Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead risk management and security assurance in MOD and Public Sector environments.
- Company: Join a diverse team at a leading Cyber Security firm.
- Benefits: Enjoy hybrid working, continuous learning, and career development opportunities.
- Why this job: Make a real impact in cyber security while collaborating with expert peers.
- Qualifications: Proven experience in cybersecurity and active DV clearance required.
- Other info: Embrace a culture of knowledge-sharing and creative problem-solving.
The predicted salary is between 36000 - 60000 Β£ per year.
Location: Hybrid / East of England - on-site presence required
Contract Type: Permanent & Full-time
Salary: About the Role
As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You will collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You will be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning.
Key Responsibilities
- Deliver Secure by Design risk and security assurance functions within MOD / Public Sector.
- Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management.
- Facilitate security and risk workshops with Authority departments.
- Produce clear reporting on vulnerabilities, risks, controls, and treatment activities.
- Provide pragmatic remediation and risk management guidance.
- Support secure design across technology platforms including cloud infrastructures.
- Contribute to blogs and research within the business community.
Experience Required
The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Active DV clearance required.
Strong working knowledge of:
- Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490
- Working with system secure design MOD / GDS Secure by Design Principles
- Supplier Chain Assurance and Risks.
- Security related legislation (e.g. GDPR, PCI DSS, ICO requirements).
- Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8.
- HMG, NPSA and NCSC security policies, standards and guidance.
- Have experience building and implementing secure by design principles within the software development lifecycle (SDLC).
- Threat Modelling - Kill Chain - Attack tree analysis.
Working understanding of:
- Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application Firewalls
- Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS / IPS, DMZs
- AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans.
- HLD and LLD reviews and analysis.
- Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS / Azure) and endpoint security.
- Proficient in Public Key Infrastructure, Data at Rest / in Transit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls.
Thrives on tackling challenges with creative solutions, challenging the normal.
Whatβs in it for You
- Hybrid Working β 2-3 days onsite per week / 2 days remote working.
- Career Development β Continuous learning and professional growth.
Interested? Submit your application to learn more about this exciting opportunity.
Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason please let us know when you apply or talk to the recruiters directly so we can support you.
Cyber Security - GRC Consultant (DV Cleared) in Bath employer: Sanderson Government and Defence
Contact Detail:
Sanderson Government and Defence Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Cyber Security - GRC Consultant (DV Cleared) in Bath
β¨Tip Number 1
Network like a pro! Attend industry events, webinars, and meetups to connect with fellow cyber security enthusiasts. You never know who might have the inside scoop on job openings or can introduce you to key players in the field.
β¨Tip Number 2
Show off your expertise! Create a LinkedIn profile that highlights your skills in risk management frameworks and security assurance. Share articles or insights related to cyber security to position yourself as a thought leader in the community.
β¨Tip Number 3
Prepare for interviews by brushing up on your knowledge of JSP440 and cloud security. Practice common interview questions and scenarios related to secure design principles, so you can confidently demonstrate your expertise when it counts.
β¨Tip Number 4
Donβt forget to apply through our website! Itβs the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search and genuinely interested in joining our team.
We think you need these skills to ace Cyber Security - GRC Consultant (DV Cleared) in Bath
Some tips for your application π«‘
Tailor Your CV: Make sure your CV is tailored to the Cyber Security GRC Consultant role. Highlight your experience with risk management frameworks and security assurance, as these are key for us. Use specific examples that showcase your skills in a way that aligns with what weβre looking for.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why youβre passionate about cyber security and how your background fits with our mission. Donβt forget to mention your DV clearance and any relevant certifications β we want to see what makes you stand out!
Showcase Your Knowledge: In your application, demonstrate your understanding of security frameworks like ISO 27001 and NIST CSF. We love candidates who can speak the language of cyber security, so donβt hold back on sharing your insights and experiences related to secure design principles.
Apply Through Our Website: We encourage you to apply through our website for a smoother process. Itβs the best way for us to receive your application and ensures you donβt miss out on any important updates. Plus, it shows youβre keen to join our team!
How to prepare for a job interview at Sanderson Government and Defence
β¨Know Your Stuff
Make sure you brush up on your knowledge of security frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in MOD or Public Sector environments.
β¨Showcase Your Experience
Prepare specific examples of your experience with risk management frameworks and secure design principles. Think about times you've led workshops or produced reports on vulnerabilities and risks, as these will be key talking points.
β¨Understand the Role
Familiarise yourself with the responsibilities of a Cyber Security GRC Consultant. Be prepared to explain how you would deliver Secure by Design services and support secure design across technology platforms, including cloud infrastructures.
β¨Ask Insightful Questions
Prepare thoughtful questions about the company's approach to security assurance and risk management. This shows your genuine interest in the role and helps you gauge if the company aligns with your career goals.
