Summary: The role of Cyber Security Consultant focuses on enhancing the security posture of organizations within Critical National Infrastructure (CNI) by implementing governance, risk, and compliance (GRC) frameworks. The consultant will work closely with stakeholders to ensure compliance with various security standards and directives, while also conducting risk assessments and providing guidance on regulatory compliance. This position offers the opportunity to contribute to national security initiatives through a fully remote contract.

Key Responsibilities:

• Develop and implement security policies, standards, and frameworks aligned with CAF, NIS/NIS2, ISO 27001, NIST CSF, and CIS.
• Conduct risk assessments and security audits to identify vulnerabilities and compliance gaps.
• Provide guidance on regulatory compliance for CNI organizations, ensuring adherence to government-mandated security requirements.
• Support incident response planning, supply chain security, and resilience strategies.
• Collaborate with stakeholders to enhance security governance and risk management processes.
• Deliver security awareness training and drive best practice adoption within CNI environments.

Key Skills:

• Proven experience in GRC, information security, or cybersecurity consulting, preferably within CNI sectors (Energy, Transport, Water, Telecoms, or Government).
• Strong knowledge of CAF, NIS/NIS2, ISO 27001, NIST CSF.
• Familiarity with risk assessment methodologies (e.g., ISO 31000, NIST 800-30) and security assurance frameworks.
• Understanding of supply chain security and operational technology (OT) security challenges.
• Excellent stakeholder engagement and communication skills.
• Relevant security certifications (e.g., CISM, CRISC, CISSP, ISO 27001 Lead Auditor) are highly desirable.

Salary (Rate): undetermined

City: London Area

Country: United Kingdom

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT