Cyber Security Consultant - Secure by Design £42-52k Portsmouth, Hybrid SC Clearance Are you a cyber security professional with a background in defence and a strong grasp of how Secure by Design should work in practice - not just in theory? A specialist consultancy with a strong reputation in the defence and government space is looking to bring on a Cyber Security Consultant to support their growing portfolio of MOD-facing work. This is a genuine opportunity to do meaningful, technically credible work in an environment that values expertise over headcount. Salary: £42-52k DOE Package: Gym, private medical, company pension Working Structure: Hybrid in Portsmouth 2 days onsite Security Clearance: Eligibility or active SC clearance The Role: This position has two distinct dimensions. On one hand, you'll be conducting structured assessments - evaluating how well Secure by Design principles are being embedded across defence programmes and producing clear, evidence-backed findings. On the other, you'll be working alongside programme teams to help them act on those findings, guiding them through the practicalities of building security in from day one rather than retrofitting it later. Day to Day You'll Be: Assessing how Secure by Design principles are being applied across programmes and systems, and producing well-evidenced findings and recommendations Reviewing system designs, architectures, and change proposals to identify where security hasn't been adequately considered Supporting client teams in embedding SbD into their ways of working from the outset Evaluating risk ownership and escalation practices, helping stakeholders understand where accountability is unclear or gaps exist Producing security cases, assessment reports, and assurance documentation to a high standard Helping develop practical SbD guidance and processes that client teams can realistically use day to day Supporting broader assurance activity including assessments against the CAF Communicating clearly with technical and non-technical stakeholders, ensuring findings are understood and acted upon at every level Contributing to proposal writing, business development conversations, and the ongoing development of the consultancy's SbD service offering What You'll Need: A solid working knowledge of MOD Secure by Design principles and how they apply across the defence acquisition and system lifecycle Around 2-3 years of hands-on experience in cyber security risk assessment, security architecture review, or security assurance The confidence to work within client organisations, build relationships, and influence without direct authority Eligibility to obtain SC clearance, requiring at least 5 years continuous UK residency A full UK driving licence and willingness to travel to client sites approximately two days per week. Desired but not essential: Practical experience applying MOD SbD principles within defence programmes Experience working in defence or wider public sector cyber security environments Familiarity with the CAF, NCSC guidance, GovAssure, or related frameworks A professional certification such as CISMP or CCP, or active progress towards CISSP or CISM A cyber security related degree or equivalent professional development Apply now or reach out directly for a confidential conversation. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
09/06/2026
Full time
Cyber Security Consultant - Secure by Design £42-52k Portsmouth, Hybrid SC Clearance Are you a cyber security professional with a background in defence and a strong grasp of how Secure by Design should work in practice - not just in theory? A specialist consultancy with a strong reputation in the defence and government space is looking to bring on a Cyber Security Consultant to support their growing portfolio of MOD-facing work. This is a genuine opportunity to do meaningful, technically credible work in an environment that values expertise over headcount. Salary: £42-52k DOE Package: Gym, private medical, company pension Working Structure: Hybrid in Portsmouth 2 days onsite Security Clearance: Eligibility or active SC clearance The Role: This position has two distinct dimensions. On one hand, you'll be conducting structured assessments - evaluating how well Secure by Design principles are being embedded across defence programmes and producing clear, evidence-backed findings. On the other, you'll be working alongside programme teams to help them act on those findings, guiding them through the practicalities of building security in from day one rather than retrofitting it later. Day to Day You'll Be: Assessing how Secure by Design principles are being applied across programmes and systems, and producing well-evidenced findings and recommendations Reviewing system designs, architectures, and change proposals to identify where security hasn't been adequately considered Supporting client teams in embedding SbD into their ways of working from the outset Evaluating risk ownership and escalation practices, helping stakeholders understand where accountability is unclear or gaps exist Producing security cases, assessment reports, and assurance documentation to a high standard Helping develop practical SbD guidance and processes that client teams can realistically use day to day Supporting broader assurance activity including assessments against the CAF Communicating clearly with technical and non-technical stakeholders, ensuring findings are understood and acted upon at every level Contributing to proposal writing, business development conversations, and the ongoing development of the consultancy's SbD service offering What You'll Need: A solid working knowledge of MOD Secure by Design principles and how they apply across the defence acquisition and system lifecycle Around 2-3 years of hands-on experience in cyber security risk assessment, security architecture review, or security assurance The confidence to work within client organisations, build relationships, and influence without direct authority Eligibility to obtain SC clearance, requiring at least 5 years continuous UK residency A full UK driving licence and willingness to travel to client sites approximately two days per week. Desired but not essential: Practical experience applying MOD SbD principles within defence programmes Experience working in defence or wider public sector cyber security environments Familiarity with the CAF, NCSC guidance, GovAssure, or related frameworks A professional certification such as CISMP or CCP, or active progress towards CISSP or CISM A cyber security related degree or equivalent professional development Apply now or reach out directly for a confidential conversation. