Job Specifications
About the Company
We’re working with an established and growing UK cybersecurity consultancy expanding its Defence and Public Sector practice. This is a great opportunity for an experienced security professional to lead high-impact programmes, influence senior stakeholders, and shape security outcomes across MOD and wider Defence environments.
About the Role
As a Lead Cyber Security Consultant, you’ll take ownership of multiple client engagements, delivering expert advice across governance, risk, compliance, and Secure by Design practices. You’ll work closely with senior stakeholders to assess risk, define security controls, deliver assurance activities, and support secure architecture across complex, high-profile systems. This is a hands-on, strategic role that combines leadership, client engagement, and technical depth.
Responsibilities
Lead Secure by Design and security assurance activities across MOD and Public Sector programmes
Support and guide the application of risk management frameworks, ISMS, and Enterprise Security Risk Management
Conduct and lead workshops with technical and business stakeholders
Produce clear, actionable reporting on risk, vulnerabilities, and remediation
Provide pragmatic, proportionate recommendations aligned to business goals
Support secure design across cloud and on-premise platforms
Contribute to internal knowledge sharing and thought leadership
Experience
Strong background in Technical/Security Architecture or Governance, Risk & Compliance
Experience working in Defence / MOD environments
Required Skills
Strong analytical and communication skills, with the ability to influence senior stakeholders
Passion for continuous learning and high-quality security outcomes
Preferred Skills
SAC (Security Assurance Coordinator) or Delivery Team Security Lead experience
MOD/GDS Secure by Design
Familiarity with: JSP440, JSP604/453, JSP490
Supplier Chain Assurance
GDPR, PCI DSS, ICO
ISO 27001, NIST CSF, CIS Controls v8
Skills in: Threat modelling (kill chain, attack trees, etc.)
Cloud security (AWS, Azure), containerisation, firewalls
Secure SDLC
HLD/LLD review
ITHC scoping and remediation
Certifications (Desirable)
CIISE
CUK Cyber Security Council registration (Chartered or Principal)
AWS/Azure Security (Professional)
CCSP, CISSP, CISM
ISO 27001 Lead Auditor
Security Vetting / Clearance
Active and transferable DV clearance is essential
Must be a sole British National and UK‑based
Interested? Submit your application to learn more about this exciting opportunity.
About the Company
Sanderson Government & Defence was established over 20 years ago as a bespoke solution to a unique talent problem: sourcing and placing high-calibre professional talent to work within the UK government and defence sector.
MISSION
We provide talent solutions for the UK government and their critical supply chains, including: Ministry of Defence and areas of National Security; Central Government and Arm’s Length Bodies; National Policing and Justice; and the broader Public Sector.
EXPERTISE & SKILL
Central to our success has b...
Know more