Cyber Security Consultant - GRC & Controls Testing

We are supporting a financial services client in appointing two Cyber Security consultants with strong hands on GRC and information security expertise. These roles will focus on delivering security controls testing activity on the ground, supporting the wider internal audit function with high quality cyber assurance work.

This opportunity is well suited to experienced cyber security professionals who are confident working within formal audit frameworks and producing clear, defensible evidence.

The Role

• Perform detailed security controls testing
• Assess alignment to recognised security frameworks (NIST, CIS, etc.)
• Document findings and produce robust, defensible evidence
• Contribute to high quality reporting with clear, structured written output
• Engage with key stakeholders across technology and security functions

Key Experience & Skills

• Strong practical experience in cybersecurity, information security, and GRC
• Experience conducting cyber security controls testing within structured audit frameworks
• Solid understanding of NIST, CIS and related security standards
• Proven background in security controls testing
• Strong written communication skills, with the ability to produce clear and defensible documentation
• Comfortable operating autonomously within an audit environment

Please note: This is not a ITGC type position; you must have strong experience across both cyber security and security controls testing.