Candidates: Create an Account or Sign In
Candidates: Create an Account or Sign In
We are partnered with a reputable global consultancy that are recruiting Security Consultants to work on a very exciting LONG-TERM CONTRACT within the financial service sector.
Role: Senior Security Consultant
Rate: Up to £500 per day (inside IR35)
Location: London / Swindon – Hybrid (2 days onsite per week)
Duration: 6 months (initially – view to extend)
Vacancies: 3
The Role:
As a Security Consultant you will be accountable for ensuring that services and change initiatives in the business areas you are aligned to are delivered in a secure and compliant manner. You’ll be working in a matrix manner with our business, change and delivery teams, supporting everything from small technology changes to major transformation programmes, driving implementation of our Security and Resilience strategies and policies in a positive and pragmatic manner which enables our colleagues to deliver their business objectives.
Key responsibilities:
* Conducting security risk assessments and providing recommendations on appropriate controls to ensure services and systems operate within risk appetite;
* Assessing the impact of change initiatives and issuing appropriate security requirements to ensure compliance with security policy and standards;
* Advising on the implementation of security control requirements, ensuring the design and approach of these both achieve the desired security outcome and are operationally viable;
* Supporting change initiatives in navigating and utilising our central security services, including security monitoring, penetration testing and access management;
* Assuring that security control requirements are met, in conjunction with our Application Security Testing team, through the project lifecycle;
* Acting as the initial point of contact for all security and resilience related questions, queries, challenges and escalations for your aligned areas;
Key skills:
* Have experience in Security Consultancy role, or a related discipline e.g. Security Governance Risk and Control or Operations;
* Have a relevant professional qualification (or be working towards certification), such as Security+ / Network+ / CISM / CISSP.
* Have a developed understanding of risk and control methodologies and experience of practical risk assessment (ideally but not essentially in a security environment);
* Have knowledge and understanding of relevant industry standards, frameworks and best practice, e.g. ISO / NIST / COBIT / COSO;
* Be a resilient and highly motivated self-starter, with demonstratable robust judgement, decision making and creative problem-solving ability;
* Be able to understand and assess the security elements of technical designs / solutions and have a proven ability to constructively challenge to deliver better business and security outcomes;
* Have the ability to communicate complex risks / issues to technical and non-technical stakeholders to influence critical business decisions.
* .Build good working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism.
* Aptitude to pick up new technologies and provide training to other members of the wider engineering team.
* Able to rapidly prioritize work based on business needs and assessing risks
* Previous experience in working in UK Financial Services or similar highly regulated industry;
* Knowledge / experience of PCI-DSS, including PCI-P qualification;
* Knowledge / experience of Data privacy and GDPR;
* Knowledge / experience of Operational Resilience and Business Continuity, including new regulatory requirements;
* Knowledge / experience of cloud security (AWS/Azure), e.g. web components integration, containerisation (such Docker, Kubernetes, OpenShift) and APIs;
* Knowledge / experience of threat modelling and threat assessment;
* Experience working in an Agile or DevSecOps methodology/tools e.g GIT, Maven/Gradle, Jenkins, Nexus, Terraform, Ansible.
* Stakeholder management and interpersonal skills as the role will need communication with senior management
If you are interested and have the relevant experience, please apply promptly and we will contact you to discuss it further.
Yilmaz Moore
Senior Delivery Consultant
London | Bristol | Amsterdam
