CrawlJobs Logo

Lead Cyber Risk Consultant

United Kingdom, Cheshire · Job Posted March 21, 2026
Apply Position
Job Link Share

Job Description

Whitehall Resources are currently looking for a Cyber Risk Consultant based in Cheshire for an initial 7-month contract. The Lead Cyber Risk Consultant will spearhead the EOL risk assessment project, providing strategic direction and oversight. In this role, you will lead a comprehensive evaluation of cybersecurity risks associated with End-of-Life technologies across the bank and apply a new cyber risk methodology to assign risk ratings.

Job Responsibility

  • Lead Risk Assessments: Plan and conduct a full stock assessment of EOL technologies within the bank
  • Risk Rating & Analysis: Oversee the analysis of identified vulnerabilities and weaknesses and produce risk ratings and reports
  • Residual Risk Reduction: Identify and recommend risk mitigation opportunities to reduce residual risk in legacy platforms and applications
  • Remediation Planning: Collaborate closely with technology owners and engineering teams to develop remediation plans and prioritize fixes or upgrades for EOL systems
  • Project Leadership & Coordination: Coordinate the efforts of the Cyber Risk Analysts, assigning tasks and monitoring progress
  • Stakeholder Engagement: Serve as the primary point of contact for stakeholders
  • Communicate risk findings and status updates
  • Transition to BAU: Ensure that remediation activities and improved risk practices are handed over smoothly to the permanent operational teams

Requirements

  • Approximately 8-10+ years of experience in cybersecurity
  • Significant experience in cyber risk management or security consulting roles
  • Prior experience leading risk assessment projects or large-scale security consulting engagements
  • Deep knowledge of cyber risk management practices, including risk assessment methodologies and frameworks (e.g. NIST CSF, ISO 27005, FAIR)
  • Ability to identify, classify, and prioritize cybersecurity risks in a large enterprise environment
  • Strong understanding of IT infrastructure and applications, especially the challenges posed by End-of-Life technologies
  • Advanced analytical skills (“cyber analytics”), including proficiency with risk analysis tools or GRC platforms
  • Proven ability to lead a team or project in a cybersecurity context
  • Excellent organizational skills to manage multiple parallel workstreams
  • Exceptional communication skills, both written and verbal
  • Strong stakeholder management and negotiation skills
  • Adept at solving complex problems and devising risk mitigation strategies
  • Flexibility to work with both onshore and offshore teams
  • Industry-recognized certifications in cybersecurity/risk are highly desirable (e.g., CISSP, CISM, CRISC, CISA)
  • Familiarity with relevant security standards and regulations (e.g., ISO 27001, NIST cybersecurity framework, banking industry regulations)

Nice to have

  • Experience in the banking or financial services sector is highly desirable
  • Certifications in cloud security or technical areas are a bonus (e.g., AWS/Azure security certifications)
  • Project management certifications (e.g. PRINCE2, PMP)

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead Cyber Risk Consultant

8 matching positions

Senior Cyber Risk & Compliance Consultant

Location
Location
United Kingdom , Glasgow or Reading
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading GRC and security assurance initiatives
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards, with demonstrable experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experienced in applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes
  • Hold a recognised ISO/IEC 27001 Lead Implementer or Lead Auditor certification, alongside other relevant academic or professional qualifications (e.g. MSc in Cyber Security or related specialism, CISM, CISSP, PCIRM)
  • Hold, or be working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, with primary focus on achieving certification or standards alignment to ISO27001, including gap assessments, strategy and planning, implementation support, audit preparation and pre and post certification support
  • Engage with clients to understand their wider threat landscape and business context, conducting risk and compliance assessments against other recognised frameworks and standards (e.g. NIST, SOC 2, DefStan)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • Collaborative and supportive environment
  • Tools and opportunity to do work you can be proud of
  • Chance to work alongside some of the best people in the industry
  • Hybrid working
  • Industry leading coaching and mentoring
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Consultant

We have an exciting opportunity for an experienced Cyber Security Consultant to ...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A broad understanding of cyber threats and their relation to enterprise risk
  • Experienced in implementing security strategies and programmes that provide value to an organisation
  • Comfortable leading successful security projects and initiatives
  • Possess a broad understanding of a range of complex technical and organisational security domains
  • Familiar with common security technologies and tools
  • Experienced in developing and maintaining meaningful security metrics and reporting for stakeholders
  • Possess excellent stakeholder management skills
  • Able to make key decisions that impact outcomes
  • Strong alignment with FSP values and ethos
  • Commitment to teamwork, quality, and mutual success
Job Responsibility
Job Responsibility
  • Work closely with Boards, CISOs, Principal Consultants, and Partners to deliver high-quality advisory engagements and strategic guidance
  • Lead and support the delivery of cyber advisory services, including security assessments aligned to recognised frameworks and the development of targeted improvement programmes
  • Contribute to business growth by supporting the identification, scoping, proposal, and closure of opportunities across new and existing clients
  • Actively contribute to security thought leadership through our advisory, publication and social media channels
  • Assist with the development of new and existing services
  • Leverage relevant expertise and knowledge to work collaboratively with clients, suppliers, and peers
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package
  • Fulltime
Read More
Arrow Right

