Security Advisor

London, United Kingdom

Full Time

UK - Security

Manager/Supervisor

About Us

Thrive is an innovative technology solutions provider focused on Cyber Security, Hybrid Cloud, Global Network Management, Disaster Recovery, and traditional Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon NextGen services help us stand out among our peers. Thrive is on the look-out for individuals who don't view their weekdays spent at 'a job' but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you're attracted to a work hard, play hard environment and seek the guidance, training, and experience necessary to build a lucrative career, then welcome to THRIVE

Position Summary

The Security Advisor is part of the global Thrive vCISO Advisory Services team. Candidates for this position will have established Information Security experience across governance, risk, compliance, or security operations, with the confidence to engage directly with client stakeholders. This role moves beyond support duties into managing client deliverables, leading discussions with operational teams, and contributing to security strategies under the guidance of a vCISO

Security Advisors bridge the gap between strategic vision and operational execution. They take ownership of deliverables such as risk assessments, security policies, awareness training, and compliance reports, ensuring outputs align with business needs and regulatory obligations. Acting as the main point of contact for day-to-day engagements, Security Advisors facilitate workshops, analyse security data, and translate technical findings into practical recommendations that enhance client security posture.

Responsibilities:

• Act as the primary coordinator for client ISO 27001 Information Security Management System (ISMS) operations, including document control, evidence collection, and control effectiveness monitoring
• Act as the onsite client representative for the Thrive, with strong client-facing experience and an ability to balance the needs of the client
• Lead recurring ISMS activities such as risk registers, Statement of Applicability maintenance, internal audit preparation, and corrective action tracking
• Develop, update, and maintain client Information Security policies, standards, and procedures to ensure ongoing compliance with ISO 27001 and related frameworks
• Facilitate risk assessment workshops with client teams, analyse outputs, and draft risk treatment plans for senior vCISO review
• Compile quarterly client security reports and dashboards, highlighting key ISMS metrics, audit status, and compliance posture
• Serve as the day-to-day point of contact for operational client stakeholders (IT managers, compliance teams, project leads), escalating strategic or board-level issues to the client's vCISO.
• Review client environments against Thrive Security Services data, third-party assessments, and audit evidence to identify control gaps
• Collaborate with internal delivery teams to align Thrive processes with client ISMS requirements and industry good practiceMentor and collaborate across the Thrive team, assisting the accounts team and delivery teams
• Collaborate with vCISOs to develop client roadmaps, ensuring that tactical ISMS improvements align with broader security strategy
• Collaborate closely with the vCISO, vCIO, Account Manager, and other Thrive resources to collect data related to an organization's security and technology infrastructure, processes, and Cybersecurity initiatives.
• Perform team administrative duties as directed, to include scheduling client kickoffs and meetings, creating customer communications and correspondence, and serving as vCISO team liaison to Thrive Security Operations and Engineering.
• Assist in developing quarterly customer presentations documenting vCISO milestones and roadmaps, Information Security KPIs, patterns, and opportunities for improvement in the client's Security landscape.
• Assist with Security Advisory Services initiatives as directed by the VP of Cybersecurity Advisory Services.

Qualifications:

• Strong analytical and critical thinking skills to interpret complex data and extract actionable insights.
• Familiarity with Information Security terminology and concepts, as well as proficiency in security tools, software and frameworks (CIS Experience strongly preferred).
• Strong experience in operation of an ISMS in line with ISO27001:2022, ISO27001 lead implementer preferred
• Excellent written and verbal communication skills to convey findings and recommendations effectively.
• An uncompromising commitment to customer service and the delivery of exceptional experiences to clients. The vCISO team is a relationship driven service and extraordinary customer care will be the expectation level for all client interactions.
• Meticulous attention to detail to ensure data and deliverable accuracy and completeness
• Ability to work collaboratively with the vCISO and other team members in a fast-paced environment.
• Willingness to adapt to changing client needs and evolving cybersecurity landscapes
• A proactive and creative approach to identifying and solving Information Security-related challenges.