About The Role

Essential duties & responsibilities

Key duties and responsibilities of this job role can include some or all the following (depending on experience and certifications held):

  • Performing PCI DSS consultancy consisting of: cardholder data mapping exercises, gap analysis, de-scoping recommendations/advice and architecture reviews
  • Performing internal Report on Compliance assessments (if QSA)
  • Performing Q/A reviews of customer reports produced by the GRC team
  • Undertaking other customer consultancy / projects; such as ISO27001, Cyber Security Reviews, Risk Assessments, etc. as required
  • Communicating within Claranet Cyber Security, the wider Claranet Group and with clients, both orally and in writing
  • Assisting with the development and growth of the Security Business Unit GRC team and services offerings
  • Assisting with the development of cutting-edge training material for internal and external delivery
  • Maintaining CPEs and re-certification requirements for any industry certifications/qualifications required to fulfil duties

    The duties of this position will be performed from our office in Leeds, from customer sites, and on occasions can be from a home location (conditions apply) and will require driving to customer locations and some out of hours work may be expected. The candidate will be expected to work alone, around others, under minimal supervision and under tight deadlines.

About You


  • 1+ years’ as a QSA (for previous QSAs)
  • 3+ ROCs completed (for previous QSAs)
  • 3+ years’ information technology and network security experience
  • 3+ years’ experience managing client projects
  • 3+ years’ information consulting experience


  • Ability to meet the QSA Qualification requirements (for non-QSAs); i.e. CISSP, CISM, CISA, ISO27001 Lead Auditor
  • Ability to manage own workload
  • Ability to work alone and within a team
  • Ability to work to tight deadlines, prioritise and manage workload
  • Good numeracy and organisational skills
  • Excellent attention to detail
  • Excellent communication skills (spoken and written)
  • Ability to quickly learn and understand new skills and technologies specific to the Cyber Security industry
  • Take own initiate to expand information security knowledge
  • Ability to write concise, accurate and timely reports


  • Been involved in PCI DSS projects (non-QSA)
  • Some ISO 27001 Audit/Implementor Experience
  • Any exposure to other audit frameworks; NIST, SOC 2, etc…
  • GDPR Experience
  • Full UK Driving License


  • Willing to travel and conduct information security consultancy work out of normal office hours as required by our clients
  • Client facing, able to confidently and professionally represent the company
  • Must be self-motivated and able to work in an independent manner
  • Excellent written and oral communications skills


About Us

Position summary

Claranet combine pioneering technologies, practices, and expertise to propel our customers ambitions. Through a vibrant customer centric culture of collaboration, learning, and opportunity, we nurture a dynamic community of the best technology and service expertise spanning cloud, cybersecurity, networks, and unified communications. 

Founded in 1996, Claranet has evolved into a multi-disciplinary technology services provider with global reach. The company has annualised revenues of circa £350 million, over 6,500 customers, and more than 2,000 employees in nine countries. In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.  

Claranet consistently appears in The Sunday Times Top Track 250 as one of the fastest growing privately-owned businesses in the UK. Our international success is driven by local service, out of local offices, using a mixture of local and international infrastructure, including hyperscaler clouds.

Claranet Cyber Security is a world class business unit within Claranet, designed to give customers access to market-leading information security services spanning; training, consulting, and managed services.

The Consultancy Practice within Claranet Cyber Security business unit is a dynamic, fast-moving department delivering a range of professional services, both onsite and remotely, such as; training, penetration testing, PCI DSS and Cyber Essentials.

Claranet Cyber Security is in the process of growing the governance, risk and compliance (GRC) team within the business.  GRC team members work on a variety of clients ranging from smaller merchants to larger merchants and service providers.  Work carried out by the GRC team can include; PCI DSS engagement (PCI DSS consultancy to full onsite PCI DSS assessment), ISO 27001 consultancy, Cyber Security Assessments and Risk Assessment work.  Additional, bespoke pieces of work can also be carried out to cater for client’s individual needs.  The GRC team may also support other Claranet units’ efforts where there are some cross-selling opportunities. 

As a Security Consultant within the Claranet Cyber Security GRC team, your primary role will be delivering GRC consultancy to our clients which depending on experience and certifications can include, but not limited to; PCI DSS related consultancy, ISO27001 consultancy and auditing, Cyber Security Assessments, Policy & Procedure Reviews and Data Protection Consultancy.  You will compose your findings into a concise report and interact closely with clients to help articulate advice and guidance contained within the final reports.  Working within other GRC area’s may also be expected new service offerings are developed.



Other jobs like this

    Marketing and Product
    Competitive plus benefits