Cyberfort Group
Cybersecurity
See how your profile stacks up against this role.
We compared the job requirements to your profile to show where you're strong and where you fall short.
Location: Remote, occasional travel as required to meet client/business needs
Department: Private Sector Cyber Consultancy
Contract Type: Full-time
Salary: Competitive + Benefits
At Cyberfort, we’re securing the digital future. As a leading UK provider of cybersecurity solutions, we deliver cutting-edge services in Managed Detection & Response (MDR), Penetration Testing, Security Operations, and Strategic Consulting.
We’re large enough to offer exciting opportunities, yet agile enough to ensure every voice is heard. At Cyberfort, you’re not just joining a company, you’re becoming part of a mission-driven team.
As a Senior Information Security Consultant, you will lead and deliver client engagements across a broad range of security, risk, compliance and assurance programmes. You will work with organisations to assess, improve and evidence their security posture while supporting complex transformation, audit and governance initiatives.
This is a senior consulting role requiring strong stakeholder management skills, broad experience across information security frameworks, and the ability to apply pragmatic security solutions in diverse client environments. You will be framework agnostic in your approach, focusing on business outcomes and risk reduction rather than compliance for compliance’s sake.
The role combines strategic advisory services with hands-on technical and assurance delivery. You will work with clients across multiple sectors, helping them navigate evolving regulatory requirements, AI governance challenges, technical control assessments and security maturity improvement programmes.
Lead delivery of security assessments, assurance reviews and improvement programmes across frameworks including ISO 27001, NIST CSF, CAF, Cyber Essentials, DSPT, ISO 42001, CSA CCM and other industry-recognised standards
Conduct complex gap analyses aligned to client risk appetite, regulatory obligations and business objectives
Provide expert guidance on security governance, risk management and control frameworks, applying a framework agnostic approach to client challenges
Assess, design and enhance technical, administrative and physical controls across cloud, on-premise and hybrid environments
Review and optimise Microsoft 365 security controls, ensuring organisations achieve effective and proportionate security outcomes
Lead risk assessments using recognised methodologies such as ISO 27005, NIST RMF, FAIR and equivalent approaches
Deliver DSPT assessments, assurance activities and remediation programmes within healthcare and regulated environments
Support organisations in developing governance and assurance models for AI adoption, including AI risk assessments, control reviews and compliance with emerging AI standards
Develop, review and maintain security policies, standards, procedures and guidance documentation
Lead internal audits, external audit preparation, certification readiness activities and compliance assessments
Present findings, recommendations and remediation plans to senior stakeholders, technical teams and executive leadership
Facilitate workshops, tabletop exercises and stakeholder engagement sessions to support security maturity improvement
Mentor junior consultants and contribute to the development of Cyberfort's consulting capability
Proven experience operating as a Senior Information Security Consultant, Information Security Manager, Security Assurance Consultant or similar role
Strong experience across multiple information security and assurance frameworks including ISO 27001, NIST CSF, CAF, Cyber Essentials, DSPT, CSA CCM and related standards
Demonstrable ability to work in a framework agnostic manner, selecting and applying the most appropriate controls and approaches for specific client requirements
Strong understanding of security governance, risk management, assurance, compliance and audit principles
Hands-on experience assessing and implementing technical security controls across enterprise environments
Experience reviewing and enhancing Microsoft 365 security configurations and controls
Experience supporting AI governance, AI risk management and assurance activities, including exposure to standards such as NIST AI RMF and ISO 42001
Experience leading security audits, compliance reviews and control effectiveness assessments
Strong understanding of technical security domains including identity and access management, endpoint security, cloud security, data protection and security monitoring
Excellent written and verbal communication skills with the ability to influence stakeholders at all levels
Experience producing high-quality client deliverables, reports and executive presentations
Strong MS Office skills, particularly Word, Excel and PowerPoint
Experience working with GRC and compliance platforms such as OneTrust, Vanta or similar solutions
CISSP
CISM
ISO 27001 Lead Auditor
ISO 27001 Lead Implementer
CRISC
ISO 42001 Lead Implementer or Auditor
Microsoft Security certifications
Inclusive Hiring
We understand that one size doesn’t fit all. If you need adjustments during the recruitment process, we’re here to support you. Cyberfort is proud to be a Disability Confident Employer, a CyberFirst partner, and a signatory of the Armed Forces Covenant.
Purpose-Driven Work – Help protect businesses and communities from evolving cyber threats.
Growth & Development – Access mentoring, apprenticeships, graduate schemes, and continuous learning platforms.
Inclusive Culture – We champion diversity through our Women’s Network, Neurodiversity Awareness, and Inclusion Committee.
Flexible Working – Hybrid and remote options to support work-life balance.
Top-Tier Benefits – Competitive salary, private healthcare, wellbeing support, generous holiday allowance, and more.
If you’re passionate about cybersecurity and want to make a real impact, we’d love to hear from you.
Cyberfort Careers Page: https://careers.cyberfortgroup.com/
Working at Cyberfort: https://cyberfortgroup.com/about-us/careers-working-at-cyberfort/
After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.
Marcus Rivera
Chief Revenue Officer

Cyberfort Group

Cyberfort Group

Didomi

GEICO

DecisionPoint Corporation

Cyberfort Group

Cyberfort Group

Cyberfort Group