Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead Cyber Essentials assessments and support diverse security projects.
- Company: Join a dynamic GRC team focused on cyber resilience.
- Benefits: Competitive salary, professional development, and collaborative culture.
- Why this job: Make a real impact on client security and compliance outcomes.
- Qualifications: 2+ years in Cyber Essentials Plus and strong security framework knowledge.
- Other info: Mentorship opportunities and career growth in a hands-on consultancy role.
The predicted salary is between 36000 - 60000 £ per year.
Are you an experienced Cyber Essentials Plus Assessor looking to take on diverse, challenging projects across multiple security frameworks? Join our growing GRC team and lead high-impact engagements that help organisations strengthen their cyber resilience and compliance posture.
The Role
As a GRC Consultant specialising in Cyber Essentials Plus, you’ll plan and deliver a broad portfolio of client engagements. You’ll take ownership of both Cyber Essentials and Cyber Essentials Plus assessments end-to-end, while also supporting wider security, governance, and compliance initiatives. You will also mentor the CE assessment team and grow the capability internally to deliver these assessments at scale. This is a hands-on consultancy role working directly with clients. You will be leading assessments, producing high-quality deliverables, and shaping their security maturity journey.
What You’ll Do
- Cyber Essentials & CE Plus Delivery
- Lead end-to-end Cyber Essentials and Cyber Essentials Plus engagements
- Run complex scoping workshops, readiness assessments, evidence reviews, and vulnerability management activities
- Advise on segmentation, scope reduction, and remediation strategies
- Support security maturity & gap assessments across frameworks including: PCI DSS, ISO 27001, NIST CSF, CIS Controls, SCF, NCSC CAF, TISAX, SWIFT CSP, DORA, GDPR
- Contribute to vCISO engagements, including governance, policy development, and exec-level reporting
- Perform reviews of technical controls, secure development practices, DevOps pipelines, and cloud architectures (AWS/Azure)
- Provide expert input during pre-sales discussions
- Support the creation of high-quality, bespoke Statements of Work
- Engage with clients to clarify scope, requirements, and expectations
- Conduct security assessments across multiple service lines
- Lead multi-phase and enterprise-scale projects
- Produce tailored, high-quality reports with actionable, prioritised recommendations
- Deliver findings to both technical and non-technical audiences
- Share knowledge and mentor peers
- Support updates to methodologies, documentation, sample reports, and templates
What You’ll Bring
- Experience
- Minimum 2+ years delivering Cyber Essentials Plus engagements
- Strong understanding of security frameworks such as: ISO 27001, NIST CSF, CIS Controls, PCI DSS
- Required: IASME Lead Assessor for Cyber Essentials & Cyber Essentials Plus
- Desirable: One or more of: PCI QSA, CISA, CISM, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer
- Experience across a range of technologies including: firewalls, IDS/IPS, anti-malware, SIEM/logging, patch/change management, and cloud/on-prem environments (AWS, Azure).
Why Join Us?
- Work on diverse, meaningful security and compliance engagements
- Collaborate with a highly skilled GRC team
- Opportunity to broaden your expertise across multiple frameworks
- A role where your expertise directly shapes client security outcomes
If you're ready to take the next step in your GRC career and work across varied, impactful engagements, we’d love to hear from you.
GRC Consultant - Cyber Essentials Plus Assessor in England employer: Pen Test Partners
Contact Detail:
Pen Test Partners Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Consultant - Cyber Essentials Plus Assessor in England
✨Tip Number 1
Network like a pro! Get out there and connect with industry professionals on LinkedIn or at local events. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Prepare for interviews by researching the company and its projects. Tailor your responses to show how your experience as a Cyber Essentials Plus Assessor aligns with their needs. We want to see that you’re not just a fit, but the perfect fit!
✨Tip Number 3
Showcase your expertise! Bring examples of your past work to interviews, especially those that highlight your skills in leading Cyber Essentials assessments. This will help us see your hands-on experience and how you can contribute to our team.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our GRC team and making an impact.
We think you need these skills to ace GRC Consultant - Cyber Essentials Plus Assessor in England
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the specific skills and experiences that match the GRC Consultant role. Highlight your experience with Cyber Essentials Plus and any relevant security frameworks to show us you’re the right fit.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you’re passionate about cyber resilience and compliance. Share specific examples of past projects where you’ve made an impact, and let your personality shine through!
Showcase Your Technical Skills: Don’t forget to mention your technical competencies! We want to see your experience with firewalls, IDS/IPS, and cloud environments like AWS or Azure. This will help us understand how you can contribute to our team.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process!
How to prepare for a job interview at Pen Test Partners
✨Know Your Cyber Essentials Inside Out
Make sure you’re well-versed in the Cyber Essentials and Cyber Essentials Plus frameworks. Brush up on the latest requirements and be ready to discuss how you've applied these in past roles. This will show your expertise and confidence during the interview.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to solve real-world problems or scenarios related to security assessments. Think of examples from your experience where you led assessments or managed vulnerabilities, and be ready to explain your thought process and outcomes.
✨Showcase Your Mentoring Skills
Since mentoring is part of the role, prepare to discuss how you've supported or trained others in your previous positions. Share specific instances where you helped a colleague improve their skills or understanding of security frameworks.
✨Engage with the Interviewers
Don’t just answer questions; engage with your interviewers. Ask insightful questions about their current projects or challenges they face in the GRC space. This shows your genuine interest in the role and helps you assess if the company is the right fit for you.