Principal Cyber Security Risk & Audit Consultant

Methods is a leading IT Services Consultancy with a revenue exceeding £100M, dedicated to transforming the public sector in the UK. With over 30 years of experience, we partner with various central government departments and agencies to enhance operational efficiency and effectiveness.Our unique approach combines technology, data, and a human touch, which distinguishes us from other consultancies, system integrators, and software houses. We are committed to delivering sustainable and impactful solutions for our clients, staff, communities, and the environment.At Methods, we cultivate a collaborative atmosphere that fosters skill-sharing and problem-solving while enjoying our work. We embrace challenges, learn from our experiences, and strive for excellence.While primarily serving the public sector, we are actively expanding our portfolio to include significant private sector clients. Methods became part of the Alten Group in early 2022.Role Overview: As a prominent digital transformation consultancy, Methods collaborates with public and private organizations to provide innovative and secure solutions. Our focus on governance, risk, and compliance (GRC) empowers businesses to navigate intricate security landscapes while maintaining regulatory and operational resilience.We are currently looking for a Principal Cyber Security Risk & Audit Consultant to join our dynamic team. This position is perfect for a professional with extensive expertise in cyber security, risk management, and internal audit. Candidates should possess experience in both public and private sectors, ideally with a background in management consultancy. Strong leadership and team-building skills are highly preferred.

Role Overview Position: Senior Principal Consultant - Operational Resilience & Cyber Risk Location: London (Hybrid) Practice Area: Finance, Risk, Regulatory & Financial Crime Type: Permanent About the Role Capco seeks experienced Principal Consultants with expertise in Operational Resilience and Cyber Risk to strengthen the Financial Services Risk and Regulatory Framework (FRRF) practice. This senior leadership role involves guiding complex client projects across financial services and energy, with a focus on regulatory frameworks such as PRA and DORA. The position offers the chance to shape resilience strategies, influence client direction, and support transformation initiatives that drive growth. What You Will Do Lead operational resilience assessments, scenario testing, and the rollout of control programs. Advise clients on regulatory compliance, particularly around PRA, DORA, and related resilience frameworks. Oversee evaluations of cyber risk, third-party risk, and vendor resilience to uncover and address vulnerabilities. Develop governance structures, dashboards, and reporting approaches for senior management audiences. Direct cyber and technology resilience transformation projects, focusing on tool upgrades and control improvements.

Due to our ongoing expansion, Control Risks is excited to announce an opportunity for a dynamic and experienced Senior Consultant to join our esteemed Digital Risks Protect Advisory team in London. This is a rare chance for a dedicated, client-oriented professional to contribute to a successful team renowned for its expertise in cyber security. In this role, you will spearhead cyber security risk assessment projects primarily across the EMEA region and serve as a trusted subject matter expert in the realm of cyber security risk assessments. We are looking for candidates who can showcase their extensive experience in delivering cyber security evaluations and who possess the ability to engage effectively with senior client stakeholders. A collaborative mindset and a passion for providing high-quality cyber security guidance to some of the world's largest organizations are essential.This position entails a hybrid working model, requiring at least three days per week in our London office, along with the flexibility to travel up to 50% of the time, occasionally over weekends. Travel will mainly focus on destinations within Europe, with potential trips to Africa and beyond. This role is well-suited for individuals with a strong background in cyber security assurance and advisory functions, along with a deep understanding of the cyber security challenges faced by our clients.

