Job Title

The consultant will play a critical role in validating that approved security controls are both in place and operating effectively across scoped solutions, ensuring alignment with CIS controls and approved architecture. This is a hands-on role requiring strong attention to detail, risk understanding and stakeholder engagement to maintain assurance around control effectiveness and prevent scope creep. Key Responsibilities: Validate the implementation and effectiveness of security controls across in-scope solutions. Conduct control assessments aligned with CIS Controls and internal security standards. Ensure solutions are delivered within the approved architectural scope and security requirements. Identify and report deviations or risks where control design or implementation is lacking. Engage with delivery and architecture teams to track remediation actions. Maintain clear documentation and provide assurance reports to the Security Governance team. Skills: Proven experience in assurance, security governance, or control validation roles. Good understanding of CIS Controls and control testing methodologies. Experience reviewing technical and process controls in cloud and hybrid environments. Strong documentation and stakeholder communication skills. Ability to work independently and challenge constructively when needed. Desirable: Experience working in highly regulated industries (e.g. financial services, retail, telecom). Familiarity with frameworks like NIST CSF, ISO 27001. Previous exposure to risk tooling or GRC platforms.