Job Details
Security Consultant
Location
Edinburgh, Leeds, Halifax, Manchester or Bristol
Working pattern
Hybrid, 2 days per week (Work from client location).
Duration
This is a fixed-term contract role.
Job Description
Our Security Consultancy and Design team are continuing their search for Cyber Security Consultants who have a broad knowledge of Cyber Security domains and controls working across a wide range of computing platforms. Join our Chief Security Office here at client as we build the bank of the future. Are you someone who wants to be in the heart of Cyber Security delivering change and working in an agile way? Interested in being a part of shaping our Security Strategy? We have the perfect opportunity for you.
We are actively welcoming enthusiastic Cyber Security Professionals from all industries and backgrounds to join our expanding team as we embark on an exciting journey where you will have the opportunity to ensure security by design is embedded across our change portfolio. Cyber Security sits at the heart of our business providing the Group with a secure operating environment, safe from malicious attacks.
Qualifications
- Ability to develop, design secure solutions and produce a Security Design documenting the controls.
- The ability to deconstruct a solution / network architecture.
- Ability to identify and mitigate against threats and vulnerabilities associated with proposed solutions and evaluate the soundness of solutions using industry standard practices (e.g., STRIDE, MITRE).
- Demonstrate the ability to interpret threats into Risks, using your knowledge and experience to assist the business in assessing likelihood and impact.
- Effectively communicate technical concepts to both technical and non-technical collaborators.
- Skills to produce and articulate Security Designs to all collaborators within the project and business.
- Comfortable weighing the risks and benefits of competing Security design options.
- Comfortable working on multiple challenging projects simultaneously.
Required skills
- Experience required with security consultancy delivery (e.g. threat modelling, secure design, driving decisions)
- Experience with cloud-native platforms and modern architectures
- Developing a more security-led perspective, rather than primarily infrastructure-focused responses
- Building stronger risk-based thinking across end-to-end systems (linking threats, risks and controls)
- Deepening understanding of security controls and their practical application
- Gaining further exposure to security standards and regulatory frameworks (e.g. PCI DSS, data protection)
- Strengthening end-to-end security design capability (e.g. threat modelling, control coverage)
- Providing clearer examples of individual contribution and ownership in security decisions
Preferred skills
- Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
- Certifications in Security Management such as CISSP / CISM / CCSP or equivalent.
- Certifications in technical Security domains such as CEH / OSCP or equivalent.
- Experience of Public and or Private cloud environments.
#J-18808-Ljbffr