Senior Cyber Risk & Compliance Consultant (GRA) in Reading

Senior Cyber Risk & Compliance Consultant (GRA) in Reading

Reading Full-Time 60000 - 80000 Β£ / year (est.) No working from home possible
FSP

At a Glance

  • Tasks: Lead cyber governance and compliance projects, ensuring alignment with ISO27001 and other standards.
  • Company: Join a dynamic team at a leading cybersecurity consultancy focused on innovation.
  • Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
  • Other info: Be part of a supportive culture that values diversity and continuous learning.
  • Why this job: Make a real impact in cybersecurity while working with top-tier clients and frameworks.
  • Qualifications: Extensive experience in cyber risk and compliance, with relevant certifications like ISO/IEC 27001.

The predicted salary is between 60000 - 80000 Β£ per year.

Role Overview

We have an exciting opportunity for a Senior Cyber Risk & Compliance Consultant to join our growing Governance, Risk and Assurance (GR&A) team.

In this role, you will utilise your GRC and cybersecurity expertise to advise clients on ISO27001 and other information security consulting engagements and support the delivery of complex security programmes.

Responsibilities

  • Lead cyber governance, risk and compliance engagements with a primary focus on achieving certification or standards alignment to ISO27001.

This includes gap assessments, strategy and planning, implementation support, audit preparation and pre- and post-certification support.

  • Engage with clients to understand their wider threat landscape and business context, conducting risk and compliance assessments against other recognised frameworks and standards (e. g., NIST, SOC 2, Def Stan).
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks.
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight.
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes.
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps.
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community.
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism.

About you

  • Extensive experience designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading GRC and security assurance initiatives.
  • Possess strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards, with demonstrable experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies.
  • Experienced in applying UK Government security and assurance frameworks, including Gov Assure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (Gov S) 007.
  • Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes.
  • Hold a recognised ISO/IEC 27001 Lead Implementer or Lead Auditor certification, alongside other relevant academic or professional qualifications (e. g.

MSc in Cyber Security or related specialism, CISM, CISSP, PCIRM).

  • Hold, or be working towards, Principal or Chartered Cyber Security Professional (Ch CSP) status.
  • Eligible to work in the UK and able to obtain and maintain UK security clearances.
  • EEO and Employment Information

FSP is an equal opportunity employer.

We consider all applicants for employment regardless of age, disability, sexual orientation, gender identity, family or parental status, race, colour, nationality, ethnic or national origin, religion or belief.

Please note that visa sponsorship is available for some roles, subject to eligibility and business requirements.

#J-18808-Ljbffr

FSP

Contact Details:

FSP Recruitment Team

We think you need these skills to ace Senior Cyber Risk & Compliance Consultant (GRA) in Reading

Cyber Governance
Risk and Compliance Management
ISO/IEC 27001
NIST
SOC 2
DefStan
Information Security Policies