Cyber Security Consultant

Our client based in West London are seeking an experienced cyber risk professional to lead and mature our cyber risk management capability. This role plays a critical part in assessing, managing, and communicating cyber risks across the organisation, supporting leadership decision-making and ensuring alignment with regulatory, legislative, and business requirements.

You will act as a subject matter expert on cyber risk, working closely with technical and non-technical stakeholders to embed effective risk management practices across systems, architecture, and procurement activities.

Key Responsibilities

• Lead cyber security risk assessments for complex and high-impact scenarios, applying sound risk management principles and methodologies.
• Maintain and continuously improve the corporate cyber risk register, ensuring risks are clearly articulated, prioritised, and tracked.
• Monitor compliance with applicable regulatory and legislative requirements related to cyber security and risk management.
• Support the design, implementation, and ongoing effectiveness of security controls, recommending improvements where necessary.
• Conduct comprehensive analyses of complex security requirements and deliver clear, actionable cyber risk assessment outcomes.
• Provide guidance on cyber security governance arrangements and risk treatment strategies.
• Shape leadership decision-making through high-quality reporting on security process effectiveness and risk posture.
• Embed cyber risk management practices into business activities including system development, security architecture, and procurement processes.
• Apply standardised control frameworks (such as ISO 27001/27002), while recognising their strengths, limitations, and practical business impact.
• Advise on the balance between security controls, user experience, and business needs.
• Proactively gather, analyse, and interpret threat intelligence to understand the evolving threat landscape and strengthen organisational resilience.

Skills & Experience

• Proven experience delivering cyber security risk assessments in complex environments.
• Strong understanding of risk management principles, governance, and compliance obligations.
• Hands-on experience with recognised security control frameworks (e.g., ISO 27001/27002).
• Ability to communicate complex cyber risk concepts clearly to senior leaders and non-technical stakeholders.
• Experience influencing decision-making through structured analysis and effective reporting.
• Strong analytical mindset with the ability to assess emerging threats and their business impact.
• Collaborative approach, with experience embedding risk practices into broader business processes