At a Glance
- Tasks: Lead technical security risk assessments and engage with senior stakeholders.
- Company: Dynamic cybersecurity firm focused on real-world risk management.
- Benefits: Flexible remote work, professional development, and exposure to high-impact projects.
- Other info: Opportunity for career growth and engagement with cutting-edge technology.
- Why this job: Shape security decisions in a high-trust environment and make a real difference.
- Qualifications: Proven experience in cyber risk, strong analytical skills, and active SC clearance.
The predicted salary is between 60000 - 80000 £ per year.
Location: Remote with occasional UK travel
Contract Type: Permanent with an emphasis on real world risk assessment, not theory. Success will come from strong judgement, hands-on experience and the ability to operate effectively in a clearance constrained, stakeholder heavy environment.
- Proven experience as a technical cyber risk practitioner, not purely advisory
- Strong technical background with hands-on delivery of system level risk assessments across infrastructure, applications and cloud environments
- Demonstrable experience identifying, assessing and treating risk within live systems, not just framework alignment
- Experience operating in secure and regulated environments, ideally government or defence
- Proven ability to engage senior stakeholders and influence decisions
- Ability to translate technical findings into clear, actionable risk outcomes
- Confident leading risk workshops, threat modelling and control assessments
- Experience working within Agile delivery environments
- Strong analytical capability and sound judgement
Any candidates must have an active SC level of security clearance to be considered.
Technical Knowledge- Security frameworks including ISO 27001, NIST CSF, CIS and NCSC guidance
- Regulatory landscape including GDPR and PCI DSS
- Familiarity with HMG and NCSC standards
- Modern technology environments: Cloud platforms such as Azure, AWS and Google Cloud
- Microsoft 365
- Infrastructure and network security
- Zero Trust principles
- Understanding of security architecture concepts
- Relevant industry certifications such as CISSP, CISM, CRISC or equivalent.
- Candidates should either hold, or be working towards Full Membership of CIISEC and professional registration with the UK Cyber Security Council at Chartered or Principal level in Cyber Security Governance and Risk Management.
What’s in it for You
- Exposure to complex, high impact work in high trust environments
- Direct engagement with senior client stakeholders
- Opportunity to shape risk led security decisions
- Ongoing professional development
- Flexible working / Remote first
Interested? Submit your application to learn more about this exciting opportunity.
Contact Details:
Sanderson Government & Defence Recruitment Team
We think you need these skills to ace Senior / Lead Technical Security Risk Consultant
Risk Assessment
Cyber Risk Management
Stakeholder Engagement
Technical Cyber Security Knowledge
System Level Risk Assessments
Cloud Security (Azure, AWS, Google Cloud)
Security Frameworks (ISO 27001, NIST CSF, CIS, NCSC)