Senior Security Consultant – ISO 27001 Specialist

Join a fast-growing cyber consultancy delivering across public, private, and defence sectors

Location: Hybrid (UK-based, with occasional travel to client sites)

Employment Type: Full-time, Senior level

Overview

Sanderson Government & Defence are working with a scaling cyber security consultancy that’s delivering high-value security solutions to some of the UK’s most complex organisations across public, private, and defence sectors.

We are looking for a Senior Security Consultant with a deep understanding of ISO 27001 implementation and delivery to join a collaborative, fast-growing team. You’ll be working on varied and challenging engagements, providing both hands-on delivery and strategic security advice to a broad portfolio of clients.

With the consultancy in a period of rapid growth, this role offers significant scope for progression, flexibility in how you work, and the chance to shape the way security is delivered at scale.

Key Responsibilities

• Lead ISO 27001 implementation projects, from initial gap analysis to certification readiness
• Advise clients on information security management systems (ISMS) design, deployment, and continuous improvement
• Conduct risk assessments, security audits, and compliance reviews against ISO 27001 standards
• Support clients in achieving and maintaining compliance with security frameworks and regulatory requirements
• Engage with stakeholders at all levels to embed security best practice in business processes
• Mentor junior consultants and contribute to knowledge sharing within the team
• Stay current with security trends, regulatory changes, and industry best practices

Required Skills & Experience

• Proven track record of ISO 27001 implementation and delivery (end-to-end)
• Strong consultancy background with client-facing experience
• Ability to conduct risk assessments and security audits confidently
• Excellent communication skills, able to explain technical concepts to non-technical stakeholders
• Solid understanding of broader information security frameworks and governance practices
• Willingness to travel to client sites as required (UK-wide)

Desirable

• ISO 27001 Lead Implementer or Lead Auditor certification
• Experience in public sector, defence, or highly regulated industries
• Knowledge of additional standards such as NIST, Cyber Essentials Plus, or PCI DSS

Why Join This Consultancy?

• Flexible, hybrid working with trust and autonomy in how you deliver
• Variety of projects across multiple sectors – no two engagements are the same
• Clear progression pathways in a growing, ambitious company
• Collaborative, knowledge-sharing culture where your expertise is valued
• Competitive salary and benefits, plus investment in ongoing training and certifications

Apply via Sanderson to join a forward-thinking consultancy where you’ll make a real impact on client security maturity while developing your own career.

All applications are handled in strict confidence.