- security risk assessments and providing recommendations on appropriate controls to ensure services and systems operate within risk appetite;
- the impact of change initiatives and issuing appropriate security requirements to ensure compliance with security policy and standards;
- on the implementation of security control requirements, ensuring the design and approach of these both achieve the desired security outcome and are operationally viable;
- change initiatives in navigating and utilising our central security services, including security monitoring, penetration testing and access management;
- that security control requirements are met, in conjunction with our Application Security Testing team, through the project lifecycle;
- as the initial point of contact for all security and resilience related questions, queries, challenges and escalations for your aligned areas;
- experience in Security Consultancy role, or a related discipline e.g. Security Governance Risk and Control or Operations;
- a relevant professional qualification (or be working towards certification), such as Security+ / Network+ / CISM / CISSP.
- a developed understanding of risk and control methodologies and experience of practical risk assessment (ideally but not essentially in a security environment);
- knowledge and understanding of relevant industry standards, frameworks and best practice, e.g. ISO / NIST / COBIT / COSO;
- a resilient and highly motivated self-starter, with demonstratable robust judgement, decision making and creative problem-solving ability;
- able to understand and assess the security elements of technical designs / solutions and have a proven ability to constructively challenge to deliver better business and security outcomes;
- the ability to communicate complex risks / issues to technical and non-technical stakeholders to influence critical business decisions.
- good working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism.
- to pick up new technologies and provide training to other members of the wider engineering team.
- to rapidly prioritize work based on business needs and assessing risks
- experience in working in UK Financial Services or similar highly regulated industry;
- / experience of PCI-DSS, including PCI-P qualification;
- / experience of Data privacy and GDPR;
- / experience of Operational Resilience and Business Continuity, including new regulatory requirements;
- / experience of cloud security (AWS/Azure), e.g. web components integration, containerisation (such Docker, Kubernetes, OpenShift) and APIs;
- / experience of threat modelling and threat assessment;
- working in an Agile or DevSecOps methodology/tools e.g GIT, Maven/Gradle, Jenkins, Nexus, Terraform, Ansible.
- management and interpersonal skills as the role will need communication with senior management
Security Consultant - Swindon, United Kingdom - Maclean Moore
Description
We are partnered with a reputable global consultancy that are recruiting Security Consultants to work on a very exciting LONG-TERM CONTRACT within the financial service sector.
Role: Senior Security Consultant
Rate: Up to £500 per day (inside IR35)
Location: London / Swindon – Hybrid (2 days onsite per week)
Duration: 6 months (initially – view to extend)
Vacancies: 3
The Role:
As a Security Consultant you will be accountable for ensuring that services and change initiatives in the business areas you are aligned to are delivered in a secure and compliant manner. You'll be working in a matrix manner with our business, change and delivery teams, supporting everything from small technology changes to major transformation programmes, driving implementation of our Security and Resilience strategies and policies in a positive and pragmatic manner which enables our colleagues to deliver their business objectives.
Key responsibilities:
Key skills:
If you are interested and have the relevant experience, please apply promptly and we will contact you to discuss it further.
Yilmaz Moore
Senior Delivery Consultant
London | Bristol | Amsterdam