Senior Information Security Consultant

Company Description

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.
 
By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.
 
From prototype to real-world impact - be part of a global shift by doing work that matters.

Job Description

Our infrastructure specialists are responsible for designing and implementing back-end services. They ensure reliability, security, and scalability for all platform layers within our solutions. Infrastructure teams provide expertise across virtualization, cloud services, storage solutions, cybersecurity, and scripting and automation.  

As a Senior Information Security Consultant at Endava you will be responsible for advising organizations on how to protect their digital assets by developing and implementing robust security strategies, policies, and protocols. You will conduct thorough risk assessments, manage security audits, and provide expert guidance on mitigating potential cyber threats and vulnerabilities.

Responsibilities:

• Maintain & Deploy complex Cyber Security tooling in existing infrastructure.
• Develop and implement custom security policies, controls and procedures to minimize the risk of advanced cyber-attacks.
• Act as subject matter expert to the business and to other members of the Security team.
• Proactively identify security risks, mitigations, and opportunities to strengthen Endava and our client’s resilience to cyber-attacks and security incidents.
• Work with our clients to understand the maturity of their cyber security capabilities and help define strategies to become more cyber resilient.
• Support of the general bidding process and RFP responses
• Capacity to stay up to date with emerging security technologies and ability to evaluate these for Endava client environments.
• Participate, lead, and jointly deliver security evaluation reports on cloud, tooling, and any other solution providers.
• Establish requirements for security solutions by evaluating business strategies, and requirements, and aligning with appropriate security standards.
• Act as a change agent by providing recommendations for improvement and risk reduction by assessing clients on their enterprise and cloud security posture.
• Representing the company in a professional manner and building good relationships with clients to Endava’s benefit.

Qualifications

• 3+ years of full-time dedicated experience in a senior information security role focused on delivering at the enterprise level, in complex environments.
• Bachelor’s degree in computer science, Engineering, Mathematics, or related field; or equivalent combination of education/professional experience in a similar role.
• One or more high-level security certifications (e.g. CCSP, CISSP, CISM, OSCP, CASP+, GSEC, CEH)
• Familiar with Security Frameworks & Standards, such as NIST, ISO2700 Series, PCI DSS
• Hands-on experience with a range of security technologies.
• Expertise with cloud based SIEM and SOAR technologies.
• Experience in one or more cloud technologies, such as Azure, M365, GCP
• Excellent presentation skills and ability to communicate with both technical and non-technical stakeholders.
• Experience in formal document creation, such as the creation of reports or procedures.

Additional Information

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;   
• Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
• Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.