Genius Sports combines technology and live data to change how fans connect with sports worldwide. The company aims to create interactive, personalized experiences that keep audiences engaged. More information is available at geniussports.com. Role overview The Cyber Risk Manager plays a key part in strengthening Genius Sports’ ability to identify, assess, and manage cyber risks across the organization. Reporting to the VP of Cyber Security within the Information Security division, this role works closely with the GRC Manager. The focus goes beyond compliance, addressing security risk as a core business issue. This position guides the creation and improvement of frameworks and practices that help teams make risk-aware decisions. The Cyber Risk Manager translates evolving threats into clear risk assessments, ensures consistent risk treatment and accountability, and supports the company’s growth with scalable risk management processes. Key responsibilities Establish and manage the cyber risk program, adapting it to organizational growth and shifting threats. Develop and maintain frameworks for identifying and assessing cyber risks across all business areas. Promote risk awareness, enabling teams to make informed cybersecurity decisions. Collaborate with the GRC Manager to address security risk as a business challenge, not just a technical or compliance issue. Translate complex threats into actionable risk assessments for stakeholders at every level. Drive consistent risk treatment and accountability throughout the organization. Location This role is based in London, England, United Kingdom.

About the Role Capco seeks an Operational Resilience & Cyber Risk Consultant to support clients in the financial services and energy sectors. This role focuses on helping organizations meet regulatory requirements such as PRA and DORA, while strengthening their resilience frameworks and closing exposure gaps. What You Will Do Conduct operational resilience assessments and scenario testing, then implement controls based on findings. Guide clients toward regulatory readiness for frameworks including PRA and DORA. Analyze cyber risk posture, assess third-party exposures, and address vendor resilience concerns. Develop governance models, dashboards, and reporting processes to monitor resilience efforts. Lead the implementation of tooling and support technology transformations that enhance cyber and operational resilience. Location This position is based in London, UK.

Role Overview Capco is hiring a Principal Consultant for Cyber & Operational Resilience in London (hybrid). This permanent position sits within the Finance, Risk, Regulatory & Financial Crime practice area. The role focuses on strengthening cyber and operational resilience for financial services clients, working closely with senior stakeholders to design and implement effective strategies that meet regulatory standards. Main Responsibilities Lead programs that transform cyber and operational resilience, ensuring compliance with frameworks such as PRA and DORA. Assess and enhance existing cyber resilience frameworks, controls, and operational models. Perform third-party and vendor risk assessments to uncover vulnerabilities in supply chains and technology environments. Create and deliver governance frameworks for resilience, including scenario testing and reporting (such as IBS/ITOL). Partner with technology teams to improve cyber tooling, cloud security, and related controls. What Capco Looks For Background in cyber risk management and operational resilience. Solid understanding of regulatory requirements and frameworks in financial services. Strong stakeholder management and communication abilities. Comfort working collaboratively in a hybrid (onsite and remote) setting.

Join Smartdesc as an Information Security ConsultantLocation: Field-based, primarily in the London areaEmployment Type: Full-timeSalary: £70,000 - £80,000As an Information Security Consultant at Smartdesc, you will collaborate with the Information Security and technical delivery teams to implement robust security solutions for our clients.Your role will involve providing strategic guidance on Information Security, aiding clients in enhancing their security posture, and overseeing a variety of security projects. This includes assisting clients in implementing security controls, conducting assessments based on industry best practices, and delivering assessment reports to Senior Leadership Teams to bolster their security measures.The position encompasses a diverse array of responsibilities, from strategic governance and risk management to advising non-profit organizations on maximizing the value of Microsoft Business Premium, E3, and E5 security solutions. You should be comfortable presenting security information to varied audiences, from part-time volunteers to executive boards.This customer-facing role demands a meticulous eye for detail and a proven track record in delivering exemplary Information Security practices.Key ResponsibilitiesAssess and identify steps organizations must take to enhance their security posture, creating roadmaps for continuous improvement while maximizing existing Microsoft licensing.Align security practices with frameworks and standards such as Cyber Essentials, NCSC CAF, and ISO 27001.Own or oversee key Information Security processes and procedures.Manage the Smartdesc MDR management service.Implement and oversee Information Security Risk Management programs.Identify and manage remediation actions to mitigate risks.Develop and maintain Information Security Policies.Create and deliver general and role-specific Information Security Training and Awareness programs.Raise, investigate, and manage IT Security incidents, ensuring appropriate follow-up actions.Provide IT security support to various business functions, including digital teams, IT infrastructure, and IT Service Desk.Develop and oversee Information Security Internal Audit programs.Supervise ongoing security testing, reviews, and audits.

