Cyber Security Consultant

About the role

At [Employer hidden], we believe our clients should not be constrained by what has gone before. We want to help them to find novel and forward-thinking ways of meeting their cyber security needs in the face of a continuously evolving and growing cyber threat. To do this, we work hard to understand our clients and the challenges they face to create tailored solutions and avoid generic, off-the-shelf products and services.

This means that [Employer hidden]’s technical team must be able to consult, not just test. The successful candidate must therefore have strong stakeholder management skills and proven adaptability, able to flex existing approaches as well as design and deliver custom solutions aligned to a client’s unique circumstances.

At [Employer hidden], you don’t have to choose between having elite technical skills and being an effective consultant, our consultants are expected to excel in both areas. The candidate must possess advanced knowledge of technical principles and a proven ability to problem solve – avoiding reliance on standard, conventional approaches to penetration testing. Also essential is experience of securing and defending a range of operating systems and technologies including cloud, mobile, IoT, and OT, in addition to performing more advanced tasks such as adversarial simulation and exploit development.

Joining [Employer hidden] is a fantastic opportunity to grow your professional skills and reputation by taking on some of the high-profile projects we have planned. These are going to be large-scale undertakings where you will lead some of our key clients through a process of security improvement, with a mixture of formal projects and deliverables as well as providing them with continuous support. These projects will present a challenge both technically and operationally but are a great opportunity for you to hone and showcase your consulting skills.

So – we are calling out to consultants who can demonstrate going above and beyond the expectations of the average penetration tester (maybe by taking responsibility for growing a new service area, or contributing some impressive research?). If you think this description fits you and you’re ready to step up (but haven’t been given the opportunity to do so in your current employment) we’d love to hear from you. Joining [Employer hidden] is an opportunity to establish yourself as a thought leader, championing new and improved ways of working to grow both your own and [Employer hidden]'s reputation within the cyber security industry and beyond.

[Employer hidden] has a number of vacancies for accomplished cyber security consultants with a deep understanding of offensive security services and operations.

Key Requirements:

• Excellent interpersonal skills and a consultative approach.
• Demonstrable technical credentials for a wide range of security assessments.
• Ability to provide specific technical remediation in addition to properly articulating risk and business impact for non-technical individuals.
• A deep understanding of security best practices, standards, and frameworks.
• A flexible and forward-thinking mindset with regards to security assurance.
• An acumen for building out offensive capabilities within the team and design, build and lead offensive consultancy.
• Conduct scoping exercises, determining the scope, objectives, and methodologies for security assessments.
• Lead quality assurance efforts, ensuring that reports meet high standards of accuracy and completeness.
• Perform security assessments, penetration testing, and red team exercises independently or in a team.
• Develop and execute complex attack scenarios and exploit methodologies.
• Lead and coordinate security assessments, ensuring quality and timely delivery.
• Mentor junior consultants, providing guidance and support in offensive security techniques.
• Collaborate with clients to understand their security needs and recommend tailored solutions.
• Contribute to the development and improvement of offensive security methodologies and tools.

You will have:

• Led project teams on consultative projects, with experience of delivering a range of solutions
• Experience in designing projects with clients to meet a range of business requirements (not limited to transactional or compliance-driven testing).
• Proven ability to work closely with clients and deliver complex consultative projects both individually and working in a team environment.
• Experience assessing whether cyber security tools and processes have been configured and deployed effectively.
• Proven technical credentials and the ability to deliver technical assessments that include but are not limited to: applications, infrastructure, cloud, mobile, IoT, OT, source code review.
• Hold, have held or are working towards formal CREST / Cyber Scheme certifications penetration testing such as CTM/CRT/CSTM (Or equivalent).

Skills:

• An understanding of security and operational risks, threat and vulnerabilities and the ability to provide remedial advice for a range of audiences with various levels of security and technical knowledge.
• Supporting the wider business in responding to client requests for information and proposals,  and the development of consultancy services – Including scoping and design of complex projects across various technologies and sectors.
• Lead initiatives that contribute to internal tooling and open source tooling, research, articles and blog posts that build and demonstrate [Employer hidden]’s credibility as a security partner and advisor.

Benefits:

• A competitive salary £40-50k depending upon experience
• 25 days annual leave, including your birthday off work
• 4 paid days for charity or community work
• Flexible  hybrid working
• 24/7 access to our Employee Assistance Plan (EAP)
• A healthy work-life balance
• Earn up to £2000 in our recruitment referral scheme
• Company pension
• Supportive and inclusive company culture that values diversity and encourages new ideas and perspectives

Personal acumen:

• Must be confident and have the ability to hit the ground running.
• Consistent high standards of written and verbal communication and presentation skills (suitable for a board-level audience).
• Demonstrate a passion for and pride in what they do.

Clearance:

The successful applicant should be eligible for or possess current SC status.

How to apply

If you are interested in applying for this role, please provide a short cover letter outlining your experience and why you would be a good fit for [Employer hidden] to [contact hidden]. Please quote reference JSCSC2025 in the subject line.

For more information on who we are what we do, please visit www.[Employer hidden].com.

Whilst we do our utmost to reply to each candidate, we are sometimes inundated with applications, and this can lead to slight delays in replies. If you do not hear back from us within 20 working days, please consider yourself unsuccessful and we thank you for your time and effort in applying for this role.