Cyber Security Consultant - Strategy, Risk & Compliance

At IBM CIC, we provide technical and industry expertise to a wide range of public and private sector clients in the UK. A career in IBM CIC means you’ll have the opportunity to work with leading professionals across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. You will get the chance to deliver effective solutions, driving meaningful business change for our clients, using some of the latest technology platforms. Curiosity and a constant quest for knowledge serve as the foundation to success here. You’ll be encouraged and supported to constantly reinvent yourself, focusing on skills in demand in an ever‑changing market. You’ll be working with diverse teams, coming up with creative solutions which impact a wide network of clients, who may be at their site or one of our CIC or IBM locations. Our culture of evolution centres on long‑term career growth and development opportunities in an environment that embraces your unique skills and experience.

We Offer

• Many training opportunities from classroom to e‑learning, mentoring and coaching programs and the chance to gain industry‑recognised certifications.
• Regular and frequent promotion opportunities to ensure you can drive and develop your career with us.
• Feedback and checkpoints throughout the year.
• Diversity & Inclusion as an essential and authentic component of our culture through our policies, processes, and Employee Champion teams and support networks.
• A culture where your ideas for growth and innovation are always welcome.
• Internal recognition programs for peer‑to‑peer appreciation as well as from manager to employees.
• Tools and policies to support your work‑life balance from flexible working approaches, sabbatical programmes, paid paternity leave, maternity leave and an innovative maternity returners scheme.
• More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Programme, life assurance and a group personal pension plan of an additional 5% of your base salary paid by us monthly to save for your future.

Your Role and Responsibilities

As a Security Consultant within Cyber Strategy & Risk, you will act as a trusted advisor to clients, shaping their security posture and ensuring compliance with regulatory and risk requirements. You will lead the design and implementation of secure solutions, applying industry best practices and frameworks to mitigate risks and protect critical assets. This role offers the opportunity to work at the intersection of strategy, risk, and technology, collaborating with stakeholders to develop business‑driven security strategies and roadmaps that deliver lasting impact.

Responsibilities

• Design and implement security solutions aligned with Secure by Design principles.
• Lead security, risk and compliance initiatives to meet business and regulatory requirements.
• Develop and maintain Information Security Management Systems (ISMS) in line with industry standards.
• Identify and assess risks, developing actionable mitigation plans and strategies.
• Support clients in strategic planning, security governance and risk management.
• Translate complex technical and regulatory requirements into clear, actionable recommendations.
• Provide advisory services to stakeholders, ensuring security initiatives align with business objectives.
• Stay up-to-date with emerging threats, industry frameworks and evolving security practices.
• Communicate findings and strategies effectively through presentations, reports and workshops.

Preferred Education

Bachelor’s Degree.

Required Technical and Professional Expertise

• Hands‑on experience applying Secure by Design principles.
• Minimum 5 years of experience in cybersecurity assurance/information assurance, including ISMS development and maintenance.
• Proven expertise in strategic planning, risk management or management consulting within the technology sector.
• Strong analytical skills, with the ability to interpret complex data and deliver actionable insights.
• Excellent communication, presentation and stakeholder management skills.

Compliance, Eligibility and Visa

As an equal opportunities employer, we welcome applications from individuals of all backgrounds. However, for you to be eligible for this role, you must have the valid right to work in the UK. Unfortunately, we do not offer visa sponsorship and have no future plans to do so. You must be a resident in the UK and have been living continuously in the UK for the last 10 years. You must be able to hold or gain a UK government security clearance.

Preferred Technical and Professional Experience

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity or a related field.
• Professional certifications such as CISSP, CISM or CRISC.
• In‑depth knowledge of ISO standards (ISO 27001, ISO 27002, ISO 27005).
• Familiarity with NIST frameworks (e.g., NIST SP 800‑53, NIST Cybersecurity Framework).

Seniority Level Mid‑Senior level.

Employment Type Full‑time.

Job Function Information Technology.

Industries IT Services and IT Consulting.