Senior Cyber Security Consultant | Cyber Advisory | Remote in Surrey, Woking

Cyber Chain Alliance was founded from a desire to do consultancy differently. We believe cyber should be accessible. That organisations deserve advice that fits their reality. And that consultants deserve autonomy, progression and the chance to influence the direction of the business they're part of. We're entering a new stage of growth and we're looking for a Senior Cyber Security Consultant who wants to help shape what comes next.

The role in real terms:

• This is a senior, autonomous consultancy position.
• You'll lead client engagements across UK NCSC Cyber Assessment Framework (CAF), ISO 27001 (including full end-to-end implementation), ISO 42001, NIST Cyber Security Framework v2.0 and Cyber Incident Exercising, advising on governance, risk and assurance challenges.
• You'll take ownership of delivery from scoping through to completion, including supporting clients through implementation and embedding, not just assessment.
• You'll assess controls, identify risks and design practical improvements that genuinely fit a client's environment.
• You'll work closely with senior stakeholders, often translating complexity into something clear and actionable.
• We value breadth across recognised frameworks, with particular depth in UK NCSC Cyber Assessment Framework (CAF) and ISO 27001, alongside strong commercial consultancy exposure.
• You should be comfortable taking a client through an ISO 27001 journey end-to-end, from gap assessment through to certification readiness.
• Technical depth is welcome, but applied experience and consultancy judgement matter more.
• This is not a "deliver and disappear" role.
• You'll support and guide other consultants where needed, sharing knowledge and contributing to delivery quality.
• You'll contribute to proposals and statements of work where appropriate.
• You'll identify ways to improve how we deliver and think strategically about where the practice is heading.
• You'll balance delivery excellence with commercial awareness and strong consultancy judgement.

Relevant certifications such as CISSP or CISM are expected, or you'll be working towards them.

What makes this different:

• Consultants often leave larger organisations because they feel stretched, stalled or disconnected from impact.
• At CCA, you'll see projects through. Many of our clients stay with us for years. We build trust, not dependency.
• You won't sit several layers removed from decision-making. You'll have visibility into how the business operates and grows.
• You'll influence how we scale.
• We are remote-first and genuinely flexible. We care about outcomes, not presenteeism.
• Autonomy isn't a perk here, it's part of how we work.

Built for real life:

• We've designed our approach to benefits and flexibility with our people in mind, recognising that life doesn't look the same for everyone.
• Some of our team are building families. Some are caring for others. Some are deepening their expertise. Some are exploring leadership.
• What works at one stage of life may not work at another, and we try to reflect that in how we support our people.
• That includes meaningful leave, strong family support, healthcare and wellbeing provision, income protection, pension contribution, professional development investment and space to step back when needed.
• More importantly, it includes a culture where those things are genuinely usable without explanation or apology.
• People stay because they feel supported. Because there's balance. Because it feels sustainable.

Who we're looking for:

• You'll bring demonstrable consultancy experience across governance, risk and assurance frameworks, with hands-on delivery experience across CAF and ISO 27001, and you'll understand how work is scoped, priced and delivered profitably.
• You'll be confident delivering ISO 27001 implementations end-to-end, not just supporting elements of the process.
• You'll be credible with clients at all levels and comfortable leading engagements independently.
• You'll be comfortable sharing knowledge, supporting others and contributing to a strong delivery culture.
• You'll think beyond the immediate task and spot opportunities to improve how we deliver and support clients.
• Most of all, you'll be aligned with our values. Curious. Accountable. Relationship-focused. Willing to build something, not just deliver against it.

If you're currently in consultancy and wondering whether there's a way to combine high standards with autonomy, leadership and purpose, there is. We're building it. And we'd love you to be part of it.

About CCA:

CCA is a specialist cyber consultancy built on the idea that security doesn't need to be intimidating to be effective. We help organisations strengthen governance, manage risk and build maturity in a way that fits their context. We're proud of the diversity of thought within our team. Different professional backgrounds, different routes into cyber, different ways of approaching problems. That mix is intentional. It challenges assumptions and improves outcomes for our clients.

As co-founders of community initiatives such as Cyber House Party, we're also committed to improving representation and creating opportunities within the industry. We're not trying to be the biggest organisation in the room. We're focused on building a sustainable, high-performing consultancy that does good work and gives people room to grow.

A note on applications:

We review every application individually without the use of AI, and will respond to all applicants. Please allow us a little time as we work through each one carefully.