Cyber Advisory - Senior Consultant

Forvis Mazars is a leading global professional services network providing audit & assurance, tax, and advisory services. Forvis Mazars in the UK spans 14 offices across the nation and has over 3,400 professionals, with 190 partners. We have a clear purpose and a shared commitment to shape a better future.

You'll join a collaborative and inclusive team where you're supported to grow your skills, explore new opportunities, and contribute from day one. You'll work with a diverse client base, develop meaningful connections, and gain experience that extends beyond your local team. Together, we grow, belong and impact.

About The Team

The Cyber Advisory team provides cyber security assurance, advice and guidance to clients on all aspects to help them build and maintain a robust security environment. We identify cyber risks and work closely with clients to understand their unique set of digital opportunities and challenges, providing tailored and strategic advice and guidance. We support our clients in assessing, building and managing their cyber security capabilities, from ensuring compliance with industry regulations, and mitigating potential risks to moving them towards a more mature security posture.

Within the national cyber security team you will be responsible for delivering cyber security assurance and advisory work to a range of clients nationally and internationally.  Our broad range of clients, including those in FTSE 350, will allow you to gain experience across a range of sectors including:

Financial Services, Banking, Insurance and Investment

Corporates/Private Sector/Industry & Services

Central and Local Government

Retail and Consumer products organisations

Job Purpose

The role is to support the team in delivering internal audits but also larger scale advisory engagements. This means assisting in all aspects of the project lifecycle primary execution of fieldwork and preparation of deliverables including actively contributing to final recommendations.

Your responsibilities will include:

Being actively involved in the delivery of our Internal Audit/Consulting engagements.

Act a subject matter expert in various security and risk management domains (e.g., IT risk management, cyber risk, security target operating model, governance, compliance, cyber security maturity assessment, metrics and C-level dashboards…) and leading industry-based practices (e.g. NIST CSF, ISO 2700x…)

Managing the coordination and communication of key findings and results of engagements, producing written reports and supporting oral presentations to senior client management and key senior stakeholders

Maintaining an expertise and currency in industry trends

Managing and mentoring junior consultants assigned as members of engagements

Contributing to the development of project management, quality assurance and professional consulting and auditing approaches/methodologies.

The Candidate

We're looking for someone who is seriously interested in the cyber security area and wants to get first-hand experience in working in multiple industries with companies who need our help. We will help support you in every step of the way with on the job training as well as support for attaining industry professional certifications which will enhance your career in this field.

Skill, Knowledge & Experience

The candidate will be expected to use their technical expertise to delivery projects and to ensure that our clients comply with their regulatory obligations including NIS2 or DORA.

You will need to have a broad experience of security risk management and have evidence of experience in a number of the following fields of expertise:

Full understanding of the DORA regulation & NIS2 Directive and experience in implementing the regulations

Experience working with regulated financial services entities

3+ years' varied experience in information security, risk management

Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS2 and DORA

Hands-on experience building credibility with external stakeholders

Proven ability to guide and collaborate with senior stakeholders in a similar GRC, security, or risk management role

Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders

The ability to explain complex topics to a diverse range of audiences

Strong attention to detail and the ability to deliver high quality work

CompTia Security +, CRISC, CISM or CISSP certification advantageous.

Diversity, Equity & Inclusion

At Forvis Mazars diversity, equity and inclusion are central to our values. We value our people's unique backgrounds, perspectives, and experience, and know this diversity create better outcomes for our clients.

We seek to attract, develop, and retain the best talent, inclusive of sex, ethnicity, disability, socio-economic background, sexual orientation, gender identity, nationality, and faith.

We select candidates based on skills, knowledge, qualifications, and experience and aim to support all our team members to reach their potential.

At Forvis Mazars, we promote an environment in which you can grow your skills, belong to a team that values your ideas, and make an impact that matters