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Job Title: Principal Cyber Security Consultant Location: Bristol, England, United Kingdom Role Type: Permanent - Full Time Package: Competitive Salary + Benefits Role ID: SF19526 Join us as a Principal Cyber Security Consultant at our Corsham site where you will work with cutting edge technology alongside brilliant minds. The Role As a Principal Cyber Security Consultant you will join our Information Assurance and Cyber Risk team that provides expert risk assessments, analysis and advice to clients within the Defence Sector. Your Responsibilities Leading cyber security consultancy with key customers at a senior level providing subject matter expertise, advice and guidance on security matters Implementing Secure by Design for systems across live, test and training environments Monitoring and reporting on system security requirements and vulnerabilities, escalating unresolved vulnerabilities when appropriate Managing the effective coordination of all security related activities, including but not limited to queries, incident management, document reviews and testing Modelling Cyber security risks using established and novel frameworks Essential Experience In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experience of SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability to identify evidence, create compelling cases and oversee creation of cyber security strategies in business and operational contexts Comprehensive knowledge of UK Defence deployed network architectures with an understanding of proactive security risk management Essential Qualifications We value difference and do not have a fixed idea when it comes to background or education; provided you can show the required level of experience and willingness to learn, we would like to hear from you. This role is 37 hours per week based at Corsham. Hybrid working patterns available. Travel to customer sites will be expected. Benefits Matched contribution pension scheme, with life assurance Generous holiday allowance, with the option to purchase additional days Options to join Health Cash Plan, Private Medical Insurance and Dental Insurance Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more We are proud to support the Armed Forces community by honouring the Armed Forces Covenant and maintaining our Gold Award standard in the Defence Employer Recognition Scheme Volunteering Opportunities - helping charities and local community All applicants for this role must be willing to go through DV Clearance.
23/05/2026
Full time
Job Title: Principal Cyber Security Consultant Location: Bristol, England, United Kingdom Role Type: Permanent - Full Time Package: Competitive Salary + Benefits Role ID: SF19526 Join us as a Principal Cyber Security Consultant at our Corsham site where you will work with cutting edge technology alongside brilliant minds. The Role As a Principal Cyber Security Consultant you will join our Information Assurance and Cyber Risk team that provides expert risk assessments, analysis and advice to clients within the Defence Sector. Your Responsibilities Leading cyber security consultancy with key customers at a senior level providing subject matter expertise, advice and guidance on security matters Implementing Secure by Design for systems across live, test and training environments Monitoring and reporting on system security requirements and vulnerabilities, escalating unresolved vulnerabilities when appropriate Managing the effective coordination of all security related activities, including but not limited to queries, incident management, document reviews and testing Modelling Cyber security risks using established and novel frameworks Essential Experience In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experience of SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability to identify evidence, create compelling cases and oversee creation of cyber security strategies in business and operational contexts Comprehensive knowledge of UK Defence deployed network architectures with an understanding of proactive security risk management Essential Qualifications We value difference and do not have a fixed idea when it comes to background or education; provided you can show the required level of experience and willingness to learn, we would like to hear from you. This role is 37 hours per week based at Corsham. Hybrid working patterns available. Travel to customer sites will be expected. Benefits Matched contribution pension scheme, with life assurance Generous holiday allowance, with the option to purchase additional days Options to join Health Cash Plan, Private Medical Insurance and Dental Insurance Employee discount portal: Personal Accident Insurance, Travel Insurance, Restaurants, Cinema Tickets and much more We are proud to support the Armed Forces community by honouring the Armed Forces Covenant and maintaining our Gold Award standard in the Defence Employer Recognition Scheme Volunteering Opportunities - helping charities and local community All applicants for this role must be willing to go through DV Clearance.
