate information security risks in business terms, not just technical language.
- Excellent understanding of information security risk management and controls.
- Experience managing projects, including timelines, dependencies, and stakeholder expectations.
- Excellent communication skills, both written and verbal with confidence engaging with people at all levels of an organisation, including senior management.
Desirable:
- Experience with data protection and privacy, such as UK GDPR or EU GDPR.
- Experience supporting organisations during security incidents or data breaches.
- Experience assessing supplier risk or working with vendor risk management processes.
- Experience with supporting organisations with Business Continuity planning (ISO 22301).
- Relevant certifications (e.g. ISO 27001 Lead Implementer, Lead Auditor, Cyber Essentials Assessor, CISM, CISSP).
- Previous consultancy or client-facing experience.
What's In It For You:
- Competitive discretionary annual bonus.
- Core benefits paid for by BW including life assurance, group income protection, private medical cover and 25 days holiday per year with holiday trading.
- A generous pension scheme where we contribute 8% of your salary from day one of your employment.
- Employee Assistance Programme to support you and your family through any concerns or challenges you may experience.
- A comprehensive range of voluntary benefits to suit you (and your family) including an electric car leasing scheme, tech scheme, cycle to work scheme, dental cover, healthcare cash plan, health assessments, critical illness cover, extension of private medical cover or life assurance to family members, Sports Allowance – we pay up to 50% of your gym/sports membership (up to £50 pm), travel insurance, paid volunteering, and a broad range of discounts at hundreds of retailers including supermarkets, fitness centres, travel and leisure companies.
Accessibility: We are a Disability Confident Employer. If you need reasonable adjustments or would like more information on accessibility, please click here.
Not quite the right opportunity? For more about us and other Careers at BW, please click here. Follow Barnett Waddingham on LinkedIn.
We kindly ask recruitment agencies to not send speculative CVs. Should we need assistance, we will reach out. All enquiries should be directed to careers@barnett-waddingham.co.uk.
Senior Risk & Resilience Consultant (Information Security Consultant) in London employer: Barnett Waddingham
Contact Detail:
Barnett Waddingham Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Risk & Resilience Consultant (Information Security Consultant) in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by practising common questions and scenarios related to information security. We recommend doing mock interviews with friends or mentors to boost your confidence and refine your answers. Remember, showing your expertise is key!
✨Tip Number 3
Don’t underestimate the power of follow-ups! After an interview, send a thank-you email to express your appreciation and reiterate your interest in the role. It’s a simple gesture that can set you apart from other candidates.
✨Tip Number 4
Apply through our website for the best chance at landing the job! We’re always on the lookout for passionate individuals who fit our culture. Plus, it shows you’re genuinely interested in being part of our team.
We think you need these skills to ace Senior Risk & Resilience Consultant (Information Security Consultant) in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Senior Risk & Resilience Consultant role. Highlight your experience with ISO/IEC 27001 and Cyber Essentials, as well as any relevant certifications. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background makes you a great fit for our team. Keep it engaging and relevant to the job description.
Showcase Your Communication Skills: Since this role involves explaining complex security issues in business terms, make sure your application reflects your communication skills. Use clear, concise language and avoid jargon where possible. We love candidates who can connect with both technical and non-technical audiences!
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s straightforward and ensures your application goes directly to us. Plus, we can’t wait to hear from you!
How to prepare for a job interview at Barnett Waddingham
✨Know Your Standards
Make sure you’re well-versed in ISO/IEC 27001 and Cyber Essentials. Brush up on the specifics of these standards, as you’ll likely be asked about your experience implementing them. Being able to discuss real-life examples will show your expertise.
✨Speak Their Language
When discussing information security risks, remember to translate technical jargon into business terms. Practice explaining how security issues can impact operations, finances, and reputation. This will demonstrate your ability to communicate effectively with stakeholders at all levels.
✨Showcase Your Project Management Skills
Be prepared to talk about your experience managing security projects. Highlight your ability to plan, track progress, and manage risks. Use specific examples to illustrate how you’ve met deadlines and handled stakeholder expectations.
✨Engage and Educate
Since delivering training sessions is part of the role, think about how you would approach this. Prepare to discuss your experience in conducting training and how you make complex topics accessible to different audiences. This will show your capability as a trusted advisor.
