• 0-2 years of experience in cybersecurity, GRC roles, or related consulting positions.
• Fundamental understanding of information security principles, risk management concepts, and basic regulatory requirements.
• Awareness of UK regulatory frameworks such as NCSC CAF, ISO 27001, or equivalent standards.
• Bachelor’s degree in Computer Science, Information Security, Business, or a related field, or equivalent experience.
• Foundation-level certifications (e.g., Security+, CISSP Associate, ISO 27001 Foundation), or strong commitment toward obtaining relevant certifications within 12 months.

Preferred Qualifications:

• Entry-level hands-on experience in information security controls, compliance frameworks, or risk methodologies.
• Familiarity with the Critical National Infrastructure sector or comparable regulated environments.
• Exceptional organizational skills and attention to detail, particularly in technical writing and documentation.

Key Competencies:

• Technical Skills: Basic understanding of cybersecurity controls and frameworks, coupled with willingness to deepen expertise with guidance.
• Documentation: Competence in drafting professional reports, regulatory documents, and frameworks, showing clarity and professionalism.
• Analytical Thinking: Strong problem-solving abilities and structured thinking, focusing on accuracy and detail.
• Client Interaction: Solid interpersonal communication skills with a collaborative and approachable manner.
• Teamwork: Collaborative attitude and eagerness to learn and grow within a supportive mentorship structure.
• Time Management: Skill in prioritizing tasks and managing deadlines effectively under supervision.

Success Metrics (6-12 Months):

• Timely completion of assigned tasks within designated scope, budget, and quality standards.
• Positive feedback from senior team members and clients on technical execution.
• Achievement or progress toward relevant professional certifications.
• Demonstrated growth in technical knowledge and consulting competencies.
• Ability to work effectively in client-facing roles with support from senior colleagues.

Typical Deliverables:

• Compliance assessment documents detailing findings, evidence, and analysis under senior review.
• Risk assessment documentation, including risk registers, heat maps, and preliminary mitigation plans.
• Draft governance documents such as policy updates and control implementation frameworks.
• Contribution to strategic sections in proposals, statements of work, and technical summaries.
• Meeting minutes, stakeholder workshops documentation, and initial drafts of executive presentations.
• Research notes and analysis on regulatory trends relevant to CNI practice areas.

Working Arrangements and Compensation:

• Structured onboarding with direct access to mentorship from P2 consultants and practice leadership.
• Allocation of training time (approximately 30-40% in initial year) to build fundamental knowledge and certifications.
• Hybrid working model: Combination of remote support and travel to client sites 2-3 days per week.
• Exposure to diverse sectors within Critical National Infrastructure (water, energy, telecommunications).
• Competitive entry-level salary package, inclusive of certification reimbursement, health benefits, and access to industry events.