Security Risk and Compliance Consultant - London/South...

Purpose of the Role

The Security Consultant be responsible for delivering a portfolio of CCTV compliance assessments across a portfolio of retail, residential, commercial and corporate properties, in accordance with GDPR, the Data Protection Act and Information Commissioner’s Office (ICO) guidance. Alongside this compliance remit, the role will deliver risk-based security consultancy services, including Security Threat, Risk and Vulnerability Assessments (TRVA), Security Needs Assessments (SNA), and advisory commissions relating to security strategy, security design and security planning.

The role is intended to combine a defined compliance assurance function with a broader consultancy and advisory capability. In addition to identifying compliance gaps, risks and vulnerabilities, the post holder will contribute to the development of practical, proportionate security solutions and will work with the wider security consultancy team and operational stakeholders to support the design and implementation of appropriate control measures. A key aspect of the role is to contribute to the growth and development of the Security Consultancy function, including the expansion of existing service offerings and the introduction of new security-related consultancy services across the UK portfolio.

Key Responsibilities

The post holder will be responsible for planning and delivering CCTV compliance assessments across an allocated portfolio of retail, residential, commercial and corporate properties, in accordance with GDPR, the Data Protection Act and Information Commissioner’s Office guidance. This will include reviewing Video Surveillance Systems against relevant legislative, regulatory and best practice requirements and producing clear, structured and professional reports setting out findings, compliance gaps and prioritised, proportionate recommendations.

Where required, the post holder will also support or undertake additional assurance activities, including audits associated with payment card environments and wider security governance requirements.

Alongside the compliance assurance remit, the post holder will deliver risk-based security consultancy services across the portfolio. This will include the completion of Security Threat, Risk and Vulnerability Assessments, Security Needs Assessments, and advisory commissions relating to security strategy, security design and security planning for both existing assets and new developments. A central element of this aspect of the role will be the development of practical and proportionate security solutions in response to identified risks and vulnerabilities.

The post holder will work with the wider security consultancy team and relevant stakeholders to design, refine and support the implementation of appropriate physical, procedural and technological security controls, ensuring that recommendations are translated into deliverable and operationally effective measures. The role will involve engaging with stakeholders to support the understanding and adoption of recommended control measures, without holding direct responsibility for their operational delivery or close-out.

In addition, the post holder will contribute to the growth and evolution of the Security Consultancy function by supporting the development of new security-related consultancy service lines, contributing to the enhancement of existing products and methodologies, and helping to position the department as a strategic advisory function rather than solely a compliance or audit service. This will include identifying emerging client needs, contributing to service development initiatives, and supporting the articulation of the value of security consultancy services to internal and external stakeholders.

The role will require the post holder to deliver all assessments and advisory outputs in a clear, consistent and professional manner within agreed timescales, to provide informed input on regulatory, operational and technological developments affecting the security risk profile of the portfolio, and to contribute to audit and consultancy planning activities as required.

Skills, Knowledge and Experience

The successful candidate will have demonstrable experience within a security auditing and/or security consultancy role, with a strong understanding of CCTV compliance, data protection considerations and risk-based security assessment within the built environment. A working knowledge of relevant legislation, standards and guidance, including GDPR, the Data Protection Act, Information Commissioner’s Office guidance and applicable British Standards relating to security management and CCTV systems, is required.

Formal training or demonstrable competence in data protection and CCTV compliance, security risk assessment methodologies, and threat and vulnerability assessment techniques is highly desirable. Experience in security design principles, security strategy development, and risk management within the built environment will be a strong advantage. Ongoing professional development in areas such as security management, risk management, auditing or information governance, and membership of relevant professional bodies, will be viewed positively.

The role requires a high level of computer literacy, particularly in the use of Microsoft Office applications, together with the ability to produce clear, structured and professional client-facing reports. The post holder must be able to manage competing priorities across a geographically dispersed portfolio and work effectively both independently and as part of a wider consultancy team.

The successful candidate will demonstrate a professional and client-focused approach, with the ability to communicate technical, regulatory and risk-based issues clearly and proportionately to a range of audiences. Strong analytical skills, sound professional judgement, and close attention to detail are essential, together with the ability to translate assessment findings into practical and proportionate security solutions and to work collaboratively with colleagues and stakeholders to support the implementation of controls. A proactive, flexible and commercially aware approach is required, along with an interest in contributing to the ongoing development and growth of security consultancy services beyond a purely compliance-driven remit.

The post holder will have experience in the delivery of security and compliance audits and security risk assessments. A full UK driving licence is required, and the role will involve regular travel across the Northern UK region and occasional wider UK travel, including overnight stays. The successful candidate will be subject to appropriate pre-employment screening, including background checks in line with relevant industry standards, and will be expected to comply with SMR policies and procedures and undertake any other reasonable duties consistent with the seniority and purpose of the role.

Working Hours - Mon to Fri 37.5 hrs

Home Based with a portfolio covering London and Southeast UK, with occasional UK wide travel

Please see our Benefits Booklet for more information.