Cyber Security Consultant – SC Cleared

Cyber Security Consultant

Whitehall Resources are currently looking for a Cyber Security Consultant based in Lancashire for an initial 4-month contract.

***INSIDE IR35***
***SC CLEARANCE REQUIRED***

Job Spec:

The Cyber Security Process Alignment & Supplier Onboarding Consultant operates within the Operational Integrator (OI) function to support the onboarding of new service providers into a multi-supplier (SIAM) environment within a Defence programme. The role focuses on translating established security processes, policies, and governance into structured onboarding materials, ensuring that incoming suppliers clearly understand their obligations and are aligned from day one. Working closely with Security Assurance, Incident, and Vulnerability Management leads, the consultant ensures that supplier processes are understood, integrated, and evidenced, rather than redesigned. The outcome is a consistent, controlled onboarding approach that enables suppliers to operate effectively within the existing security operating model. This is a governance, integration, and enablement role, not a hands-on operational security or engineering function.

Main responsibilities:
Supplier Onboarding & Process Integration
Develop structured onboarding packs for new suppliers covering:
Security processes (e.g. incident management, vulnerability management, assurance)
Policies, standards, and governance expectations
Reporting and escalation requirements
Define and agree:
Supplier roles and responsibilities
Interaction models between Supplier, SI, OI and Client
Act as the central integration point for onboarding suppliers into the SIAM security model
Process Alignment (SIAM / OI Model)
Work with Security Assurance, Incident and Vulnerability leads to translate defined processes into supplier-consumable guidance
Ensure suppliers adopt and align to existing processes, with minimal change
Identify and manage gaps between:
Supplier capabilities
Client expectations
Established SI/OI processes
Compliance & Assurance Enablement
Support the assessment of supplier:
Security Management Plans
Compliance reporting and outputs
Ensure suppliers understand:
Evidence requirements
Assurance expectations
Audit and governance processes
Provide confidence that suppliers can demonstrate compliance from Day 1 of service commencement
Governance & Communication
Support onboarding for multiple Service Commencement Dates, working across:
Incoming suppliers
Incumbent suppliers (handover)
Client stakeholders
Transition teams
Ensure security expectations are:
Clearly communicated
Consistently applied
Understood at both operational and governance levels
Documentation & Knowledge Transfer
Produce clear, structured documentation including:
Process packs
Supplier guidance materials
Governance and reporting expectations
Ensure documentation is:
Consistent across all suppliers
Aligned to NIST CSF and Secure by Design principles
Suitable for reuse in BAU onboarding
Transition Support
Support phased onboarding aligned to transition timelines
Help ensure continuity between:
Existing (incumbent) service delivery
New supplier responsibilities
Contribute to establishing a repeatable onboarding model for future suppliers
Service Management & Operational Readiness Enablement
Support the onboarding of suppliers across core IT Service Management processes, ensuring alignment with client operational standards and governance
Work with service management and security leads to ensure supplier readiness in areas such as:
Incident and vulnerability management
Backup and recovery
Monitoring, alerting and operational reporting
Access control and service request processes
Ensure suppliers are able to:
Demonstrate operational readiness for Service Commencement (including ORR and service readiness assessments)
Provide appropriate evidence to support operational baselines and ongoing updates
Coordinate with transitioning and exiting providers to validate:
Service baselines
Handover completeness
Alignment to agreed operational and security expectations

Key Skills:
Experience in cyber security governance, GRC, or security process roles
Experience working in multi-supplier or SIAM environments
Strong understanding of security processes such as:
Incident Management
Vulnerability Management
Security Assurance
Ability to interpret operational outputs (e.g. SOC reporting) without direct tool ownership
Strong stakeholder engagement and coordination skills
Experience supporting audit, compliance, and assurance activities
Experience working in transition or transformation programmes

Desirable:
NIST Cyber Security Framework (CSF)
Secure by Design principles
NCSC / UK Government security guidance
Experience in defence or other high-security environments

Key Deliverables:
* Supplier onboarding packs aligned to security processes and governance
* Standardised supplier interaction model within SIAM
* Supplier-aligned process documentation and guidance
* Verified supplier readiness for Service Commencement
* Repeatable onboarding approach for future suppliers

All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.

Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.