Security Consultant (Contract)

Cyber Exercises

• Plan, coordinate and execute complex cyber exercises involving multiple business and technology stakeholders with varying priorities, managing vendor evaluation, procurement processes and security clearance requirements.

• .Develop comprehensive exercise frameworks including realistic scenarios, participant matrices, detailed logistics coordination (venues, equipment, access arrangements), and supporting artefacts while facilitating stakeholder review and approval processes across competing requirements.

• Monitor participant performance and exercise flow throughout exercise, then drive thorough post-exercise analysis, lessons learnt consolidation, action item tracking and closure with accountable owners across departments and organisational boundaries.

Phishing Simulation Exercises

• Coordinate end-to-end phishing simulation exercises across diverse organisational audiences, managing campaign scheduling, vendor coordination, content approvals and complex stakeholder communications.

• Analyse results and identify vulnerability patterns across departments, send personalised results notifications to affected participants, and implement education frameworks including classroom training and counselling sessions.

• Drive systematic follow-up actions and targeted remediation programmes while balancing educational impact with operational constraints.

Cybersecurity Awareness Programme

• Manage end-to-end delivery of mandatory cybersecurity e-learning programmes across the organisation, coordinating with third-party content providers while navigating competing deadlines and stakeholder expectations.

• Achieve 100% completion targets through systematic tracking, targeted follow-up communications, escalation management with supervisors, and comprehensive regulatory compliance reporting.

• Monitor participation metrics across departments, document legitimate exemptions with appropriate justifications and approvals, and coordinate with stakeholders to address completion gaps while maintaining audit-ready documentation.

• Develop and implement cyber event strategies aligned with organisational objectives.

• Manage event budgets, timelines, and resources to ensure successful delivery within constraints.

• Liaise with internal stakeholders, external vendors, and service providers to coordinate event logistics.

Cybersecurity Advisories

• Coordinate development and dissemination of evidence-based cybersecurity advisories, planning advisory timing in accordance with phishing exercise schedules to maximise educational impact while translating complex technical inputs into actionable guidance for diverse audiences.

• Manage multi-channel deployment (email, intranet, visual aids) while balancing urgent threat communications with planned advisory schedules, reserving flexibility for ad-hoc advisory requests and competing organisational priorities.

• Maintain distribution frameworks, communication templates and engagement tracking while ensuring rapid response capability for emerging threats and incidents.

Cybersecurity Project Management

• Lead and manage cybersecurity projects across the organisation, including tool implementation, process improvements, and compliance initiatives.

• Collaborate with business units to ensure successful delivery and adoption whilst managing multiple workstreams, timelines, and dependencies.

• Track project milestones, risks, budgets, and provide strategic reporting to enhance organisational security posture.

Vendor & Contract Management

• Manage cybersecurity vendors including awareness platforms, incident response partners, and security solution providers.

• Oversee contract renewals, performance reviews, SLAs, and procurement processes whilst ensuring compliance with internal and regulatory requirements.

• Conduct comprehensive vendor evaluations, manage security clearance requirements, and coordinate procurement processes.

• Minimum 3 years of experience in IT programme/project-related work (e.g., Planning and executing awareness programmes and events).

• Minimum 2 years of experience in Cybersecurity (e.g., Implementation of security tools in enterprise environment, security awareness, incident response, or related domains).

• Bachelor's degree in a relevant field (e.g., Information Technology, Computer Science, Business, Communications, or related disciplines).

• Cybersecurity certifications (e.g., CISSP, CISM, Security+, GCIH, or equivalent).

• Project management certifications (e.g., PMP, PRINCE2, Agile/Scrum certifications).

• Demonstrated ability to manage multiple workstreams, timelines and dependencies, with strong attention to detail.

• Excellent stakeholder management and communication skills; enjoys engaging both technical and non-technical audiences.

• Strong analytical skills with ability to interpret data, identify trends and translate insights into actionable recommendations.

• Thrives in highly collaborative, fast-paced environments with frequent stakeholder interactions and presentations.

• Experience with data analysis, creating dashboards and reports for management reporting.

• Ability to work independently and assume responsibility for programme deliverables

• Experience in reporting and dashboarding tools (e.g., JIRA, Excel, Power BI, Tableau).

• Experience with Agile/Scrum methodologies.

• Automation skills (e.g., Python, VBA, Power Automate, scripting) for process improvement and efficiency.

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This is a 2-Year Contract. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.