Join Us in Shaping the Future of Cyber Security.At Quantexa, we believe in the power of innovation and continuous improvement. Our mission is to forge meaningful relationships with our clients and drive impactful change across various industries. With a diverse workforce comprising over 50 nationalities and 20 languages spoken, we foster an inclusive environment where every voice matters. Here, you will find the autonomy and support needed to craft a career that aligns with your aspirations.The Role.We are seeking a proactive and technically skilled Cyber Security Engineer to join our Security Operations team. In this hands-on role, you will be instrumental in safeguarding Quantexa's digital assets. Your responsibilities will include the operational management, optimization, and monitoring of essential security platforms, focusing on Zscaler, cloud monitoring via Wiz, and endpoint detection and response through CrowdStrike.Collaborating closely with the broader Security Operations team, you will ensure that security alerts, findings, and detections are efficiently triaged, validated, documented, and remediated. Your contributions will directly enhance Quantexa's security posture by minimizing risk, bolstering detection capabilities, and ensuring timely responses to security incidents.This position is ideal for a curious and detail-oriented professional who thrives on working with cutting-edge security tools, embraces disciplined execution, and seeks opportunities for ongoing improvement.Your Responsibilities.Wiz (Cloud Security Posture Management)Daily monitoring and triaging of Wiz findings, validating alerts and assessing operational impact.Engaging in tuning and threat hunting within Wiz and other security tools.Identifying misconfigurations, excessive permissions, and exposed assets while escalating issues as necessary.Tracking remediation progress with engineering teams and ensuring the resolution of high-priority issues.Zscaler (Web Security Tunnel 2.0)Reviewing and triaging Zscaler alerts and policy violations according to documented response procedures.Investigating suspicious traffic, access attempts, and user activity to determine legitimacy.

Role Overview Capco is hiring a Principal Consultant focused on Non-Financial and Operational Risk. This permanent position is based in London with a hybrid work arrangement. The role sits within the Finance, Risk, Regulatory & Financial Crime practice. What You Will Do Lead large-scale risk transformation programs, covering enterprise and operational risk areas. Oversee trade surveillance and market abuse frameworks, refining detection scenarios and controls for better outcomes. Advise clients on regulatory requirements and help design practical, strategic solutions. Apply and supervise AI and model tuning methods to strengthen risk monitoring and minimize false positives. Build and sustain relationships with senior stakeholders, acting as a trusted advisor to client leadership teams. Location and Employment Details Location: London (hybrid) Practice area: Finance, Risk, Regulatory & Financial Crime Employment type: Permanent

Join Timberseed as a Trainee Recruitment Consultant specializing in IT and Cyber Security!Located in the vibrant East London, we are thrilled to collaborate with a leading recruitment firm known for its excellence in IT and Cyber Security. With a solid presence in both the UK and the US, our partner boasts an impressive 20-year track record in the rapidly evolving fields of cyber security, corporate security, and data privacy.As the demand for skilled professionals in these areas continues to rise, we are excited to expand our team and are seeking motivated and ambitious recent graduates to embark on their careers as trainee recruitment consultants.We offer an exceptional training program led by industry experts, equipping you with the essential skills to thrive in recruitment. Successful consultants can benefit from our market-leading uncapped commission structure, allowing for potential earnings exceeding £15,000 on top of your base salary during the first year. Additionally, top billers enjoy exclusive incentives, including overseas trips, fine dining experiences, and extra days off.Your responsibilities will include:Identifying and attracting new candidates through various methods such as advertising, networking, and headhuntingParticipating in client meetings and networking eventsEvaluating candidates' qualifications, coordinating interviews, and overseeing the interview processFacilitating the offer process, ensuring candidates are well-informed and enthusiastic about their offersThe ideal candidate will possess:A strong work ethic, ambition, and a proactive approachExcellent interpersonal skills with the ability to communicate effectively both in writing and verballyA capacity to listen, adapt, and respond to diverse personalities and situationsResilience and determinationA keen interest in ITA minimum of a 2.1 degree from a Russell Group UniversityAt Timberseed, we are committed to guiding you through every step of the recruitment process. We will assist you with your CV, prepare you for interviews, and provide valuable advice on showcasing your strengths.

