Cyber Resilience Consultant

Cyber Resilience consultants work with clients across a wide range of areas relating to cyber resilience and information security. The role can encompass strategy and framework development, conducting cyber risk assessments to identify key business risks, and engaging with IT teams to enhance capabilities to mitigate those identified risks. They also provide advice to prioritize activities that build cyber resilience and mitigate the key cyber risks facing the business.


Typical Tasks

  • Contribute to strategy and policy development
  • Perform or lead analysis of cyber risks
  • Work with asset owners to assess the impact of risks
  • Present options for mitigating cyber risks
  • Support development of risk management documentation
  • Investigate and manage security incidents
  • Promote cyber resilience learning and awareness


Potential Next Steps

Cyber Resilience Manager, IT Security Architect, Chief Information Security Officer


How to get there

AXELOS professional certifications are recognized worldwide by employers as an indicator of your skills and commitment as an ITSM professional. The following certifications are relevant for professionals working in cyber resilience and will support your development into consultancy roles:

RESILIA Foundation

  • Introduction to cyber resilience
  • How decisions impact good/bad cyber resilience

Learn More About RESILIA Foundation

RESILIA™ Practitioner

  • What does effective cyber resilience look like?
  • What are the risks and issues that can easily hit cyber resilience?
  • How to get the best balance of risk, cost, benefits and flexibility within an organization.

Learn More About RESILIA™ Practitioner

ITIL Foundation

ITIL fundamentals including the five core ITIL lifecycle stages:

  • Service Strategy
  • Service Design
  • Service Transition
  • Service Operation
  • Continual Service Improvement

Learn More About ITIL Foundation

Service Strategy

  • Align the IT strategy with business goals and outcomes
  • Investigate and decide on which services to provide
  • Analyze which services are no longer viable and when they should be retired
  • Identify, manage and communicate the cost of providing services
  • Evaluate the financial impact of new or changed strategies
  • Secure funding to manage the provision of service
  • Manage and report expenditure on service provision
  • Account for money spent on the creation, delivery and support of services.

Learn More About Service Strategy

Service Design

  • Reduce risks to IT services to agreed acceptable levels
  • Plan and prepare for the recovery of IT services
  • Conduct regular risk assessment and management exercises
  • Produce, maintain, distribute and enforce an information security policy
  • Understanding the agreed current and future security requirements of the business

Learn More About Service Design

PRINCE2® Foundation

  • The characteristics and context of a project and the benefits of adopting PRINCE2
  • The purpose of the PRINCE2 roles, management products and themes
  • The PRINCE2 principles
  • The purpose, objectives and context of the PRINCE2 processes.

Learn More About PRINCE2® Foundation