Principal Security Consultant
Location: Knutsford (Hybrid - 2/3 days on site)
Contract: 4 Months
Pay: up to £630/d - INSIDE IR35
Would you like to join a global leader in consulting, technology services and digital transformation?
Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms.
Overall purpose of role:
This is a client-focused technical role to support the secure design and implementation of change across a variety of business areas, technologies and platforms.
- Work with stakeholders and customers to deliver secure solutions that mitigate risk and reduce cost & rework.
- Identify opportunities for the use and development of CSO capabilities and products.
- Provide direction and guidance to change stakeholders to ensure system security is maintained.
- Deliver product and project support & review capability throughout the system development lifecycle, to highlight and articulate information security risk to stakeholders.
- Engage and partner with change delivery teams to identify and track security requirements and ensure the client maintains a secure environment.
The role of the Senior Security Consultant is to take a primary role in the delivery of the Security Solutions Consultancy services.
- Act as an information security authority to business and technology clients.
- Influence the information security roadmaps and solutions for products, channels, programmes and projects.
- Proactive delivery of an assignment including initiating contact with the Client, analysis of client objectives, identification of information security responses and requirements, taking responsibility for assignment planning, delivery management, through to gaining user acceptance and sign-off for CSO outputs.
- Ensure the end-to-end information security integrity and quality of solutions and product releases.
- Own the delivery of Security Solutions services to customers, providing timely output to stakeholders.
- Undertake and facilitate information and information security assessments/workshops for solutions during various development phases to ensure security weaknesses are identified and correctly managed, proposing solutions as required.
- Work with stakeholders to ensure residual risks are adequately mitigated to the degree that meets the risk appetite of the business.
- Timely and accurate recording of client interaction using appropriate systems.
- Support for the wider delivery and success of Security Solutions Consultancy services.
Stakeholder Management and Leadership
- Working with technical and security specialists and the appropriate Business in developing and delivering system security solutions.
- Establish and manage relationships with key individuals across the business and technology teams to enable awareness and influencing of system security strategy.
- Collaborate with Senior and Executive peers across all global IT functions to ensure build and maintenance of effective system security solutions and controls.
- Maintain an effective network of relationships with service and technology teams.
- Encourage and solicit innovative ideas and knowledge sharing.
- Manage a virtual team/other resources on an engagement by engagement basis as required.
- Represent CSO in cross-functional change programmes and business area meetings to ensure that information security considerations are included and considered and informed decisions are made to achieve agreed outcomes.
Decision-making and Problem Solving
- Able to understand business objectives and translate into supporting information security requirements.
- Able to analyse multiple data points and information into simple messaging for a senior audience.
- Able to apply critical reasoning to technical problems and systems to identify potential threats and absence of safeguards.
- Able to interpret client problems and provide potential solutions.
Risk and Control Objective
Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Policies and Policy Standards.
Essential Skills/Basic Qualifications:
- Demonstrable understanding of security solutions and designs from a people, process and technology perspective; including security technologies, controls and assessment methodologies.
- Strong relationship, communication and stakeholder management skills.
- Knowledge of information security frameworks and standards such as ISO27001/2, NIST, PCI DSS and their application into diverse environments.
- candidates with experience of Big Data systems in the Cloud. In an AWS context services such as Lake Formation and Redshift, or even better would be experience of working with Snowflake, Starburst or Databricks. Even some experience of traditional Big Data plaforms like Teradata or Hadoop would be useful.
- Security qualification.