Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead Cyber Essentials assessments and support diverse security projects.
- Company: Join a dynamic GRC team focused on cyber resilience.
- Benefits: Competitive salary, professional development, and impactful work.
- Why this job: Shape client security outcomes and broaden your expertise.
- Qualifications: Experience with security frameworks and Cyber Essentials assessments.
- Other info: Mentorship opportunities and a collaborative environment.
The predicted salary is between 36000 - 60000 £ per year.
Are you an experienced Cyber Essentials Plus Assessor looking to take on diverse, challenging projects across multiple security frameworks? Join our growing GRC team and lead high-impact engagements that help organisations strengthen their cyber resilience and compliance posture.
The Role
As a GRC Consultant specialising in Cyber Essentials Plus, you’ll plan and deliver a broad portfolio of client engagements. You’ll take ownership of both Cyber Essentials and Cyber Essentials Plus assessments end-to-end, while also supporting wider security, governance, and compliance initiatives. You will also mentor the CE assessment team and grow the capability internally to deliver these assessments at scale. This is a hands-on consultancy role working directly with clients. You will be leading assessments, producing high-quality deliverables, and shaping their security maturity journey.
What You’ll Do
- Lead end-to-end Cyber Essentials and Cyber Essentials Plus engagements
- Run complex scoping workshops, readiness assessments, evidence reviews, and vulnerability management activities
- Advise on segmentation, scope reduction, and remediation strategies
- Support security maturity & gap assessments across frameworks including: PCI DSS, ISO 27001, NIST CSF, CIS Controls, SCF, NCSC CAF, TISAX, SWIFT CSP, DORA, GDPR
- Contribute to vCISO engagements, including governance, policy development, and exec-level reporting
- Perform reviews of technical controls, secure development practices, DevOps pipelines, and cloud architectures (AWS/Azure)
- Support the creation of high-quality, bespoke Statements of Work
- Engage with clients to clarify scope, requirements, and expectations
Assessment Delivery & Reporting
- Conduct security assessments across multiple service lines
- Lead multi-phase and enterprise-scale projects
- Produce tailored, high-quality reports with actionable, prioritised recommendations
- Deliver findings to both technical and non-technical audiences
Internal Contribution
- Share knowledge and mentor peers
- Support updates to methodologies, documentation, sample reports, and templates
What You’ll Bring
Experience
- Strong understanding of security frameworks such as: ISO 27001, NIST CSF, CIS Controls, PCI DSS
Qualifications
- Required: IASME Lead Assessor for Cyber Essentials & Cyber Essentials Plus
- Desirable: One or more of: PCI QSA, CISA, CISM, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer
Technical Competence
- Experience across a range of technologies including: firewalls, IDS/IPS, anti-malware, SIEM/logging, patch/change management, and cloud/on-prem environments (AWS, Azure).
Why Join Us?
- Work on diverse, meaningful security and compliance engagements
- Collaborate with a highly skilled GRC team
- Opportunity to broaden your expertise across multiple frameworks
- A role where your expertise directly shapes client security outcomes
If you’re ready to take the next step in your GRC career and work across varied, impactful engagements, we’d love to hear from you.
GRC Consultant - Cyber Essentials Plus Assessor employer: Pen Test Partners
Contact Detail:
Pen Test Partners Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Consultant - Cyber Essentials Plus Assessor
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend events, webinars, or even local meetups. The more people you know, the better your chances of landing that GRC Consultant gig.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your past Cyber Essentials Plus assessments and any other relevant projects. This will give potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to Cyber Essentials and security frameworks. We recommend practising your responses with a friend or in front of a mirror to boost your confidence.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love hearing from passionate candidates like you who are ready to make an impact.
We think you need these skills to ace GRC Consultant - Cyber Essentials Plus Assessor
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the specific skills and experiences that match the GRC Consultant role. Highlight your experience with Cyber Essentials and any relevant security frameworks to show us you’re the right fit.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you’re passionate about cyber resilience and compliance. Share specific examples of past projects where you’ve made an impact, especially in leading assessments or mentoring teams.
Showcase Your Technical Skills: Don’t forget to mention your technical competencies! We want to see your experience with firewalls, IDS/IPS, and cloud environments like AWS or Azure. This will help us understand how you can contribute to our team.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process!
How to prepare for a job interview at Pen Test Partners
✨Know Your Frameworks
Make sure you brush up on your knowledge of security frameworks like ISO 27001, NIST CSF, and PCI DSS. Be ready to discuss how you've applied these in past roles, as this will show your depth of understanding and practical experience.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills. Think about specific challenges you've faced in Cyber Essentials assessments and how you overcame them. Use the STAR method (Situation, Task, Action, Result) to structure your answers.
✨Showcase Your Mentoring Skills
Since mentoring is a key part of the role, be prepared to talk about your experience in guiding others. Share examples of how you've helped team members grow their skills or improve their performance in previous positions.
✨Tailor Your Questions
At the end of the interview, you'll likely have the chance to ask questions. Make sure these are tailored to the company and role. Ask about their approach to security maturity reviews or how they support their consultants in staying updated with the latest compliance requirements.