Cyber Security Consultant – SC Cleared
Posted 1 day ago by Whitehall Resources
Negotiable
Inside
Undetermined
Lancashire
Summary: The Cyber Security Consultant role is a contract position based in Lancashire, focusing on governance and coordination within a Defence environment. The consultant will manage high-severity security incidents and vulnerability processes across multiple suppliers, ensuring alignment with client policies and regulatory requirements. This position requires SC clearance and operates inside IR35 regulations. The role is not hands-on but emphasizes process standardization and evidence-driven risk management.
Key Responsibilities:
- Governance & Process Alignment: Review and align existing supplier processes for high-severity incident management and vulnerability management.
- Establish and govern incident severity classification and escalation thresholds.
- Coordinate multiple suppliers to ensure consistent handling of incidents and vulnerabilities.
- Govern the lifecycle of high-severity incidents, including escalation, coordination, communication, and reporting.
- Oversee the vulnerability lifecycle from identification through to closure.
- Define and align evidence requirements for incident and vulnerability management.
- Support domain-specific reporting for major incidents and vulnerability risk.
Key Skills:
- Experience in security incident management, vulnerability management, or cyber governance roles.
- Strong understanding of incident management and vulnerability lifecycles.
- Experience working in multi-supplier or SIAM environments.
- Ability to interpret outputs from SOC and vulnerability tooling.
Salary (Rate): undetermined
City: Lancashire
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Cyber Security Consultant
Whitehall Resources are currently looking for a Cyber Security Consultant based in Lancashire for an initial 4-month contract.
***INSIDE IR35***
***SC CLEARANCE REQUIRED***
Job Spec:
The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment.
The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence. The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover. This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.
Main responsibilities:
Governance & Process Alignment
Review and align existing supplier processes for:
High-severity incident management (S3/S4)
Vulnerability management, across suppliers from existing processes
Ensure processes are:
Consistent across suppliers
Aligned to client policy and regulatory requirements
Establish and govern:
Incident severity classification and escalation thresholds
Vulnerability prioritisation approaches (e.g. CVSS, KEV, EPSS)
Exception and risk acceptance processes
Supplier Coordination (SIAM Model)
Coordinate multiple suppliers to ensure consistent handling of incidents and vulnerabilities
Act as the integration point across suppliers, aligning outputs without redesigning underlying processes into a common model
Identify and manage gaps in process maturity, coverage, data quality and Compliance with standards
Incident Management (S3/S4 Focus)
Govern the lifecycle of high-severity incidents, including escalation, coordination, communication and reporting
Ensure suppliers:
Detect and escalate incidents appropriately
Meet defined escalation and communication expectations
Maintain structured incident records
Define and agree the required level of visibility from SOC outputs, without requiring direct tooling access
Vulnerability Management (SOC-led)
Oversee the vulnerability lifecycle from identification through to closure
Ensure vulnerabilities are:
Prioritised consistently using agreed Client approaches
Tracked through remediation or formal risk acceptance
Validate, track and monitor:
Remediation timelines and SLA adherence
Handling of high risk vulnerabilities, exceptions and waivers
Identify risks relating to:
Incomplete asset coverage
Obsolescent, legacy or non-patchable systems
Evidence & Assurance
Define and align evidence requirements for both:
Incident management (event, escalation, response, closure)
Vulnerability management (identify, track, remediate, validate)
Ensure outputs are:
Consistent across suppliers
Traceable to risks and controls
Audit ready
Provide assurance that both domains align with ISMS and control requirements
Reporting & Transition Support
Support domain-specific reporting for:
Major incidents (S3/S4)
Vulnerability risk and remediation status
Support governance forums with clear, evidence-based reporting
Establish a transition baseline that enables a clean handover of processes to BAU without redesign
Key Skills:
Experience in security incident management, vulnerability management, or cyber governance roles
Strong understanding of:
Incident management lifecycle (detect, respond, recover)
Vulnerability lifecycle (identify, prioritise, remediate, validate)
Experience working in multi-supplier or SIAM environments
Ability to interpret outputs from SOC and vulnerability tooling without direct ownership
Desirable:
Familiarity with NIST CSF, NCSC or UK Government security guidance
Experience in Defence sector or highly regulated environments
Exposure to audit, assurance or ISMS processes
ITIL alignment
Key Deliverables:
Standardised and aligned incident and vulnerability management processes
Consistent supplier reporting and lifecycle governance
Evidence models supporting audit and assurance
Established transition baseline for BAU handover
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.
Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.