Senior Security Consultant (GRA)

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Role Overview

We have an exciting opportunity for a Senior Security Consultant to join our growing Governance, Risk and Assurance (GRA) team. Within this role, you will utilise your GRA andcybersecurityexpertise toadvise clients on information security, lead technical consulting engagements and support in the delivery of complex security programmes.

Responsibilities

• Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes.

• Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2).

• Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks.

• Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight.

• Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes.

• Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps.

• Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community.

• Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism.

About you

• You have extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading GRC and security assurance initiatives.

• You possess strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards, with demonstrable experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies.

• You are experienced in applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007.

• You are a confident stakeholder manager, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes.

• You hold relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification.

• You hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status.

• You are eligible to work in the UK and able to obtain and maintain UK security clearances. You will have the flexibility to work from home, FSP office locations or at times visit client sites.

What we look for in our people

• Strong alignment with FSP values and ethos

• Commitment to teamwork, quality and mutual success

• Proactivity with an ability to operate with pace and energy

• Strong communication and interpersonal skills

• Excellent planning and organisational skills

• Dedication to excellence and quality

Who are FSP?

FSP is a leading consultancy specialising in Digital, Security and AI solutions. Our success is enabled by our unwavering commitment to excellence, our people centric culture alongside best-in-class operations, ensuring impactful and sustainable outcomes for our clients.

As a long standing and highly accredited Microsoft Partner, with extensive solution designations, we partner with clients across a range of commercial sectors, enabling digital transformation, innovation and robust cyber security.

We navigate the complexities of data sensitivity, confidentiality, governance and compliance. We blend strategic insight, depth of technical expertise, delivery and operational excellence to meet the specific requirements outlined.

We take a collaborative, one team approach with our clients to drive sustainable change, providing outstanding client experience and delivering exceptional results that are aligned with business priorities.

Our commitment to security and quality is reinforced by our ISO27001 and ISO9001 certifications (UKAS), as well as our CREST approved penetration testing and SOC capabilities. Additionally, we are an IASME Cyber Essentials Certification Body and Cyber Essentials Plus certified.

Find out more about our accolades here: https://fsp.co/about-fsp/

Why work for FSP?

At FSP, we are committed to providing:

• A collaborative and supportive environment in which you can grow and develop your career

• The tools and opportunity to do work you can be proud of

• A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience

• Hybrid working - we empower you to make smart choices about when and where to work to achieve great results.

• Industry leading coaching and mentoring

• Plus the excellent benefits package we offer at FSP

FSP is an equal opportunity employer. We consider all applicants for employment regardless of age, disability, sexual orientation, gender identity, family or parental status, race, colour, nationality, ethnic or national origin, religion or belief.

We endeavour to always provide fair opportunity for applicants to showcase themselves in the best way possible during any interviews or meetings. If you require any adjustments for a call or in-person meeting, please let us know.