Join our esteemed Digital Forensics and Incident Response team in London as an Associate Consultant or Consultant. In this pivotal role, you will leverage your technical expertise to deliver consultative solutions in Digital Forensics, Incident Response, Cyber Security, and eDiscovery to a diverse clientele that includes Law Firms, Fortune 500 companies, and Government entities. You will act as a technical lead on various cases, collaborating closely with our regional and international Discovery & Data Insights teams (DFIR/Legal Technologies/Data Analytics) as well as our Cyber Response, Crisis Management, and Investigations teams. Additionally, you will play a key role in business development by contributing your subject matter expertise to articles, presentations, and marketing initiatives.Key Responsibilities:Provide expert consultancy and forensic/incident response services, including data collection, investigative analysis, and cyber security solutions for our clients.Support Investigation teams across different regions, ensuring high-quality deliverables are provided efficiently and in a timely manner.Ensure all work adheres to evidential standards and is defensible in legal contexts.Offer expert testimony in court as needed.Innovatively engage in team collaboration and initiate creative solutions to enhance efficiency.Proactively anticipate client needs and drive conversion of inquiries into sales leads and proposals.Actively participate in marketing and business development strategies.Availability for international travel, up to 25% of the time.

Founded in 1990, Methods has been at the forefront of transforming public sector operations across the UK, partnering with various central government departments and agencies.Our mission is clear: to enhance and secure public-facing services. By applying innovative digital thinking, we ensure that the future of our public services is centered around the needs of our citizens.What sets us apart from typical consultancies, system integrators, and software houses is our commitment to a customer-centric value system. We focus on delivering solutions that genuinely meet our clients' needs.We are dedicated to supporting our clients in their project successes, fostering collaboration to share skills and effectively solve challenges. At Methods, we work hard but also embrace the joy of our work, learning from our experiences, including our mistakes.As experts in providing secure and resilient cyber and information services, we prioritize the protection of systems and data. Our tailored security roadmaps significantly reduce risks and vulnerabilities associated with cyber-attacks.We assist organizations in enhancing processes like threat management through the development of identity management programs, as well as establishing robust prevention, detection, and response capabilities against cyber threats.

Join our dynamic team at Lendable as a Cyber Security Engineer, where you will play a pivotal role in safeguarding our digital assets and ensuring the integrity of our systems. In this position, you will be responsible for the design, implementation, and maintenance of security protocols across our network and applications. You will work closely with cross-functional teams to identify vulnerabilities and develop strategies to mitigate risks.

Join our dynamic team at Pace Consulting as a Product Security Specialist, focusing on the critical field of cyber security for medical devices. In this role, you will be responsible for ensuring the security and integrity of medical products throughout their lifecycle. This position demands a proactive approach to identifying vulnerabilities and implementing effective solutions to safeguard sensitive patient data and comply with regulatory standards.

Join our team as a Managing Consultant specializing in Digital Trust and Cyber Security within the Financial Services sector. In this pivotal role, you will lead initiatives aimed at enhancing our clients' security posture and ensuring their digital trustworthiness. Collaborate with cross-functional teams to design and implement innovative solutions that address the complex challenges of cybersecurity and data protection.

The Economist Group is seeking a dedicated and skilled Cyber Security Engineer to join our dynamic team in London. In this role, you will play a crucial part in safeguarding our digital assets and ensuring the integrity of our systems against various cyber threats. You will work closely with cross-functional teams to implement security measures, conduct risk assessments, and respond to security incidents.

