Job description
We are seeking a skilled Cyber & Information Assurance Consultant to join our growing Cyber team. Reporting to the Head of Cyber & IA, you will play a key role in delivering cyber security and assurance services across a range of projects in defence, aerospace, government, and other regulated industries.
This is a client-facing role requiring both technical expertise and consultancy skills. You will work closely with customers, project teams, and stakeholders to identify, assess, and mitigate cyber risks, embed secure-by-design principles, and ensure compliance with relevant frameworks and standards.
You will contribute directly to the safe and secure delivery of complex projects, applying your knowledge of cyber frameworks, governance, and assurance, while helping to build a culture of security awareness across client organisations.
Responsibilities
Cybersecurity & Information Assurance
• Conduct cyber security risk assessments and develop risk treatment plans.
• Provide assurance and accreditation support in line with frameworks such as NIST CSF, ISO27001, GDPR, MOD Secure by Design, and NCSC CCP.
• Support clients in achieving and maintaining compliance with industry and regulatory standards.
• Develop and maintain cyber security documentation (policies, strategies, risk reports, security cases).
• Apply and interpret Secure by Design principles throughout the project lifecycle.
• Support Cyber Security for Airworthiness (CSA) activities, including DO-326A/ED-202A compliance, threat modelling, and mitigation strategies.
Consultancy & Client Engagement
• Act as a trusted advisor to clients, providing pragmatic and effective cyber security guidance.
• Translate technical risks into business impacts for non-technical stakeholders.
• Support workshops, stakeholder meetings, and security awareness activities.
• Contribute to business development by identifying opportunities to expand services. Governance, Risk & Compliance (GRC)
• Support governance and assurance activities across projects and programmes.
• Develop and review security governance frameworks and methodologies.
• Ensure third-party suppliers and contractors align with security standards and SbD principles.
Teamwork & Professional Development
• Work collaboratively within a team of cyber consultants under the guidance of the Head of Cyber & IA.
• Share knowledge and mentor junior consultants where required.
• Stay up to date with evolving cyber security threats, policies, and standards, and bring insights into project delivery.
Qualifications
• Degree in Cyber Security, Information Assurance, Computer Science, Engineering, or equivalent professional experience.
• Professional certification (or working towards) in cyber/information security.
Experience
Essential
• Strong knowledge of cyber security frameworks (NIST CSF, ISO27001, GDPR, MOD SbD, DO-326A/ED-202A).
• Experience delivering cyber risk assessments, assurance, and accreditation in regulated industries.
• Familiarity with Cyber Security for Airworthiness or other safety-critical domains.
• Ability to build and maintain effective client relationships.
• Excellent communication skills, with the ability to explain technical issues clearly to diverse audiences.
• Analytical and problem-solving mindset with attention to detail.
• Eligible for, or holding, UK Security Clearance.
Desirable
• Professional certifications (CISSP, CISM, ISO27001 Lead Implementer/Auditor, NCSC CCP).
• Experience in defence, aerospace, or critical infrastructure projects.
• Experience in authoring cyber security documentation (security strategies, risk reports, security cases).
• Understanding of emerging technologies and their impact on cyber resilience.