Sanderson
Bristol, Somerset
Cyber Security Consultant - Risk Consultant (MOD / Defence - SC) Location: Remote / Southwest on-site presence Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You'll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD/Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks, controls, and treatment activities. Provide pragmatic remediation and risk management guidance. Support secure design across technology platforms including cloud infrastructures. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Hold an active and transferable SC clearance Willingness to undergo DV clearance / UK Citizen / residing in UK Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application Firewalls Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS/IPS, DMZs AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans. HLD and LLD reviews and analysis. Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS/Azure) and endpoint security. Proficient in Public Key Infrastructure, Data at Rest/inTransit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls. What's in it for You You'll be joining a culture of knowledge sharing and continuous learning with expert peers in Secure Architecture and Risk planning. This business works across a number of sectors with a diverse client base. They aim to create an environment where everyone can reach their full potential. They work together, are passionate, creative, and embrace difference. Flexible Working: Remote-first with expected travel to site 2-3 days per week. Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy/Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
Cyber Security Consultant - Risk Consultant (MOD / Defence - SC) Location: Remote / Southwest on-site presence Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You'll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD/Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks, controls, and treatment activities. Provide pragmatic remediation and risk management guidance. Support secure design across technology platforms including cloud infrastructures. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Hold an active and transferable SC clearance Willingness to undergo DV clearance / UK Citizen / residing in UK Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application Firewalls Physical Network Infrastructure, Anti-Patterns, Network Firewalls, IDS/IPS, DMZs AI use cases, secure configuration (ISO42001 knowledge preferable), ITHC scoping and remediation action plans. HLD and LLD reviews and analysis. Working knowledge and experience of tooling relating to cloud security posture management offerings, cloud native security (AWS/Azure) and endpoint security. Proficient in Public Key Infrastructure, Data at Rest/inTransit, Cryptography, Privileged User Access Management, Zero Trust, Cross Domain Solutions and Role-based Access Controls. What's in it for You You'll be joining a culture of knowledge sharing and continuous learning with expert peers in Secure Architecture and Risk planning. This business works across a number of sectors with a diverse client base. They aim to create an environment where everyone can reach their full potential. They work together, are passionate, creative, and embrace difference. Flexible Working: Remote-first with expected travel to site 2-3 days per week. Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy/Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
