Cyber Security Consultant in Cardiff

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: City: Cardiff Address: Cardiff, Wales, GB, CF30LT Job Requisition Number: 7719 Work Type: Permanent Job Function: IT Salary Range: £56,710 - £69,471 Base: Cardiff / Hybrid Closing Date: 23:59 on 19/06/2025 The Security Consultant works within the Security Risk and Governance team and is responsible for working with project teams, including architects, analysts, technical designers, programme managers, and business users to ensure that projects are delivered securely, protecting customer, company, and employee data, and ensuring compliance with the Information Security policies and standards. Responsibilities: Provide end-to-end engagement on a wide range of business projects, ensuring security is integrated and data is protected. Attend project meetings and represent Information Security, providing guidance as needed. Review and consult on IT/Business change documentation including Business Requirements, Design Documents, and Network Diagrams. Provide the necessary people, process, and technology requirements to deliver secure solutions. Ensure relevant security policies and standards are applied to projects, adopting a hands-on approach where necessary. Communicate risks effectively to both technical and non-technical stakeholders. Scope, organize, and support penetration testing and vulnerability assessments, tracking remediation efforts. Conduct Security impact assessments to meet policies, NIS D obligations, and GDPR requirements on projects where applicable. Contribute to and review security clauses in supplier contracts. Undertake any additional duties as assigned by the line manager. Who you’ll work with Internal: CISO Security Architecture Business Sponsors Head of Procurement Head of Legal DPO IT & OT Architects External: Outsource IT providers Major suppliers to Welsh Water External Auditors Regulators About you Knowledge, Skills & Experience: Recognized professional certifications such as CISSP, CISM, CISA, CRISC Familiarity with NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO27001 Understanding of Security governance frameworks and risk management Experience delivering Security assurance in large, complex projects Strong stakeholder engagement skills Technical knowledge of security implementation and vulnerabilities Experience delivering end-to-end Security assurance Excellent communication skills, both written and verbal Deep knowledge of Security risk management and frameworks Good to know This role includes hybrid working. We offer a competitive salary, 33 days annual leave, and a range of employee benefits including variable pay schemes, additional leave options, pension contributions, mortgage services, discounts, and more. Note: We may close or extend the application period based on interest. All new employees will undergo references, medical clearance, and criminal record checks, with additional security clearances as needed. Who we are Welsh Water supplies safe, reliable water to 3 million people and manages wastewater responsibly, protecting our environment. We value diversity and inclusion, encouraging applications from minority groups, including ethnic minorities, women, LGBTQ+, and individuals with disabilities. We are committed to a culture of trust, respect, and honesty. Company registration: Dŵr Cymru Cyf, No. 2366777, registered in Wales. Registered office: Linea, Fortran Road, St. Mellons, Cardiff CF3 0LT. #J-18808-Ljbffr