Cyber Security Consultant - SbD

Cyber Security Consultant - Secure by Design | £42-52k | Portsmouth, Hybrid | SC Clearance

Qualifications, skills, and all relevant experience needed for this role can be found in the full description below.
Are you a cyber security professional with a background in defence and a strong grasp of how Secure by Design should work in practice - not just in theory?
A specialist consultancy with a strong reputation in the defence and government space is looking to bring on a Cyber Security Consultant to support their growing portfolio of MOD-facing work. This is a genuine opportunity to do meaningful, technically credible work in an environment that values expertise over headcount.
Salary: £42-52k DOE
Package: Gym, private medical, company pension
Working Structure: Hybrid in Portsmouth ~2 days onsite
Security Clearance: Eligibility or active SC clearance
The Role:
This position has two distinct dimensions. On one hand, you'll be conducting structured assessments - evaluating how well Secure by Design principles are being embedded across defence programmes and producing clear, evidence-backed findings. On the other, you'll be working alongside programme teams to help them act on those findings, guiding them through the practicalities of building security in from day one rather than retrofitting it later.
Day to Day You'll Be:
Assessing how Secure by Design principles are being applied across programmes and systems, and producing well-evidenced findings and recommendations
Reviewing system designs, architectures, and change proposals to identify where security hasn't been adequately considered
Supporting client teams in embedding SbD into their ways of working from the outset
Evaluating risk ownership and escalation practices, helping stakeholders understand where accountability is unclear or gaps exist
Producing security cases, assessment reports, and assurance documentation to a high standard
Helping develop practical SbD guidance and processes that client teams can realistically use day to day
Supporting broader assurance activity including assessments against the CAF
Communicating clearly with technical and non-technical stakeholders, ensuring findings are understood and acted upon at every level
Contributing to proposal writing, business development conversations, and the ongoing development of the consultancy's SbD service offering
What You'll Need:
A solid working knowledge of MOD Secure by Design principles and how they apply across the defence acquisition and system lifecycle
Around 2-3 years of hands-on experience in cyber security risk assessment, security architecture review, or security assurance
The confidence to work within client organisations, build relationships, and influence without direct authority
Eligibility to obtain SC clearance, requiring at least 5 years continuous UK residency
A full UK driving licence and willingness to travel to client sites approximately two days per week.
Desired but not essential:
Practical experience applying MOD SbD principles within defence programmes
Experience working in defence or wider public sector cyber security environments
Familiarity with the CAF, NCSC guidance, GovAssure, or related frameworks
A professional certification such as CISMP or CCP, or active progress towards CISSP or CISM
A cyber security related degree or equivalent professional development
Apply now or reach out directly for a confidential conversation.
Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. xwzovoh
To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.