CrawlJobs Logo

Cyber Security Principal Consultant

United Kingdom, London or Birmingham 55000.00 - 65000.00 GBP / Year · Job Posted March 19, 2026
Apply Position
Job Link Share

Job Description

Our client is recruiting for a Cyber Security Principal Consultant to join their consulting team, specialising in Cyber Security within Technology Risk Assurance, where you will be responsible for assisting in managing, delivering and leading cyber engagements across a diverse portfolio of clients across the breadth of the mid-market, ensuring both excellent client service and identification of further work opportunities. The role will involve managing the delivery of agreed work activities with a primary focus on technical security including offensive security services (OSCP, CompTIA PenTest+).

Job Responsibility

  • Contributing towards the development of exciting new market facing cyber security products and services and internal knowledge sharing hubs
  • Delivering cyber security engagements, from scoping through to delivery, debriefs and report writing
  • Supporting the development of other members of the team
  • Representing the client in external meetings, including attendance at client workshops, audit committees, and regional networking events
  • Building trusted relationships with senior client stakeholders and identifying client and service opportunities
  • Assisting in managing, delivering and leading cyber engagements across a diverse portfolio of clients across the breadth of the mid-market, ensuring both excellent client service and identification of further work opportunities
  • Managing the delivery of agreed work activities with a primary focus on technical security including offensive security services (OSCP, CompTIA PenTest+)

Requirements

  • Experience of working in professional services firms
  • Demonstrable experience of delivering and leading cyber security advisory and offensive security testing engagements
  • Demonstrable experience of delivering advisory engagements relevant to security operations and defensive controls
  • Understand technology trends, cyber threats, and industry issues
  • Proficient in report writing
  • Experience with security testing techniques such as threat modelling, reconnaissance, social engineering, enumeration, attack path mapping, exploitation, and clean up from a variety of adversarial perspectives (white/grey/black box testing)
  • Proficient in infrastructure and web application testing
  • Proficient in using common commercial and open-source penetration testing tool sets including Kali Linux, Metasploit, Nmap, BurpSuite, Nessus and other industry standard tools
  • Hold an industry recognised certification (this can be at any level from Offensive Security Certified Professional (OSCP)
  • CompTIA PenTest+
  • CHECK, CREST)
  • Motivated to lead with purpose, innovate, and make a genuine lasting impact
  • Takes responsibility for work tasks and quality, managing own workload and deadlines under supervision

Nice to have

Experience in API testing desirable

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cyber Security Principal Consultant

8 matching positions

Principal Cyber Security Consultant

We have an exciting opportunity for a Principal Cyber Security Consultant to joi...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in security leadership, with a strong track record of delivering measurable results
  • Experienced in developing and implementing security strategies and programmes
  • Possess a broad understanding of a range of technical and organisational security domains
  • Proven stakeholder management skills, including at C-suite level
  • Excellent leadership, communication, and interpersonal skills, with the ability to effectively lead teams
  • Demonstrable experience of successfully working with large and complex organisations
  • Excellent presentation and communication skills
  • Strong alignment with FSP values and ethos
  • Commitment to teamwork, quality and mutual success
  • Proactivity with an ability to operate with pace and energy
Job Responsibility
Job Responsibility
  • Support the successful delivery of security transformation programmes
  • Lead and manage engagements, partnering with clients to understand their requirements, then building and executing strategies to add demonstrable value
  • Build and maintain strong relationships with clients, serving as a trusted advisor and subject matter expert
  • Lead on cyber security assessments and development of improvement programmes
  • Lead the delivery of virtual CISO services
  • Advising Boards and other C level executives on effective cyber security delivery
  • Mentoring and coaching client security leaders to be more effective in their organisations
  • Provide quality assurance, oversight, management and mentorship for other team members
  • Actively contribute to cyber security thought leadership
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Consultant

We have an exciting opportunity for an experienced Cyber Security Consultant to ...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A broad understanding of cyber threats and their relation to enterprise risk
  • Experienced in implementing security strategies and programmes that provide value to an organisation
  • Comfortable leading successful security projects and initiatives
  • Possess a broad understanding of a range of complex technical and organisational security domains
  • Familiar with common security technologies and tools
  • Experienced in developing and maintaining meaningful security metrics and reporting for stakeholders
  • Possess excellent stakeholder management skills
  • Able to make key decisions that impact outcomes
  • Strong alignment with FSP values and ethos
  • Commitment to teamwork, quality, and mutual success
Job Responsibility
Job Responsibility
  • Work closely with Boards, CISOs, Principal Consultants, and Partners to deliver high-quality advisory engagements and strategic guidance
  • Lead and support the delivery of cyber advisory services, including security assessments aligned to recognised frameworks and the development of targeted improvement programmes
  • Contribute to business growth by supporting the identification, scoping, proposal, and closure of opportunities across new and existing clients
  • Actively contribute to security thought leadership through our advisory, publication and social media channels
  • Assist with the development of new and existing services
  • Leverage relevant expertise and knowledge to work collaboratively with clients, suppliers, and peers
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package
  • Fulltime
Read More
Arrow Right

Principal Consultant - Offensive Security

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands
  • Fulltime
Read More
Arrow Right