Cyber Security Governance, Risk and Compliance Consultant

Accenture’s Security Practice is one of the fastest growing areas of the busines...
Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
accenture.com Logo
Accenture
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Governance, Risk & Compliance (GRC) Subject Matter Expert
  • experience in core compliance activities such as audit preparation, policy reviews, process flow and RASCI development, and third-party risk management
  • expert guidance on industry frameworks such as NIST 2.0
  • experience supporting security governance and risk initiatives
  • experience with integrated GRC operations including governance reviews, risk assessments, compliance monitoring, and contributions to GRC tooling and processes
Job Responsibility
Job Responsibility
  • Ensure all GRC processes, controls, and deliverables align with business and regulatory requirements, validating to-be processes and reviewing solution decisions
  • Lead core compliance activities such as audit preparation, policy reviews, process flow and RASCI development, and third-party risk management
  • Provide expert guidance on industry frameworks such as NIST 2.0, supporting security governance and risk initiatives across the client environment
  • Collaborate with internal and client stakeholders to evaluate options, guide decision-making, and ensure alignment with GRC best practices
  • Support integrated GRC operations including governance reviews, risk assessments, compliance monitoring, and contributions to GRC tooling and processes
What we offer
What we offer
  • comprehensive training covering business, technical and professional skills development
  • opportunities to hone functional skills and expertise in Cyber Security
  • integrated career counselling
  • great opportunities for professional development and rapid advancement
  • Fulltime
Read More
Arrow Right

Lead Risk Advisor

About the Role Join our high-growth tech enabled specialty insurance startup tha...
Location
Location
United States
Salary
Salary:
180000.00 - 200000.00 USD / Year
idexconsulting.com Logo
IDEX Consulting Ltd
Expiration Date
August 08, 2026
Flip Icon
Requirements
Requirements
  • Several years commercial insurance experience (brokerage or underwriting)
  • Proven talent for winning clients through relationship-building and consultative selling
  • Advanced commercial risk assessment capabilities
  • Outstanding communication and persuasion skills
  • Ability to quickly understand client needs across different verticals
  • Specialty knowledge in consumer brands, restaurants/hospitality, technology, or specific lines (property, cyber, management liability)
Job Responsibility
Job Responsibility
  • Convert qualified leads through consultative selling and risk expertise
  • Own and develop the risk management strategy for your commercial vertical
  • Engage in high-impact client touchpoints including proposal presentations
  • Partner with Lead Risk Advisors who handle ongoing account management
  • Develop tailored commercial solutions for mid-market clients ($50K-$5M GWP)
What we offer
What we offer
  • base & performance bonuses
  • Fulltime
Read More
Arrow Right

Senior Cyber Resilience Consultant

Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading cyber incident response and resilience outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including MITRE ATT&CK, ISO/IEC 27001, NIS, NIST, and UK Government Functional Standards, with demonstrable experience applying these to relevant cyber roles and engagements
  • Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes
  • Hold relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, a relevant cyber resilience, cyber incident response, or similar qualification or accreditation
  • Eligible to work in the UK and able to obtain and maintain UK security clearance
Job Responsibility
Job Responsibility
  • Lead delivery of proactive incident response preparedness activities including Incident Response Planning, maturity assessments and exercises including Tabletop (TTX), Live Play and other bespoke activities
  • Lead cyber governance, risk and assurance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes for our clients
  • Review and assess client documentation, processes and governance in relation to Cyber Incident Response, preparedness and alignment with Business Continuity and Emergency Response capabilities
  • Design, plan and deliver a variety of exercises to meet the needs of organisations across diverse industries and sectors
  • Engage and communicate with stakeholders from board and executive through to operational and other responders to understand their threat landscape and business context, and roles and responsibilities
  • Deliver quality reports, with actionable information tailored to the specific needs of clients and capturing the key learnings from assessments and exercises
  • Contribute to continuous improvement of service offerings, delivery methodologies and internal team knowledge by sharing insights and learning gained from client engagements
  • Support the wider delivery of cyber governance risk and assurance activities and delivery working with other service and client leads and functions
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right

