CrawlJobs Logo
FSP Logo FSP · IT - Software Development

Senior Cyber Risk & Compliance Consultant

United Kingdom, Glasgow or Reading · Job Posted June 14, 2026
Apply Position
Job Link Share

Job Responsibility

  • Lead cyber governance, risk and compliance engagements, with primary focus on achieving certification or standards alignment to ISO27001, including gap assessments, strategy and planning, implementation support, audit preparation and pre and post certification support
  • Engage with clients to understand their wider threat landscape and business context, conducting risk and compliance assessments against other recognised frameworks and standards (e.g. NIST, SOC 2, DefStan)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism

Requirements

  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading GRC and security assurance initiatives
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards, with demonstrable experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experienced in applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes
  • Hold a recognised ISO/IEC 27001 Lead Implementer or Lead Auditor certification, alongside other relevant academic or professional qualifications (e.g. MSc in Cyber Security or related specialism, CISM, CISSP, PCIRM)
  • Hold, or be working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances

What we offer

  • Collaborative and supportive environment
  • Tools and opportunity to do work you can be proud of
  • Chance to work alongside some of the best people in the industry
  • Hybrid working
  • Industry leading coaching and mentoring
FSP - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Cyber Risk & Compliance Consultant

8 matching positions

Medior-Senior GRC Consultant - Regulatory and Compliance focus

We ensure that all operations, digital or otherwise, meet the latest quality and...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience in the Cybersecurity business landscape
  • Proficiency in Dutch and English is mandatory
  • Advanced knowledge of the 'cyber regulatory area'
  • Understanding of AI Act, DORA is a plus
  • Strong experience in performing Compliance Maturity assessments, Data Protection Impact Assessments and to apply Data protection by Design/By default and risk-based approach, perform quality legal compliance analyses and produce good quality reports
  • ISO27001 certification is a plus, experience in ITSRM, and a good understanding of compliance-oriented projects
  • Strong knowledge of PM roles and the ability to independently handle content-oriented missions
  • Client-oriented with the ability to navigate the EU and national regulatory environment, engaging with various stakeholders (regulators, EU, CISO, DPO)
  • A hands-on approach with a solution-oriented mindset, capable of effective communication within the business environment
  • Independence in client-oriented projects and adept at identifying opportunities
Job Responsibility
Job Responsibility
  • Lead regulatory compliance projects
  • Interpret complex legislation such as AI Act and DORA
  • Apply technical knowledge in cybersecurity to enhance the company’s security posture
  • Contribute to pre-sales activities
  • Draft RFPs
  • Understand the broader EU and national business landscapes
What we offer
What we offer
  • Extensive career development opportunities
  • Dynamic network of 56,000 professionals
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Senior Consultant - CRM (Proactive Services) Unit 42

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation's security operations program, organisational structures, and capabilities
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • Defensive Security Skills (desired)
  • Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs
  • Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats
  • Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements
  • Experience in conducting threat hunting and/or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment
  • Relevant industry certifications including GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP
  • Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001/2, PCI, CIS 18, CMMC
  • 3+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards
Job Responsibility
Job Responsibility
  • SOC Advisory
  • Principal Cloud Security
  • Principal Cyber Risk Management
Read More
Arrow Right

Senior Consultant - CRM (Proactive Services) Unit 42

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • 3+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards
  • Hands-on experience with a cloud hosting provider (AWS, Azure, GCP, etc)
  • Experience with a Cloud Application Security Broker - MCAS, Netskope
  • Possess a deep technical knowledge in CASBs, Cloud Platforms and the dependencies around such an environment (WAF, SSO, Cloud Threats, API Security, Cloud Security Posture Management)
  • Former experience with cloud migrations (cloud to cloud, or on-prem to cloud)
  • Experience in performing cyber security threat & risk assessments to support the development of cyber security strategies and roadmaps
  • Technical proficiency in a wide range of cyber risk management services, including cyber threat, risk and control assessments, secure software development practices, penetration testing, vulnerability assessments, among others
  • Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
Job Responsibility
Job Responsibility
  • SOC Advisory
  • Principal Cloud Security
  • Principal Cyber Risk Management
  • Fulltime
Read More
Arrow Right

