Security Consultant

Join us as a Security Consultant  

• This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information
• As our Security Consultant, you’ll be providing advice and guidance on the best course of action needed to manage and solve security risks
• As well as the opportunity to enhance your security knowledge, you’ll also be exposed to a wide range of stakeholders across the wider bank
• We're offering this role at associate level

What you'll do

Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you’ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains.

We’ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible.

You’ll also be:

• Acting as the interface with security experts when needed
• Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain
• Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively
• Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management
• Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation

The skills you'll need

To be successful in this role, you’ll need knowledge of one or more security subject areas and experience of setting risk appetites. You’ll also demonstrate experience of, or a willingness to learn risk management frameworks.

Additionally, you’ll need:

• A background of at least 4 years in security assessment in information system
• An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc
• Industry certification such as CISSP, CISM, CISA
• Experience in conducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines
• Strong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions

Hours

Job Posting Closing Date: