Cyber Security Consultant

Cyber Security Consultant

Posted Today by CBSbutler

Apply
£580 Per day
Inside
Hybrid
London
Apply
Cyber Incident Response Cyber Security External Auditing Information Security Management Systems Information Technology Infrastructure Library Management Management Consulting Management Process Prioritisation Security Clearance SIPOC Process Vulnerability Vulnerability Management

Summary: The Cyber Security Consultant role focuses on incident and vulnerability management within a Defence environment, specifically supporting the transition to a multi-supplier model. The consultant will align and govern existing processes for high-severity security incidents and vulnerabilities, ensuring compliance with client policies and regulatory requirements. This position requires active security clearance and is limited to British nationals due to the project's nature. The role is primarily governance and coordination, rather than hands-on incident response or remediation.

Key Responsibilities:

  • Align and standardise supplier processes for high-severity incidents (S3/S4) and vulnerability management.
  • Establish governance for incident severity, escalation, vulnerability prioritisation (CVSS, KEV, EPSS), and risk acceptance.
  • Coordinate multiple suppliers to ensure consistent delivery and compliance.
  • Govern major incident lifecycle activities, including escalation, communication, reporting, and assurance.
  • Oversee vulnerability management from identification through remediation and closure.
  • Define audit-ready evidence requirements and ensure alignment with ISMS and control frameworks.
  • Deliver governance reporting and support transition to BAU operations.

Key Skills:

  • Experience in Cyber Security Governance, Incident Management, or Vulnerability Management.
  • Strong understanding of incident response and vulnerability management lifecycles.
  • Experience working within multi-supplier or SIAM environments.
  • Ability to interpret and govern SOC and vulnerability management outputs.
  • Knowledge of NIST CSF, NCSC guidance, or UK Government security frameworks.
  • Experience within Defence or other highly regulated environments.
  • Exposure to ISMS, audit, assurance, and ITIL practices.

Salary (Rate): £580 per day

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Cyber Security Consultant - Incident and Vulnerability Management

+6 months +

+1 day a week on site in London / Preston / Birmingham - 4 days WFH

+Inside IR35

+£550 - £580 a day

+SC cleared role - must have current active clearance

+Sole British nationals only due to nature of the project


Role Description:

Security Incident & Vulnerability Management Consultant
(Operational Integrator / SIAM - Transition Role)

UK Sole National ONLY
Security Clearance required

Role Summary
The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment.
The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence.
The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover.
This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.


Key Responsibilities

  • Align and standardise supplier processes for high-severity incidents (S3/S4) and vulnerability management.
  • Establish governance for incident severity, escalation, vulnerability prioritisation (CVSS, KEV, EPSS), and risk acceptance.
  • Coordinate multiple suppliers to ensure consistent delivery and compliance.
  • Govern major incident lifecycle activities, including escalation, communication, reporting, and assurance.
  • Oversee vulnerability management from identification through remediation and closure.
  • Define audit-ready evidence requirements and ensure alignment with ISMS and control frameworks.
  • Deliver governance reporting and support transition to BAU operations.

Essential Skills & Experience

  • Experience in Cyber Security Governance, Incident Management, or Vulnerability Management.
  • Strong understanding of incident response and vulnerability management lifecycles.
  • Experience working within multi-supplier or SIAM environments.
  • Ability to interpret and govern SOC and vulnerability management outputs.
  • Knowledge of NIST CSF, NCSC guidance, or UK Government security frameorks.
  • Experience within Defence or other highly regulated environments.
  • Exposure to ISMS, audit, assurance, and ITIL practices.

Apply
Similar Jobs
Loading data...