Job Description: The Secure by Design (SBD) Consultant team members assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings. The role ensures that Bank of America continuously develops cyber secure technologies that adhere to internal policies as well as industry best practices. In addition, the team may be asked to provide technical support to the client, management, and lines of business in risk assessments and implementation of appropriate data security procedures and products. Must be able to meet demands associated with managing multiple projects in a global environment. Assist with and contribute to overall SBD success. The Team The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). Required Skills: • number of years' experience in cyber security or a technology-related field. • Experience in vulnerability assessment, security incident response, application security. • Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc. • Ability to evaluate technology to ensure cyber-secure development that adheres to internal application policy, standards, and baselines. • Experience in analyzing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat. • Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements. • Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders. • Experience with basic SharePoint usage. • Ability to take ownership of an initiative/issue through completion. • Ability to work in a collaborative environment. • Strong project management skills. • Ability to work with minimal supervision. • Ability to own and deliver on complex initiatives in a high paced, evolving environment. Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2). Desired Skills: • Bachelor's degree in Information Technology, information security or related field • Master's degree preferred • Knowledge in Application security, Risk assessments, Cloud technologies, GRC (Governance, Risk, and Compliance) with emphasis on security processes and controls • Strong analytical skills/problem solving/conceptual thinking • Ability to work with technical and non-technical business owners • Assist with internal efficiencies projects and development E very day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind- set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio- economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
24/09/2022
Full time
Job Description: The Secure by Design (SBD) Consultant team members assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings. The role ensures that Bank of America continuously develops cyber secure technologies that adhere to internal policies as well as industry best practices. In addition, the team may be asked to provide technical support to the client, management, and lines of business in risk assessments and implementation of appropriate data security procedures and products. Must be able to meet demands associated with managing multiple projects in a global environment. Assist with and contribute to overall SBD success. The Team The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). Required Skills: • number of years' experience in cyber security or a technology-related field. • Experience in vulnerability assessment, security incident response, application security. • Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc. • Ability to evaluate technology to ensure cyber-secure development that adheres to internal application policy, standards, and baselines. • Experience in analyzing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat. • Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements. • Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders. • Experience with basic SharePoint usage. • Ability to take ownership of an initiative/issue through completion. • Ability to work in a collaborative environment. • Strong project management skills. • Ability to work with minimal supervision. • Ability to own and deliver on complex initiatives in a high paced, evolving environment. Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2). Desired Skills: • Bachelor's degree in Information Technology, information security or related field • Master's degree preferred • Knowledge in Application security, Risk assessments, Cloud technologies, GRC (Governance, Risk, and Compliance) with emphasis on security processes and controls • Strong analytical skills/problem solving/conceptual thinking • Ability to work with technical and non-technical business owners • Assist with internal efficiencies projects and development E very day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind- set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio- economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0
Information Security Consultant (Secure by Design) Banking Remote / can be based in either Chester or London when necessary 6 months+ £650 - £700 per day The Secure by Design (SBD) Consultant team members assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings. The role ensures that the client continuously develops cyber secure technologies that adhere to internal policies as well as industry best practices. In addition, the team may be asked to provide technical support to the client, management, and lines of business in risk assessments and implementation of appropriate data security procedures and products. Must be able to meet demands associated with managing multiple projects in a global environment. Assist with and contribute to overall SBD success. Required Skills: * 4 to 8 years of experience in cyber security or a technology-related field. * Experience in vulnerability assessment, security incident response, application security. * Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc. * Ability to evaluate technology to ensure cyber-secure development that adheres to internal application policy, standards, and baselines. * Experience in analysing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat. * Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements. * Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders. * Experience with basic SharePoint usage. * Ability to take ownership of an initiative/issue through completion. * Ability to work in a collaborative environment. * Strong project management skills. * Ability to work with minimal supervision. * Ability to own and deliver on complex initiatives in a high paced, evolving environment. * Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2). Desired Skills: * Bachelor's degree in Information Technology, information security or related field * Master's degree preferred * Knowledge in Application security, Risk assessments, Cloud technologies, GRC (Governance, Risk, and Compliance) with emphasis on security processes and controls * Strong analytical skills/problem solving/conceptual thinking * Ability to work with technical and non-technical business owners * Assist with internal efficiencies projects and development Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
14/09/2021
Contractor
Information Security Consultant (Secure by Design) Banking Remote / can be based in either Chester or London when necessary 6 months+ £650 - £700 per day The Secure by Design (SBD) Consultant team members assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings. The role ensures that the client continuously develops cyber secure technologies that adhere to internal policies as well as industry best practices. In addition, the team may be asked to provide technical support to the client, management, and lines of business in risk assessments and implementation of appropriate data security procedures and products. Must be able to meet demands associated with managing multiple projects in a global environment. Assist with and contribute to overall SBD success. Required Skills: * 4 to 8 years of experience in cyber security or a technology-related field. * Experience in vulnerability assessment, security incident response, application security. * Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc. * Ability to evaluate technology to ensure cyber-secure development that adheres to internal application policy, standards, and baselines. * Experience in analysing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat. * Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements. * Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders. * Experience with basic SharePoint usage. * Ability to take ownership of an initiative/issue through completion. * Ability to work in a collaborative environment. * Strong project management skills. * Ability to work with minimal supervision. * Ability to own and deliver on complex initiatives in a high paced, evolving environment. * Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2). Desired Skills: * Bachelor's degree in Information Technology, information security or related field * Master's degree preferred * Knowledge in Application security, Risk assessments, Cloud technologies, GRC (Governance, Risk, and Compliance) with emphasis on security processes and controls * Strong analytical skills/problem solving/conceptual thinking * Ability to work with technical and non-technical business owners * Assist with internal efficiencies projects and development Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
