Senior Cybersecurity Consultant

Exponential-e

Founded in 2002, Exponential-e swiftly established itself as a UK Cloud, Connectivity and Communications pioneer. Throughout our history, a focus upon leveraging leading-edge technology to deliver profitable and innovative services to our clients and prospects has resulted in industry and peer recognition for our ground-breaking approach, a truly world-class ICT services company.

We're a company of innovators who think big and achieve bigger Our people are crucial to the continuing success of our company. From our CEO to our new Graduates, each of our people demonstrates our PRIDE principles which are at the core of everything we do.

The overall purpose of the job:

The Senior Cybersecurity Consultant is a senior-level strategic advisor responsible for developing and managing executive-level cybersecurity relationships within key customer organisations, particularly across the UK Public Sector, Healthcare, and Defence. This role goes beyond tactical delivery to shape long-term cybersecurity transformation through deep, trust-based advisory engagements. They will:

• Act as a retained or fractional CISO to designated high-value clients, particularly in regulated or nationally significant sectors
• Lead cyber maturity engagements from executive workshops through to multi-year strategic programme design
• Bridge the gap between business risk, regulatory compliance (CAF, DSPT, NIS2, GovAssure), and MSSP service capabilities
• Own and influence the development of enterprise-wide cyber roadmaps aligned to national and sectoral frameworks
• Guide senior stakeholders (e.g., CIOs, CISOs, Boards) through decision-making around programme investment, risk prioritisation, and governance maturity
• Lead the advisory-to-service conversion lifecycle, working closely with internal solution and delivery teams
• Shape major MSSP deals and transformational security programmes — covering domains such as MDR, PAM, GRC, and policy assurance
• Represent Exponential-e in high-trust, high-impact relationships where strategic cybersecurity outcomes are key

Key responsibilities for this job:

• Deliver high-trust, strategic cybersecurity advice to senior executives across complex organisations, including boards, CIOs, CISOs, and risk owners
• Design and lead cyber strategy workshops, guiding clients through maturity planning, compliance frameworks, and organisational change
• Develop and own enterprise-level cybersecurity roadmaps aligned with business risk, sector regulation, and technology transformation
• Lead strategic programme planning and oversight across multiple domains (e.g., cyber operations, incident response, access management, governance)
• Translate assessment findings into multi-year MSSP programmes and service engagements, supporting recurring revenue growth
• Shape and influence large-scale bids, programme proposals, and Board-level business cases
• Represent Exponential-e in executive-level governance forums, cyber steering committees, and strategic reviews
• Collaborate with internal service leads, GRC consultants, and technical architects to build integrated solutions tailored to client objectives
• Guide preparation for and response to assurance regimes (CAF, GovAssure, DSPT), certifications (ISO 27001), and reviews
• Act as a visible cybersecurity thought leader within key sectors — representing the firm at industry events, forums, and customer advisory boards

Success in this role looks like:

• 5–10 strategic C-level relationships developed per year
• £3M–£4M in strategic pipeline influenced or originated
• Multi-year cybersecurity transformation programmes delivered

Knowledge and experience required:

• Must hold or be eligible for SC clearance (UK national or at least 5 years UK residency required)
• Experience in cybersecurity, operating in a CISO, Deputy CISO, Cyber Programme Lead, or strategic advisory role
• Proven ability to engage at CxO and board level, influencing and guiding security strategy, investment decisions, and risk governance
• Deep knowledge of cybersecurity frameworks and compliance regimes, including:
• UK Government Cyber Assessment Framework (CAF)
• NHS DSPT and DTAC
• ISO ISMS design and audit)
• NIS2 Directive (or experience preparing for UK NIS implementations)
• GovAssure and associated assurance processes
• Practical experience designing and delivering multi-year cybersecurity roadmaps, transformation programmes, or security operating models
• Familiarity with critical MSSP domains such as SIEM, SOC, vulnerability management, GRC tooling, PAM, and incident response frameworks
• Clear understanding of sector-specific cybersecurity concerns in NHS, MOD, central/local government, and defence supply chain organisations
• Track record of converting advisory input into service opportunity — acting as the strategic owner of a cyber transformation journey
• Ideally holds or has held one or more certifications such as CISSP, CISM, CCISO, SABSA, or a related strategic governance qualification

Desirable skills and qualifications:

• Certifications: CISSP, CISM, CCISO, SABSA
• Experience with ISO 27001 implementations or CE+ assurance
• Familiarity with MOD, NHS, or UK Government stakeholder environments

Our People

Our people are what makes Exponential-e Group the company it is today. This year's employee survey highlighted that 81% of employees who took the survey, would recommend a friend to work for our organisation.

Learning and development are fundamental parts of daily life at Exponential-e. From their first day at the company, everyone is provided ample opportunities to develop their skills and broaden their horizons, with our own L&D team running a range of bespoke courses, based on the latest innovations and challenges across the digital landscape.

Exponential-e Group is committed to providing equal opportunities in employment and treating all employees with respect and dignity. The company respects and values the diversity of its staff, striving to maintain an environment where there is opportunity for everyone to feel valued, their talents to be utilised and for both personal and organisational aspirations to be met. Every employee plays a vital role in helping to create an inclusive working environment by understanding and harnessing difference in a positive way.