Cyber Security Consultant

Cyber Security Consultant - Incident and Vulnerability Management

+6 months +

+1 day a week on site in London / Preston / Birmingham - 4 days WFH

+Inside IR35

+£550 - £580 a day

+SC cleared role - must have current active clearance

+Sole British nationals only due to nature of the project

Role Description:

Security Incident & Vulnerability Management Consultant
(Operational Integrator / SIAM - Transition Role)

UK Sole National ONLY
Security Clearance required

Role Summary
The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment.
The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence.
The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover.
This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.

Key Responsibilities

Align and standardise supplier processes for high-severity incidents (S3/S4) and vulnerability management.
Establish governance for incident severity, escalation, vulnerability prioritisation (CVSS, KEV, EPSS), and risk acceptance.
Coordinate multiple suppliers to ensure consistent delivery and compliance.
Govern major incident lifecycle activities, including escalation, communication, reporting, and assurance.
Oversee vulnerability management from identification through remediation and closure.
Define audit-ready evidence requirements and ensure alignment with ISMS and control frameworks.
Deliver governance reporting and support transition to BAU operations.

Essential Skills & Experience

Experience in Cyber Security Governance, Incident Management, or Vulnerability Management.
Strong understanding of incident response and vulnerability management lifecycles.
Experience working within multi-supplier or SIAM environments.
Ability to interpret and govern SOC and vulnerability management outputs.
Knowledge of NIST CSF, NCSC guidance, or UK Government security frameorks.
Experience within Defence or other highly regulated environments.
Exposure to ISMS, audit, assurance, and ITIL practices