At a Glance
- Tasks: Act as a trusted advisor on cyber security for third-party integrations.
- Company: Join a leading firm in London with a focus on innovative security solutions.
- Benefits: Flexible work options, competitive salary, and opportunities for professional growth.
- Other info: Collaborate with diverse teams and enhance third-party risk management practices.
- Why this job: Shape security strategies and make a real impact in a dynamic environment.
- Qualifications: 6+ years in tech, with strong knowledge in security domains and relevant certifications.
The predicted salary is between 70000 - 90000 £ per year.
Location: London, 3 days a week onsite, 2 days remote. No sponsorship available with this role.
Job Purpose
The title does not truly summarise the role, this is a Technical Consulting role, consulting into the internal TPRM team. The TPRM Principal Security Consultant acts as a trusted advisor to senior stakeholders, ensuring the security of a wide range of technical integrations with third‑party suppliers. The role provides risk-based assessments and supports mitigation strategies for complex third-party engagements. You will embed Secure‑by‑Design principles across all activities and ensure risks are effectively understood, communicated, and managed. The role involves building strong relationships across engineering and leadership teams, supporting a global third‑party landscape spanning multiple business units, including digital platforms, retail operations, and external partners. You will help shape strategy, oversee security assessments, establish governance models, and collaborate across security, risk, procurement, legal, and compliance functions to enhance third‑party risk management practices.
Scope of the Role
- Scope: Enterprise‑wide third‑party portfolio
- Function: Information Security
- Focus: Governance, Risk, and Security
Key Accountabilities & Responsibilities
- Own the InfoSec relationship for assigned third‑party portfolios to enable risk‑aware decision‑making
- Act as a trusted advisor to both technical and non‑technical stakeholders
- Identify when additional support is required from Security Architecture, Engineering, or Design teams and coordinate engagement
- Lead technical security risk assessments and provide guidance aligned to industry frameworks and Secure‑by‑Design principles
- Oversee supplier onboarding risk assessments and ongoing monitoring activities
- Ensure intelligence and security insights are shared with relevant internal functions (e.g. threat modelling, cyber intelligence)
- Collaborate with GRC teams on risk, compliance, and assurance activities
- Provide mentorship and technical guidance to team members
- Communicate effectively with stakeholders at all levels, including senior leadership
Key Experience
- Strong knowledge across at least two security domains, with working knowledge of others, such as:
- Application Security
- Network Security
- Infrastructure Security
- IoT / Operational Technology Security
- Demonstrated experience with risk assessment methodologies and compliance frameworks
- ~6+ years in technology, including at least 2 years in a senior security or engineering role
- Experience working within complex technical environments
- Relevant certifications (e.g. CISSP, CISM, CRISC, CCSP, CCSK)
- Degree in Computer Science, Cyber Security, or related field
Key Stakeholders
- Information Security (Engineering, Architecture, Risk & Compliance, Cyber Defence)
- Technology teams (e.g. cloud platforms, workplace technology, development teams)
- Business functions (e.g. procurement, legal, compliance)
- Senior leadership and non‑technical stakeholders
Core Competencies & Behaviours
- Clear and effective communication
- Strong stakeholder management and influencing skills
- Ability to operate across technical and business domains
- Ownership and accountability for delivery
- Commercial awareness and risk‑based decision making
- Focus on continuous improvement and pragmatic outcomes
Technical Consultant (Cyber Security) employer: InfoSec People Ltd
As a Technical Consultant in Cyber Security at our London office, you will thrive in a dynamic work culture that values collaboration and innovation. We offer a flexible working arrangement with three days onsite and two days remote, fostering a healthy work-life balance while providing ample opportunities for professional growth and mentorship. Join us to be part of a forward-thinking team that prioritises security and risk management across diverse business units, ensuring your contributions make a meaningful impact.
StudySmarter Expert Advice🤫
We think this is how you could land Technical Consultant (Cyber Security)
✨Network Like a Pro
Get out there and connect with people in the industry! Attend meetups, webinars, or even casual coffee chats. Building relationships can open doors to opportunities that aren’t even advertised.
✨Show Off Your Skills
When you get the chance to chat with potential employers, don’t hold back! Share your experiences and how you’ve tackled challenges in previous roles. This is your time to shine and show them why you’re the perfect fit.
✨Tailor Your Approach
Every company is different, so make sure you tailor your conversations to align with their values and needs. Research their projects and mention how your skills can help them achieve their goals.
✨Apply Through Our Website
Don’t forget to check out our website for job openings! Applying directly through us not only shows your interest but also gives you a better chance of being noticed by the hiring team.
We think you need these skills to ace Technical Consultant (Cyber Security)
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the specific skills and experiences that align with the Technical Consultant role. Highlight your knowledge in security domains and any relevant certifications to catch our eye!
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're the perfect fit for this role. Share your passion for cyber security and how your experience can help us enhance third-party risk management practices.
Showcase Your Communication Skills:Since you'll be working with both technical and non-technical stakeholders, it's crucial to demonstrate your ability to communicate effectively. Use clear language and examples in your application to show us you can bridge that gap.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at InfoSec People Ltd
✨Know Your Stuff
Make sure you brush up on your knowledge of security domains, especially the ones mentioned in the job description. Be ready to discuss your experience with risk assessment methodologies and compliance frameworks, as well as any relevant certifications you hold.
✨Showcase Your Communication Skills
Since this role involves liaising with both technical and non-technical stakeholders, practice explaining complex concepts in simple terms. Think of examples where you've successfully communicated security risks or strategies to senior leadership.
✨Demonstrate Relationship Building
Prepare to talk about how you've built strong relationships in previous roles. Highlight instances where you've collaborated with different teams, such as engineering or procurement, to enhance security practices and manage third-party risks.
✨Be Ready for Scenario Questions
Expect questions that ask you to assess hypothetical situations related to third-party risk management. Think through your approach to identifying risks, communicating them, and implementing mitigation strategies, using the Secure-by-Design principles as a guide.
