Information Security Consultant


Offre publiée le 2024-03-27

Barclay Simpson

Information Security Consultant required for market-leading financial services firm. The role will be centred on ensuring security is delivered into a wide range of projects.

There will be a focus on working closely with DevOps teams and embedding security throughout a software development life cycle. Responsibilities :

  • Act as the main security point of contact & SME for required projects
  • Manage security risk for the whole project life cycle
  • Perform security activities, including but not limited to, security design reviews, risk assessments, threat modelling, and vulnerability management and risk mitigation on internally & externally developed software
  • Embedding security within DevOps (eg CI / CD pipelines), developing security requirements
  • On-demand Security assessment of various components like Web apps, Containers, Platforms etc
  • Reviewing security assessment reports and create a remediation pipelines
  • Experience in web application security assessments like SAST, DAST etc.
  • Act as the Security subject matter expert within Agile / waterfall project planning, development, and execution
  • Obtain and review all required artefacts as part of the application security framework
  • Drive security evaluation early in the cycles through iterative security testing
  • Provide advisory services and direction to application development teams during development cycles
  • Manage control exemptions / remediations identified through projects
  • Advise on external regulatory requirements
  • Provide metrics for relevant areas of responsibility when required

As an ideal candidate, you will have an industry certification such as CISSP / CISM / CRISC and have expert knowledge of project-based Information Security.

You will also have a proven track record of delivery in a similar role. Experience in financial services is highly advantageous.


30+ days ago