Sr. Manager, Cyber Risk & Analysis | Retail Bank Premium Products & Experiences

As a Sr. Manager, Cyber Risk & Analysis | Retail Bank Premium Products & Experie...
Location
Location
United States , McLean, Virginia | Richmond, Virginia
Salary
Salary:
182500.00 - 229100.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of experience in Cybersecurity, Technology, Consulting, Audit, or Risk Management
  • At least 3 years of People Management experience
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM) certification
  • Certified AI Governance Professional (AIGP) certification or other relevant AI risk management certifications
  • Experience in a Large Financial Services or consulting organization
Job Responsibility
Job Responsibility
  • Act as the end-to-end tech and cyber risk partner for senior technology executives
  • Design and implement AI applications, agents, and automation workflows to enhance risk monitoring efficiency
  • Rationalize tech and cyber controls to align with technology processes
  • Execute large-scale architecture transformation programs and technology integrations
  • Collaborate with Cyber, Audit, and Risk functions to ensure coverage of shared controls
  • Serve as the primary point of contact for audit and compliance engagements
What we offer
What we offer
  • Performance based incentive compensation
  • Cash bonus(es)
  • Long term incentives (LTI)
  • Health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Senior Consultant - CRM

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs
  • Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats
  • Demonstrated experience in improving an organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements
  • Experience in conducting threat hunting and/or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment
  • Relevant industry certifications including GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP
  • Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001/2, PCI, CIS 18, CMMC
  • 3+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards
  • Hands-on experience with a cloud hosting provider (AWS, Azure, GCP, etc)
Job Responsibility
Job Responsibility
  • work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security
  • deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape
  • Fulltime
Read More
Arrow Right

Senior Consultant - Proactive Services

As a Senior Consultant in Unit 42 you will have the opportunity to work across a...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management
  • Demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program
  • Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms
  • Experience in security operations design, engineering and/or analysis and investigations, ideally in complex environments
  • Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations
  • Demonstrated experience in improving an organisations security operations capabilities
  • Experience in conducting threat hunting and/or compromise assessments
  • Relevant industry certifications including GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP
  • Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001/2, PCI, CIS 18, CMMC
  • 3+ years of experience performing cloud security advisement and risk assessments
Job Responsibility
Job Responsibility
  • Work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security
  • Deliver the best consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape
  • Fulltime
Read More
Arrow Right

Senior SAP Cyber Security Architect

We are seeking an Senior SAP Cyber Security Architect to join our Global Cyber S...
Location
Location
Canada , Mississauga
Salary
Salary:
103636.00 - 142499.00 USD / Year
mercedes-benz.com Logo
Mercedes-Benz AG
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • University or college degree in Computer Science, Information Technology, or a related field, or 5+ years of hands-on SAP experience
  • Primary expertise in SAP technologies, including SAP Basis and SAP architecture
  • SAP Cloud experience is highly desirable
  • Secondary focus on security, with experience in SAP security concepts and IT security principles
  • Strong technical knowledge of SAP S/4HANA, SAP Governance, Risk, and Compliance (GRC), and identity and access management integrations, e.g. Azure AD / Entra ID
  • Relevant certifications such as CISSP, CISM, and/or SAP Security or SAP GRC are an advantage
  • Passion for viewing processes and procedures as opportunities for improvement, optimization, and further development
  • Self-motivated, with the ability to identify the best course of action and implement solutions that reduce manual effort and improve efficiency
  • Honest and professional, with a proactive mindset that supports a team culture of knowledge sharing, excellence, and collaboration
  • Fluent in English
Job Responsibility
Job Responsibility
  • Design secure SAP system architectures and continuously enhance existing landscapes, including SAP Basis, SAP Cloud, SAP Cloud solutions (BTP and SAP SaaS), and SAP IAM
  • Act as a trusted partner for global SAP transformations to SAP RISE and for the expansion of security controls
  • Define, document, and validate SAP security standards and procedures, including operating procedures, exception management, hardening measures, and additional security services such as secure defaults and the protection of RFC, API, and interface communications
  • Define and reshape the SAP Secure Operations Map and contribute to SAP security architecture, controls, and global services across a worldwide SAP landscape
  • Lead SAP integration within a landscape of global IAM services
  • Act as a trusted advisor to SAP Basis, development, and business teams by translating security requirements into practical SAP solutions
  • Align SAP security architecture with enterprise security strategy, risk management, and regulatory frameworks
  • Serve as a central communication and consulting partner for the SAP organization, CISO organization, global cyber security, SAP, and external parties
  • Integrate SAP cyber security seamlessly into global cyber security services
  • Provide advisory support for audits, assurance reviews, and control testing
What we offer
What we offer
  • Commitment to inclusion & diversity
  • Engaging corporate culture
  • Ever-evolving brand strategy granting opportunities to build business acumen
  • Training development and career growth opportunities
  • Benefits to support work-life balance/integration
  • A strong portfolio of corporate social responsibility initiatives
  • State-of-the-art working facilities
  • Vehicle purchase and experience programs
  • Comprehensive health, dental, and pension programs
  • Recognition rewards and discount programs
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

We have an exciting opportunity for a Senior Security Consultant to join our gro...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards
  • Experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experience applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
  • Flexibility to work from home, FSP office locations or at times visit client sites
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes
  • Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right