Cyberfort
Senior Information Security Consultant

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Join Cyberfort – Senior Information Security Consultant
Location: Remote, occasional travel as required to meet client/business needs
Department: Private Sector Cyber Consultancy
Contract Type: Full-time
Salary: Competitive + Benefits
About Cyberfort
At Cyberfort, we’re securing the digital future. As a leading UK provider of cybersecurity solutions, we deliver cutting-edge services in Managed Detection & Response (MDR), Penetration Testing, Security Operations, and Strategic Consulting.
We’re large enough to offer exciting opportunities, yet agile enough to ensure every voice is heard. At Cyberfort, you’re not just joining a company, you’re becoming part of a mission-driven team.
About the Role: Senior Information Security Consultant
As a Senior Information Security Consultant, you will lead and deliver client engagements across a broad range of security, risk, compliance and assurance programmes. You will work with organisations to assess, improve and evidence their security posture while supporting complex transformation, audit and governance initiatives.
This is a senior consulting role requiring strong stakeholder management skills, broad experience across information security frameworks, and the ability to apply pragmatic security solutions in diverse client environments. You will be framework agnostic in your approach, focusing on business outcomes and risk reduction rather than compliance for compliance’s sake.
The role combines strategic advisory services with hands-on technical and assurance delivery. You will work with clients across multiple sectors, helping them navigate evolving regulatory requirements, AI governance challenges, technical control assessments and security maturity improvement programmes.
Key Responsibilities
- Lead delivery of security assessments, assurance reviews and improvement programmes across frameworks including ISO 27001, NIST CSF, CAF, Cyber Essentials, DSPT, ISO 42001, CSA CCM and other industry-recognised standards
- Conduct complex gap analyses aligned to client risk appetite, regulatory obligations and business objectives
- Provide expert guidance on security governance, risk management and control frameworks, applying a framework agnostic approach to client challenges
- Assess, design and enhance technical, administrative and physical controls across cloud, on-premise and hybrid environments
- Review and optimise Microsoft 365 security controls, ensuring organisations achieve effective and proportionate security outcomes
- Lead risk assessments using recognised methodologies such as ISO 27005, NIST RMF, FAIR and equivalent approaches
- Deliver DSPT assessments, assurance activities and remediation programmes within healthcare and regulated environments
- Support organisations in developing governance and assurance models for AI adoption, including AI risk assessments, control reviews and compliance with emerging AI standards
- Develop, review and maintain security policies, standards, procedures and guidance documentation
- Lead internal audits, external audit preparation, certification readiness activities and compliance assessments
- Present findings, recommendations and remediation plans to senior stakeholders, technical teams and executive leadership
- Facilitate workshops, tabletop exercises and stakeholder engagement sessions to support security maturity improvement
- Mentor junior consultants and contribute to the development of Cyberfort's consulting capability
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
What We're Looking For
- Proven experience operating as a Senior Information Security Consultant, Information Security Manager, Security Assurance Consultant or similar role
- Strong experience across multiple information security and assurance frameworks including ISO 27001, NIST CSF, CAF, Cyber Essentials, DSPT, CSA CCM and related standards
- Demonstrable ability to work in a framework agnostic manner, selecting and applying the most appropriate controls and approaches for specific client requirements
- Strong understanding of security governance, risk management, assurance, compliance and audit principles
- Hands-on experience assessing and implementing technical security controls across enterprise environments
- Experience reviewing and enhancing Microsoft 365 security configurations and controls
- Experience supporting AI governance, AI risk management and assurance activities, including exposure to standards such as NIST AI RMF and ISO 42001
- Experience leading security audits, compliance reviews and control effectiveness assessments
- Strong understanding of technical security domains including identity and access management, endpoint security, cloud security, data protection and security monitoring
- Excellent written and verbal communication skills with the ability to influence stakeholders at all levels
- Experience producing high-quality client deliverables, reports and executive presentations
- Strong MS Office skills, particularly Word, Excel and PowerPoint
- Experience working with GRC and compliance platforms such as OneTrust, Vanta or similar solutions


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Desirable Certifications
- CISSP
- CISM
- ISO 27001 Lead Auditor
- ISO 27001 Lead Implementer
- CRISC
- ISO 42001 Lead Implementer or Auditor
- Microsoft Security certifications
Inclusive Hiring
We understand that one size doesn’t fit all. If you need adjustments during the recruitment process, we’re here to support you. Cyberfort is proud to be a Disability Confident Employer, a CyberFirst partner, and a signatory of the Armed Forces Covenant.
Why Join Us?
- Purpose-Driven Work – Help protect businesses and communities from evolving cyber threats.
- Growth & Development – Access mentoring, apprenticeships, graduate schemes, and continuous learning platforms.
- Inclusive Culture – We champion diversity through our Women’s Network, Neurodiversity Awareness, and Inclusion Committee.
- Flexible Working – Hybrid and remote options to support work-life balance.
- Top-Tier Benefits – Competitive salary, private healthcare, wellbeing support, generous holiday allowance, and more.
Ready to Apply?
If you’re passionate about cybersecurity and want to make a real impact, we’d love to hear from you.
Learn More
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location