This internship at Control Risks centers on global risk consultancy and is designed for university students eager to develop professional skills in the field. The program provides practical experience, allowing interns to work closely with seasoned consultants on real client projects and challenges. Role overview Interns contribute directly to ongoing assignments, supporting risk management and client service efforts. The experience is structured to give insight into how consultants address complex issues for clients worldwide. Location This position is based at London Bridge in London, England. Duration The internship runs full-time for six months, with the potential for extension depending on business needs and performance. Application deadline Applications are accepted until 1st May, 2026.

Shawbrook is seeking an experienced Internal Audit Assistant Manager specializing in Technology and Cyber to join our dynamic team in London. This role is pivotal in ensuring the integrity and efficiency of our internal audit processes, specifically within the realms of technology and cybersecurity.As the Internal Audit Assistant Manager, you will lead audit engagements, assess risks, and provide insights that contribute to the enhancement of our operations. Your expertise will guide our organization in addressing cybersecurity challenges and implementing best practices.

As a seasoned and senior member of the London DFIR team, you will play a crucial role in our broader EMEA practice, contributing to a global network that shapes our forensic investigation and cyber incident response capabilities. The Discovery & Data Insights team serves as the technical consulting hub, allowing you to provide consultative solutions across various workstreams, including forensic investigations, eDiscovery, and data analytics. Our clientele consists of prestigious law firms, Fortune 500 multinational corporations, and various government and law enforcement agencies worldwide.In the capacity of Senior Consultant, you will collaborate closely with teams across different regions and foster constructive relationships with Control Risks’ dedicated Cyber Response practice, as well as the wider Discovery & Data Insights team. Your professional conduct and sound decision-making will build trust and uphold integrity among our clients and colleagues. This role demands technical expertise and acute sensitivity to client needs and expectations. You will utilize your skills and experience to craft innovative solutions and establish agile operational standards, positioning yourself as a recognized subject matter expert in technical consulting services.Your daily responsibilities will include being on-call for urgent matters and supporting crisis management efforts. As the technical lead for engagements, you will ensure quality-driven, responsive forensic incident management while delivering services that meet and exceed client expectations and company standards.

Control Risks is seeking an experienced Senior Regional Security Manager to spearhead security initiatives for a prominent multinational consumer goods organization across the Europe, Middle East, and Africa (EMEA) region. This pivotal role will align security strategies with corporate objectives and operational priorities, ensuring effective communication with regional business leaders and compliance with global security programs tailored to local needs.The successful candidate will be based in the client’s London office, with access to Control Risks offices as necessary.Key Responsibilities:Conduct thorough risk and threat assessments to create comprehensive Site Security Plans, enhancing our security posture to safeguard personnel, facilities, and business interests in collaboration with business leaders and external partners.Design and execute robust security strategies that effectively mitigate risks while aligning with business goals and industry best practices.Perform regular security audits to ensure program integrity and adherence to security standards.Lead security investigations involving internal and external resources, support compliance inquiries, and oversee the Threat Management Team's efforts in addressing workplace violence threats and incidents.Manage the implementation of security standards, optimizing resource allocation and promoting cost-effective solutions.Guide the activities of Security Champions and Security Suppliers to ensure comprehensive security coverage across all regional facilities, enforce compliance with the Security Guard Force Standard, and collaborate with Mill Managers and Business Segment Leaders to develop improvement strategies.Oversee Executive Protection functions, including the physical security of the CEO’s office and residences, security awareness training, and security arrangements for Board of Director/Special meetings.Work alongside the Program Owner, Leadership Team, and key stakeholders to drive enhancements in the Physical Security Program, including systems, security guard force, and Global Security Operations Center.Stay abreast of cutting-edge trends and technologies in security management relevant to the industry and region.Build and maintain strong relationships with senior law enforcement, intelligence, and private sector counterparts.Provide briefings to senior executives on security incidents and participate in business segment committees and working groups.