[6090] Senior Cyber Security Consultant - CAF assurance

Start date: ASAP
Clearance: DV Clearance (SC considered)

Working Pattern

• Mostly remote delivery
• Occasional travel within the UK for workshops or assurance activities where required
• Flexible, collaborative and delivery focused environment

Role Overview

We are seeking an experienced Senior Cyber Security Consultant to support the delivery of Cyber Assessment Framework (CAF) assurance and cyber resilience activities across public sector organisations. The role will focus on conducting structured CAF assessments, facilitating stakeholder engagement, reviewing evidence, identifying risks and improvement opportunities, and producing high quality assurance outputs aligned to NCSC guidance and recognised best practice. This is a predominantly remote role within a collaborative delivery team operating across multiple assurance engagements.

Key Responsibilities

• Deliver Cyber Assessment Framework (CAF) assurance activities across organisational and critical system assessments
• Conduct stakeholder workshops, interviews and evidence reviews to assess cyber resilience maturity
• Support clients in understanding CAF objectives, principles and outcomes
• Review policies, technical controls, governance processes and operational procedures against CAF requirements
• Assess cyber security capability across areas such as risk management, protective security, monitoring, incident management, supply chain and resilience
• Produce high quality assessment reports, observations, risk findings and improvement recommendations
• Contribute to assurance workbooks, delivery documentation and management information reporting
• Support onboarding, planning and scheduling activities for assurance engagements
• Work collaboratively with technical leads, assurance teams and delivery managers to ensure consistent delivery quality
• Support continuous improvement of CAF delivery methodologies, templates and knowledge assets
• Maintain strong stakeholder relationships whilst operating in complex and fast paced environments
• Ensure delivery aligns with government security standards, policies and assurance expectations

Essential Skills and Experience

• Demonstrable experience delivering cyber security assurance, governance, risk or compliance engagements
• Strong understanding of the NCSC Cyber Assessment Framework (CAF) or similar assurance frameworks
• Experience facilitating stakeholder interviews and evidence-based assessments
• Ability to analyse technical and non-technical cyber security controls and processes
• Strong report writing and communication skills
• Experience operating within public sector, regulated or complex enterprise environments
• Understanding of cyber security principles including identity and access management, vulnerability management, incident response, logging and monitoring, resilience and supply chain security
• Ability to manage multiple priorities and deliver against tight timescales
• Experience working within blended delivery teams in remote environments

Desirable Experience

• Experience supporting government or critical national infrastructure environments
• Knowledge of NCSC guidance, Secure by Design principles, ISO 27001, NIST or JSP standards
• Experience delivering maturity assessments or audit activities
• Professional certifications such as CISSP, CISM, ISO 27001 Lead Auditor, CCP or equivalent
• SC clearance or eligibility to obtain clearance