Job Overview

Cyber Risk Consultant

Location: London, England Salary: Negotiable
Type: Permanent Contact: Ben Meoded
Posted: about 1 month ago

The role

  • Support the development, implementation and improvement of standards, policies and strategies for overseeing cyber security and data risks
  • Ensure agreed risk management and reporting processes are being adequately followed
  • Support and challenge the first line of defence on the appropriateness and effectiveness of risk mitigation strategies
  • Undertake periodic testing and review of key control/process design and implementation decisions across cyber security and data.
  • Provide an independent 'second line' opinion on cyber security and data risks and mitigations
  • Support the development, co-ordination, approval and ongoing monitoring of risk assurance processes and strategies for the management of cyber security and data risks
  • The role holder is also expected to contribute to an open and transparent culture of risk management and demonstrate a strong awareness of the risks that should be managed within the responsibilities of the role; and

The successful candidate would have:

  • Proficient stakeholder management and relationship management skills to build and maintain positive professional relationships with a range of senior stakeholders. This will include an ability to actively influence these senior stakeholders with a confidence to deliver the right risk outcomes at senior levels of the organisation.
  • Ability to productively support and challenge technical cyber security and data experts
  • Excellent analytical skills and be able to effectively communicate (in both written and verbal forms) and engage in debate on complex cyber security and data risk topics.
  • Evidence of influencing outcomes with senior management in both formal (e.g. committee) and informal settings is critical.
  • Time management skills - used to working to deadlines and under a certain amount


  • Experience in conducting cyber security and data risk assessments of changes, projects and programmes
  • Experience in conducting cyber security and/or data protection benchmarking or maturity assessment against recognised industry standards
  • Experience in providing recommendations to manage cyber security or data risks
  • Experience in managing the relationships with supplier / partners to assure levels of Security & Compliance capabilities are commensurate
  • Practical experience with deployment and/or operation of commonly used cyber security or data solutions
  • Experience in managing stakeholders including challenging or unsupportive stakeholders
  • Strong experience of risk management frameworks, tools and processes

Required Knowledge

  • Expert understanding of security policies, procedures and standards for example ISO 27001, NIST Cyber Security Framework and Cyber Essentials
  • Good understanding of operating systems (Unix, Windows, Mac) and network security
  • Good understanding of technical cyber security and data subject areas, i.e. some or all of vulnerability management, penetration testing, encryption technologies, application security, security operations, intrusion detection, incident response, data protection, data governance, GDPR and OWASP top 10
  • Understanding of Cloud Computing and cloud security concepts
  • Expert knowledge of risk management and security risk management principles

Eames Consulting is acting as an Employment Agency in relation to this vacancy.