Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Deliver risk and security assurance services in MOD and Public Sector environments.
- Company: Dynamic cybersecurity firm focused on innovation and collaboration.
- Benefits: Competitive salary, hybrid working, and continuous career development opportunities.
- Other info: Inclusive culture that values diversity and supports your growth.
- Why this job: Join a team of experts and make a real impact in cybersecurity.
- Qualifications: Experience in cybersecurity and active DV clearance required.
The predicted salary is between 60000 - 80000 £ per year.
Location: Cambridgeshire / London, Hybrid - c. 3 days minimum on-site presence required
Contract Type: Permanent & Full-time
Salary: Competitive + Benefits
About the Role
As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You'll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning.
Key Responsibilities
- Deliver Secure by Design risk and security assurance functions within MOD/Public Sector.
- Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management.
- Facilitate security and risk workshops with Authority departments.
- Produce clear reporting on vulnerabilities, risks, controls, and treatment activities.
- Provide pragmatic remediation and risk management guidance.
- Support secure design across technology platforms including cloud infrastructures.
- Contribute to blogs and research within the business community.
Experience Required
The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Active DV clearance required.
Strong working knowledge of:
- Security Assurance Coordinator or Delivery Team Security Lead roles
- JSP440, JSP604/453 & JSP490
- Working with system secure design
- MOD/GDS Secure by Design Principles
- Supplier Chain Assurance and Risks.
- Security related legislation (e.g. GDPR, PCI DSS, ICO requirements).
- Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8.
- HMG, NPSA and NCSC security policies, standards and guidance.
Have experience building and implementing secure by design principles within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis.
Working understanding of:
- Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application Firewalls
- Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS/IPS, DMZs
- AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans.
- HLD and LLD reviews and analysis.
Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS/Azure) and endpoint security.
Proficient in Public Key Infrastructure, Data at Rest/in Transit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls.
Thrives on tackling challenges with creative solutions, challenging the normal.
What's in it for You
- Hybrid Working: c. 3 days onsite per week.
- Career Development: Continuous learning and professional growth.
Interested? Submit your application to learn more about this exciting opportunity.
Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.
Cyber GRC Consultant (DV Cleared) in Birmingham employer: Sanderson Government and Defence
Contact Detail:
Sanderson Government and Defence Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber GRC Consultant (DV Cleared) in Birmingham
✨Network Like a Pro
Get out there and connect with folks in the industry! Attend meetups, webinars, or even local events. The more people you know, the better your chances of landing that Cyber GRC Consultant gig.
✨Show Off Your Skills
Don’t just talk about your experience; demonstrate it! Create a portfolio or blog about your projects and insights in cybersecurity. This will not only showcase your expertise but also make you stand out to potential employers.
✨Ace the Interview
Prepare for those interviews by practising common questions and scenarios related to Cyber Security GRC. Be ready to discuss your approach to risk management and how you’ve tackled challenges in the past. Confidence is key!
✨Apply Through Our Website
Make sure to apply through our website for the best chance at landing the role. We love seeing applications directly from candidates who are genuinely interested in joining our team!
We think you need these skills to ace Cyber GRC Consultant (DV Cleared) in Birmingham
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in cybersecurity and risk management. We want to see how your skills align with the role of Cyber GRC Consultant, so don’t hold back on showcasing your relevant achievements!
Showcase Your Knowledge: In your written application, demonstrate your understanding of security frameworks like ISO 27001 and NIST CSF. We love seeing candidates who can articulate their knowledge of secure design principles and how they apply to real-world scenarios.
Be Clear and Concise: When writing your application, keep it straightforward and to the point. Use bullet points for key achievements and responsibilities to make it easy for us to read. Remember, clarity is key in communicating your expertise!
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for this exciting opportunity. Plus, it’s super easy to do!
How to prepare for a job interview at Sanderson Government and Defence
✨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of security frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in MOD or Public Sector environments. This shows you're not just familiar with the theory but can also implement it practically.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to solve hypothetical security challenges. Think about how you would lead a risk management workshop or advise on secure design principles. Practising these scenarios will help you articulate your thought process clearly during the interview.
✨Showcase Your Collaborative Spirit
Since the role involves working with multi-disciplinary teams, be prepared to share examples of how you've successfully collaborated in the past. Highlight any experience you have in facilitating workshops or knowledge-sharing sessions, as this aligns with the company’s culture.
✨Stay Updated on Current Trends
Cybersecurity is always evolving, so make sure you're aware of the latest trends and threats. Being able to discuss recent developments in cloud security or threat modelling will demonstrate your passion for the field and your commitment to continuous learning.