At a Glance
- Tasks: Deliver risk and security assurance services in MOD and Public Sector environments.
- Company: Dynamic cybersecurity firm with a focus on innovation and collaboration.
- Benefits: Competitive salary, hybrid working, and continuous career development opportunities.
- Other info: Inclusive culture that values diversity and supports your career growth.
- Why this job: Join a team of experts and make a real impact in cybersecurity.
- Qualifications: Experience in cybersecurity and relevant frameworks; DV clearance required.
The predicted salary is between 60000 - 80000 £ per year.
Location: Cambridgeshire / London, Hybrid - c. 3 days minimum on-site presence required
Contract Type: Permanent Full-time
Salary: Competitive
Benefits
About the Role
As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You will collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You will be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning.
Key Responsibilities
- Deliver Secure by Design risk and security assurance functions within MOD/Public Sector.
- Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management.
- Facilitate security and risk workshops with Authority departments.
- Produce clear reporting on vulnerabilities, risks, controls, and treatment activities.
- Provide pragmatic remediation and risk management guidance.
- Support secure design across technology platforms including cloud infrastructures.
- Contribute to blogs and research within the business community.
Experience Required
The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Active DV clearance required.
Strong working knowledge of:
- Security Assurance Coordinator or Delivery Team Security Lead roles
- JSP440, JSP604/453 JSP490
- Working with system secure design
- MOD/GDS Secure by Design Principles
- Supplier Chain Assurance and Risks.
- Security related legislation (e.g. GDPR, PCI DSS, ICO requirements).
- Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8.
- HMG, NPSA and NCSC security policies, standards and guidance.
Have experience building and implementing secure by design principles within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis.
Working understanding of:
- Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application Firewalls
- Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS/IPS, DMZs
- AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans.
- HLD and LLD reviews and analysis.
- Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS/Azure) and endpoint security.
- Proficient in Public Key Infrastructure, Data at Rest/in Transit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls.
Thrives on tackling challenges with creative solutions, challenging the normal.
What's in it for You
- Hybrid Working: c. 3 days onsite per week.
- Career Development: Continuous learning and professional growth.
Interested? Submit your application to learn more about this exciting opportunity.
Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.
Cyber GRC Consultant (DV Cleared) in Peterborough employer: Sanderson Government and Defence
As a Cyber GRC Consultant with us, you'll join a dynamic and inclusive team in Cambridgeshire/London, where hybrid working fosters a balanced work-life environment. We prioritise your professional growth through continuous learning opportunities and a culture of knowledge sharing, ensuring you thrive while contributing to impactful security solutions within the MOD and Public Sector. Our commitment to diversity and respect creates a supportive workplace where every voice is valued, making us an exceptional employer for those seeking meaningful and rewarding careers.
Contact Details:
Sanderson Government and Defence Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Cyber GRC Consultant (DV Cleared) in Peterborough
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cyber security field. Attend meetups, webinars, or even local events. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or a personal website where you can showcase your projects, blogs, or any relevant work. This is a great way to demonstrate your expertise in Cyber GRC and make a lasting impression.
✨Tip Number 3
Prepare for interviews by practising common questions and scenarios related to Cyber Security GRC. Think about how you would handle specific challenges and be ready to share your thought process. Confidence is key!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Cyber GRC Consultant (DV Cleared) in Peterborough
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cyber GRC Consultant role. Highlight your experience in cybersecurity, risk management frameworks, and any relevant qualifications like CIISEC membership. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how your background makes you a great fit for our team. Don’t forget to mention your DV clearance and any specific experiences that relate to the job description.
Showcase Your Knowledge:In your application, demonstrate your understanding of security frameworks like ISO 27001 and NIST CSF. We love candidates who can speak the language of security and show they’re up-to-date with current trends and legislation in the field.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates. Plus, we love seeing applications come in through our own platform!
How to prepare for a job interview at Sanderson Government and Defence
✨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of security frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in MOD or Public Sector environments. This shows you're not just familiar with the theory but can also implement it practically.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to solve hypothetical security challenges. Think about how you would lead a risk management workshop or advise on secure design principles. Practising these scenarios will help you articulate your thought process clearly during the interview.
✨Showcase Your Collaboration Skills
Since this role involves working with multi-disciplinary teams, be prepared to share examples of how you've successfully collaborated in the past. Highlight any experience you have in facilitating workshops or working alongside experts in security architecture.
✨Stay Updated on Current Trends
Cybersecurity is always evolving, so make sure you're aware of the latest trends and threats. Being able to discuss recent developments in cloud security or threat modelling will demonstrate your passion for the field and your commitment to continuous learning.
