Cyber Security Consultant
CBSbutler Holdings Limited trading as CBSbutler
Cyber Security Consultant - Incident and Vulnerability Management
+6 months +
+1 day a week on site in London / Preston / Birmingham - 4 days WFH
+Inside IR35
+£550 - £580 a day
+SC cleared role - must have current active clearance
+Sole British nationals only due to nature of the project
Role Description:
Security Incident & Vulnerability Management Consultant
(Operational Integrator / SIAM - Transition Role)
UK Sole National ONLY
Security Clearance required
Role Summary
The Security Incident & Vulnerability Management Consultant operates within the Operational Integrator (OI) function to support the transition to a multi-supplier (SIAM) model within a Defence environment.
The role focuses on understanding, aligning and governing existing high-severity security incident management (S3/S4) and vulnerability management processes across suppliers. Ensuring a consistent, risk-based approach in line with client policy and regulatory requirements, supported by appropriate evidence.
The outcome is a coherent, evidence-driven view of security risk, covering both active incidents and underlying vulnerabilities, with processes standardised and ready for BAU handover.
This is a governance and coordination role, not a hands-on SOC, incident response, or vulnerability remediation function.
Key Responsibilities
- Align and standardise supplier processes for high-severity incidents (S3/S4) and vulnerability management.
- Establish governance for incident severity, escalation, vulnerability prioritisation (CVSS, KEV, EPSS), and risk acceptance.
- Coordinate multiple suppliers to ensure consistent delivery and compliance.
- Govern major incident lifecycle activities, including escalation, communication, reporting, and assurance.
- Oversee vulnerability management from identification through remediation and closure.
- Define audit-ready evidence requirements and ensure alignment with ISMS and control frameworks.
- Deliver governance reporting and support transition to BAU operations.
Essential Skills & Experience
- Experience in Cyber Security Governance, Incident Management, or Vulnerability Management.
- Strong understanding of incident response and vulnerability management lifecycles.
- Experience working within multi-supplier or SIAM environments.
- Ability to interpret and govern SOC and vulnerability management outputs.
- Knowledge of NIST CSF, NCSC guidance, or UK Government security frameorks.
- Experience within Defence or other highly regulated environments.
- Exposure to ISMS, audit, assurance, and ITIL practices.
Application opens at the source listing. Free for jobseekers.