Ex-Royal Navy who transitioned into cybersecurity 2.5 years ago as a Cybersecurity Consultant. GRC-focused with hands-on exposure to SOC and incident response work. Wants to stay in GRC and move toward Security Consultant roles in the long term. Currently studying CISM, with CISSP planned next. Targeting £55-£60k, prefers permanent, comfortable with client travel.

Key Skills:

• GRC frameworks: NCSC CAF, DSPT, ISO 27001, NIST, GDPR, Cyber Essentials
• Cyber risk assessments and risk register management
• Gap analysis and security reporting (technical to non-technical translation)
• Incident preparedness, response planning, playbook development
• Security monitoring and threat hunting (Microsoft Sentinel, MITRE ATT&CK)
• Vulnerability assessment and remediation prioritisation
• Stakeholder engagement across client environments
• Training delivery and mentoring

Key Impacts:

• GRC frameworks: NCSC CAF, DSPT, ISO 27001, NIST, GDPR, Cyber Essentials
• Cyber risk assessments and risk register management
• Gap analysis and security reporting (technical to non-technical translation)
• Incident preparedness, response planning, playbook development
• Security monitoring and threat hunting (Microsoft Sentinel, MITRE ATT&CK)
• Vulnerability assessment and remediation prioritisation
• Stakeholder engagement across client environments
• Training delivery and mentoring