Senior Security Consultant – ISO 27001 Specialist

Join a fast-growing cyber consultancy delivering across public, private, and defence sectorsLocation: Hybrid (UK-based, with occasional travel to client sites)Employment Type: Full-time, Senior levelOverviewSanderson Government & Defence are working with a scaling cyber security consultancy that’s delivering high-value security solutions to some of the UK’s most complex organisations across public, private, and defence sectors.We are looking for a Senior Security Consultant with a deep understanding of ISO 27001 implementation and delivery to join a collaborative, fast-growing team. You’ll be working on varied and challenging engagements, providing both hands-on delivery and strategic security advice to a broad portfolio of clients.With the consultancy in a period of rapid growth, this role offers significant scope for progression, flexibility in how you work, and the chance to shape the way security is delivered at scale.Key ResponsibilitiesLead ISO 27001 implementation projects, from initial gap analysis to certification readinessAdvise clients on information security management systems (ISMS) design, deployment, and continuous improvementConduct risk assessments, security audits, and compliance reviews against ISO 27001 standardsSupport clients in achieving and maintaining compliance with security frameworks and regulatory requirementsEngage with stakeholders at all levels to embed security best practice in business processesMentor junior consultants and contribute to knowledge sharing within the teamStay current with security trends, regulatory changes, and industry best practicesRequired Skills & ExperienceProven track record of ISO 27001 implementation and delivery (end-to-end)Strong consultancy background with client-facing experienceAbility to conduct risk assessments and security audits confidentlyExcellent communication skills, able to explain technical concepts to non-technical stakeholdersSolid understanding of broader information security frameworks and governance practicesWillingness to travel to client sites as required (UK-wide)DesirableISO 27001 Lead Implementer or Lead Auditor certificationExperience in public sector, defence, or highly regulated industriesKnowledge of additional standards such as NIST, Cyber Essentials Plus, or PCI DSSWhy Join This Consultancy?Flexible, hybrid working with trust and autonomy in how you deliverVariety of projects across multiple sectors – no two engagements are the sameClear progression pathways in a growing, ambitious companyCollaborative, knowledge-sharing culture where your expertise is valuedCompetitive salary and benefits, plus investment in ongoing training and certificationsApply via Sanderson to join a forward-thinking consultancy where you’ll make a real impact on client security maturity while developing your own career.All applications are handled in strict confidence.