As part of our continued growth and increasing client demand for robust cyber and information security services, Moore Kingston Smith is seeking a skilled and motivated Cyber Security Consultant to join our client-facing advisory team. You will join Moore ClearComm, the cyber security advisory arm of Moore Kingston Smith, an NCSC‑recognised cyber security team operating within our wider business, technology and compliance risk practice.
This is a hands-on consulting role that will see you working with a wide variety of organisations, ranging from scale-ups to established businesses across multiple sectors. Whether clients are just beginning their security journey or enhancing mature programs, you will provide tailored, actionable advice to support their operational resilience and regulatory compliance.
With access to a diverse portfolio of clients, this is an excellent opportunity to deepen your InfoSec expertise and play a meaningful role in helping businesses improve their defences in a fast-evolving threat landscape. We are looking for a proactive well-rounded consultant with strong technical fundamentals, an ability to think critically, and a genuine interest in helping clients succeed.
This is a hands-on consulting role that will see you working with a wide variety of organisations, ranging from scale-ups to established businesses across multiple sectors. Whether clients are just beginning their security journey or enhancing mature programs, you will provide tailored, actionable advice to support their operational resilience and regulatory compliance.
With access to a diverse portfolio of clients, this is an excellent opportunity to deepen your InfoSec expertise and play a meaningful role in helping businesses improve their defences in a fast-evolving threat landscape. We are looking for a proactive well-rounded consultant with strong technical fundamentals, an ability to think critically, and a genuine interest in helping clients succeed.
Key Responsibilities
- Lead and support the delivery of cyber and information security assessments, audits, and control reviews across diverse industries.
- Identify and assess security control weaknesses, articulate associated risks, and provide pragmatic recommendations tailored to client environments.
- Produce high-quality, concise documentation including audit reports, risk assessments, and advisory outputs.
- Collaborate with technical and business stakeholders to design or enhance security control environments aligned to frameworks such as ISO 27001, NIST CSF, CIS Controls, and Cyber Essentials.
- Maintain up-to-date knowledge of cyber threats, mitigation strategies, regulatory requirements, and industry best practices.
- Contribute to the continuous improvement of internal methodologies and security services.
- Build and maintain strong client relationships with a service-focused mindset.
- Identify client challenges and future needs that may lead to service expansion opportunities.
- Contribute to business development and client growth by supporting proposal creation, project scoping, thought leadership (e.g., blogs, webinars), and collaborating on presentations, tenders, and workshops with senior team members.
- A proactive, client-oriented mindset with a passion for continuous learning and improving security outcomes.
Skills, Knowledge and Expertise
Essential
- Experience within cyber security consulting, security auditing, or risk advisory roles.
- Experience in delivering client-facing cyber risk advisory services.
- Experience delivering assessments aligned with industry standards such as ISO 27001, NIST, CIS, NCSC 10 Steps, and GDPR.
- Strong written and verbal communication skills, able to clearly articulate technical jargon to non-technical audiences and write impactful deliverables.
- Experience planning and delivering engagements independently and as part of a team, within tight timescales, to budget and a high level of quality.
- Competent in working with a range of clients, from SMEs to large enterprise environments.
- Experience preparing, supporting, or auditing certification audits (e.g., ISO 27001, SOC 2, Cyber Essentials)
Desirable
- Industry-recognised certifications such as ISO 27001 Lead Auditor/Implementer, CISSP, CISA, CISM, or similar.
- Exposure to penetration testing, or hands-on vulnerability assessment (even if not a primary role).
- Experience with public cloud platforms (e.g., AWS, Azure, GCP, MS365) and understanding of cloud security principles.
- Experience in Operational Technology (OT) and understanding of SANS standards.
- Familiarity with modern security technology and tools, SIEM, and security automation.
- Hands-on experience in security or IT engineering, including implementing technical controls, hardening systems, securing networks, or supporting secure architecture design.