Principal Consultant, Red Team

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

We have an exciting opportunity for a Senior Security Consultant to join our gro...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards
  • Experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experience applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
  • Flexibility to work from home, FSP office locations or at times visit client sites
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes
  • Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right

Principal Consultant, Incident Preparedness - Proactive Services

As a client-facing Principal Consultant, you will be a key leader in our proacti...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Information Security, Computer Science, Cyber Security, or a related field, or equivalent practical experience
  • 8+ years of combined experience in incident preparedness and incident response consulting
  • Demonstrated experience leading and delivering complex, client-facing cybersecurity engagements from scoping through to completion
  • Mandatory, hands-on experience in both incident response (IR) and incident preparedness, with a primary focus on preparedness
  • Professional business fluency in both French and English
Job Responsibility
Job Responsibility
  • Lead the end-to-end delivery of proactive incident preparedness projects, including Tabletop Exercises (TTX), Incident Response Plan development, and Response Maturity Assessments
  • Critically review and analyze client documentation, such as Crisis Management, Incident Response, and Business Continuity plans, to identify gaps and provide actionable recommendations
  • Design, plan, and facilitate a variety of TTXs for diverse audiences, from technical teams to C-suite executives, delivering detailed post-exercise reports with strategic insights
  • Manage the full lifecycle of client engagements, from initial scoping and stakeholder alignment to final deliverable production, ensuring high-quality outcomes and customer satisfaction
  • Proactively collaborate with clients and internal Unit 42 teams, serving as a trusted advisor to enhance their overall cyber resilience and preparedness posture
  • Contribute to the continuous improvement of service delivery methodologies and internal team knowledge by sharing insights and applied learnings from client engagements
  • Travel as required (approximately 20%) to meet client engagement needs and business demands
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

The Principal Security Engineer, under the direction of the Director of Security...
Location
Location
United States , Palo Alto
Salary
Salary:
147050.00 - 220800.00 USD / Year
wsgr.com Logo
Wilson, Sonsini, Goodrich & Rosati
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree required
  • 5+ of experience in Information Security
  • One or more of the following certifications preferred: GIAC, CISSP, CISM, CEH, CIPP
  • Focus on knowledge of direct support for Security Information and Event Management (SIEM) systems (e.g. configuration of feeds, developing alarm/report concepts), Red Teaming concepts and execution, and Linux skills including command line and operational/administrative usage
  • Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
  • Experience with windows desktop, server, and database security
  • Ability to identify security technology risks and perform incident response
  • Extensive knowledge of TCP/IP networking including wireless, network monitoring/design and routing
  • Extensive understanding of the cyber kill-chain
  • Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
Job Responsibility
Job Responsibility
  • Provide subject matter expertise in information security as it relates to networks and systems
  • Manage the Firm’s security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems
  • Review security events from all monitoring environments not integrated with the firm SIEM, and those events escalated by the SOC, on a daily basis, and follow defined incident response processes in their analysis and reporting
  • Monitor appropriate venues for threats to the security of the Wilson Sonsini Goodrich & Rosati environment. Provide notification to all impacted parties related to the actions needed to mitigate threats and manage the threat lifecycle in totality
  • Manage and lead evaluations of the firm’s environment by external 3rd parties. Produce recommendations that integrate any findings with the business needs of the firm
  • Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and discipline developments. Make appropriate recommendations that meet the firms needs
  • Design and build operational environments that scale to meet the needs of our security products and assure appropriate reliability
  • Support general troubleshooting related to information security tasks and provide support to end users as needed
  • Provide other teams with security consulting services, including responding to requests for additional information and assisting with specific projects
What we offer
What we offer
  • discretionary year-end merit bonus based on performance
  • highly competitive salary and benefits package
  • Fulltime
Read More
Arrow Right

Principal Consultant, Incident Preparedness - Proactive Services

As a client-facing Principal Consultant, you will be a key leader in our proacti...
Location
Location
France , Paris
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Information Security, Computer Science, Cyber Security, or a related field, or equivalent practical experience
  • 8+ years of combined experience in incident preparedness and incident response consulting
  • Demonstrated experience leading and delivering complex, client-facing cybersecurity engagements from scoping through to completion
  • Mandatory, hands-on experience in both incident response (IR) and incident preparedness, with a primary focus on preparedness
  • Professional business fluency in both French and English
Job Responsibility
Job Responsibility
  • Lead the end-to-end delivery of proactive incident preparedness projects, including Tabletop Exercises (TTX), Incident Response Plan development, and Response Maturity Assessments
  • Critically review and analyze client documentation, such as Crisis Management, Incident Response, and Business Continuity plans, to identify gaps and provide actionable recommendations
  • Design, plan, and facilitate a variety of TTXs for diverse audiences, from technical teams to C-suite executives, delivering detailed post-exercise reports with strategic insights
  • Manage the full lifecycle of client engagements, from initial scoping and stakeholder alignment to final deliverable production, ensuring high-quality outcomes and customer satisfaction
  • Proactively collaborate with clients and internal Unit 42 teams, serving as a trusted advisor to enhance their overall cyber resilience and preparedness posture
  • Contribute to the continuous improvement of service delivery methodologies and internal team knowledge by sharing insights and applied learnings from client engagements
  • Travel as required (approximately 20%) to meet client engagement needs and business demands
  • Fulltime
Read More
Arrow Right