India Cyber Controls Lead - Senior Vice President

The India Cyber Controls Lead (CCL) is a senior management level position respon...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of relevant experience
  • Demonstrable information security risk knowledge based on working in similar environments and situations
  • Excellent verbal and written communication skills and ability to comfortably interact with senior management as well as external agencies and regulators
  • Advanced Microsoft Office skills
  • Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations
  • Advanced analytical and problem solving skills
  • Consistently demonstrates clear and concise written and verbal communication
  • Proficient in interpreting and applying policies, standards and procedures
  • Demonstrated ability to remain unbiased in a diverse working environment
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Manage a large/complex team or multiple teams, overseeing resources, budget, policy formation and short to medium term planning
  • Manage and support risk and control programs for the organization including working with global teams to effectively deliver quality information security services to businesses in India
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Perform Business Consulting Activities on IS topics, and ensure Information Security Officer (ISO) consulting services are performed
  • Conduct cost-benefit analysis to justify IS investment, and build the IS team by promoting partnerships, and marketing IS developments
  • Partner with Global Information Security Officers and Global Information Security Program Managers to improve processes and reduce risk
  • Ensure risks are identified, assessed, mitigated and controlled, and assist Security Incident Response Teams as the Business IS Consultant
  • Ensure Control Preparedness and control effectiveness, as part of the Audit preparedness exercise, ensuring IS programs are audit ready
  • Manage critical regulatory interactions and assessments making optimum use of available resources
  • Ensure CISO presence in appropriate country forums and conduct regulatory required meetings and discussions
  • Fulltime
Read More
Arrow Right

Lead Security Consultant

Join us at Barclays as a Lead Security Consultant. At Barclays, we are committed...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Secure by Design – Strong understanding of embedding security principles into solution architecture and system development lifecycles, ensuring security controls are proactively integrated rather than retrofitted
  • Threat Modelling – Experience identifying potential threats, attack vectors, and security weaknesses across applications, infrastructure, and data platforms, with the ability to recommend effective mitigations
  • Security Assessment Scoping – Ability to define and scope security assessments, penetration testing engagements, and risk reviews to ensure appropriate coverage and alignment with business and regulatory requirements
Job Responsibility
Job Responsibility
  • Execution of security risk assessments and building threat models during the change & development lifecycle in order to identify vulnerabilities within the banks IT systems, applications and infrastructure, ensuring that compensating security controls and countermeasures are embedded in order to enhance security posture and resilience against cyber threats provision of timely communication of key findings and recommendations to stakeholders
  • Enablement of DevSecOps (and shift left), by providing engagement channels for customers and stakeholders who wish to engage early seeking security advice and input into their business plans and opportunities, or technology change designs, influencing key stakeholders in COO and CSO to create security strategies to enable business and technology evolution
  • Support and guidance to CISO, CIO and Product Team functions providing security reviews for prospective 3rd party technology products and services
  • Transfer of residual risks to the business/customer as required by the bank’s enterprise risk management framework
  • Collaboration with stakeholder and IT teams to support incident response and investigations using their knowledge of the banks technology systems sharing security insights
  • Participation in the development and maintenance of security policies, standards and procedures aligned to the banks risk tolerance, regulatory requirements and industry best practice
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Cyber Security Principal Consultant

Our client is recruiting for a Cyber Security Principal Consultant to join their...
Location
Location
United Kingdom , London or Birmingham
Salary
Salary:
55000.00 - 65000.00 GBP / Year
brosterbuchanan.com Logo
Broster Buchanan
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of working in professional services firms
  • Demonstrable experience of delivering and leading cyber security advisory and offensive security testing engagements
  • Demonstrable experience of delivering advisory engagements relevant to security operations and defensive controls
  • Understand technology trends, cyber threats, and industry issues
  • Proficient in report writing
  • Experience with security testing techniques such as threat modelling, reconnaissance, social engineering, enumeration, attack path mapping, exploitation, and clean up from a variety of adversarial perspectives (white/grey/black box testing)
  • Proficient in infrastructure and web application testing
  • Proficient in using common commercial and open-source penetration testing tool sets including Kali Linux, Metasploit, Nmap, BurpSuite, Nessus and other industry standard tools
  • Hold an industry recognised certification (this can be at any level from Offensive Security Certified Professional (OSCP)
  • CompTIA PenTest+
Job Responsibility
Job Responsibility
  • Contributing towards the development of exciting new market facing cyber security products and services and internal knowledge sharing hubs
  • Delivering cyber security engagements, from scoping through to delivery, debriefs and report writing
  • Supporting the development of other members of the team
  • Representing the client in external meetings, including attendance at client workshops, audit committees, and regional networking events
  • Building trusted relationships with senior client stakeholders and identifying client and service opportunities
  • Assisting in managing, delivering and leading cyber engagements across a diverse portfolio of clients across the breadth of the mid-market, ensuring both excellent client service and identification of further work opportunities
  • Managing the delivery of agreed work activities with a primary focus on technical security including offensive security services (OSCP, CompTIA PenTest+)
  • Fulltime
Read More
Arrow Right