Cyber Security Consultant

We are looking for a Security Consultant with experience in Critical National Infrastructure (CNI) to help organizations manage risk, ensure compliance, and strengthen their security posture. This role involves working closely with stakeholders to implement governance, risk, and compliance frameworks, ensuring alignment with Cyber Assessment Framework (CAF), NIS/NIS2 Directive, and other regulatory requirements.

Key Responsibilities:

• Develop and implement security policies, standards, and frameworks aligned with CAF, NIS/NIS2, ISO 27001, NIST CSF, and CIS.
• Conduct risk assessments and security audits to identify vulnerabilities and compliance gaps.
• Provide guidance on regulatory compliance for CNI organizations, ensuring adherence to government-mandated security requirements.
• Support incident response planning, supply chain security, and resilience strategies.
• Work with stakeholders to enhance security governance and risk management processes.
• Support security awareness training and best practice adoption within CNI environments.

Key Requirements:

• Experience in GRC, information security, or cybersecurity consulting, preferably within CNI sectors (Energy, Transport, Water, Telecoms, or Government).
• Strong knowledge of CAF, NIS/NIS2, ISO 27001, and NIST CSF.
• Familiarity with risk assessment methodologies (e.g., ISO 31000, NIST 800-30) and security assurance frameworks.
• Understanding of supply chain security and operational technology (OT) security challenges.
• Excellent stakeholder engagement and communication skills.
• Relevant certifications (e.g., CISM, CRISC, CISSP, ISO 27001 Lead Auditor) are highly desirable.

Mid-Senior level

Contract

Information Technology

Technology, Information and Media