Senior Risk and Resilience Consultant (Information Security Consultant)

We have an exciting, permanent opportunity for a Senior Risk &Resilience Consultant / Information Security Consultant to join any of our 11 UK offices (hybrid working) as we continue to grow following the Howden acquisition.

We are looking for an experienced Information Security Consultant to support our clients in improving their security posture and achieving recognised certifications. This role is hands‑on and client‑facing.

• Lead and support clients through the implementation of ISO/IEC 27001, from gap analysis to readiness for certification
• Plan and conduct internal audits against ISO/IEC 27001, including reporting findings and recommending improvements
• Guide organisations through the Cyber Essentials and Cyber Essentials Plus certification process
• Design, review, and improve information security policies, processes, and controls that are proportionate and practical
• Explain information security risks to stakeholders in clear, business‑focused terms, linking technical issues to business impact such as operational disruption, financial loss, regulatory exposure, or reputational damage
• Deliver information security training and awareness sessions to staff at different levels of the organisation
• Tailor training content to suit technical and non‑technical audiences
• Support and guide clients in the event of an information security incident, helping them understand next steps, containment, and reporting obligations
• Support clients with third‑party security assessments, including responding to customer security questionnaires; Assessing supplier security posture and risks; Advising on proportionate assurance and risk treatment approaches
• Manage security projects, including planning, tracking progress, managing risks, and meeting deadlines
• Act as a trusted advisor, translating security requirements into clear business actions
• Facilitate workshops and meetings with stakeholders ranging from operational teams to senior leadership
• Produce clear, well‑structured documentation and reports suitable for both technical and non‑technical audiences
• Support continuous improvement of clients’ information security management practices

We would love to hear from you if you have:

• Proven experience implementing ISO/IEC 27001 within an organisation or as a consultant and performing or supporting internal audits against ISO/IEC 27001
• Practical experience guiding organisations through the Cyber Essentials certification process
• Experience delivering information security training or awareness sessions
• Experience supporting or responding to third‑party security assessments or questionnaires
• Demonstrated ability to communicate information security risks in business terms, not just technical language
• Excellent understanding of information security risk management and controls
• Experience managing projects, including timelines, dependencies, and stakeholder expectations
• Excellent communication skills, both written and verbal with confidence engaging with people at all levels of an organisation, including senior management

• Experience with data protection and privacy, such as UK GDPR or EU GDPR
• Experience supporting organisations during security incidents or data breaches
• Experience assessing supplier risk or working with vendor risk management processes
• Experience with supporting organisations with Business Continuity planning (ISO 22301)
• Relevant certifications (e.g. ISO 27001 Lead Implementer, Lead Auditor, Cyber Essentials Assessor, CISM, CISSP)
• Previous consultancy or client‑facing experience

• Competitive discretionary annual bonus.
• Core benefits paid for by BW including life assurance, group income protection, private medical cover and 25 days holiday per year with holiday trading.
• A generous pension scheme where we contribute 8% of your salary from day one of your employment.
• Employee Assistance Programme to support you and your family through any concerns or challenges you may experience.
• A comprehensive range of voluntary benefits to suit you (and your family) including an electric car leasing scheme, tech scheme, cycle to work scheme, dental cover, healthcare cash plan, health assessments, critical illness cover, extension of private medical cover or life assurance to family members, Sports Allowance – we pay up to 50% of your gym/sports membership (up to 50 pm), travel insurance, paid volunteering, and a broad range of discounts at hundreds of retailers including supermarkets, fitness centres, travel and leisure companies.