Please answer the following questions in order to process your application.
Select your working status in the UK *
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
* denotes required field
Additional Information:
Availability/Notice
Hourly Rate GBP
Approximately how far are you willing to travel to work (in miles) ?
Key Privacy Information
When you apply for a job, JobServe will collect the information you provide in the application and disclose it to the advertiser of the job.
If the advertiser wishes to contact you they have agreed to use your information following data protection law.
JobServe will keep a copy of the application for 90 days.
More information about our Privacy Policy.
Job Details
Information Security Consultant (Contract)
Location: Hybrid-WFH/London 2 days a week Country: UK Rate: £550 per day (Inside IR35)
Technical Information Security Consultant required for market-leading financial services firm. The role will be centred on ensuring security is delivered into a wide range of projects. There will be a focus on working closely with DevOps teams and embedding security throughout a software development life cycle.
Responsibilities:
- Act as the main security point of contact & SME for required projects
- Manage security risk for the whole project life cycle
- Perform security activities, including but not limited to, security design reviews, risk assessments, threat modelling, and vulnerability management and risk mitigation on internally & externally developed software
- Embedding security within DevOps (eg CI/CD pipelines), developing security requirements
- On-demand Security assessment of various components like Web apps, Containers, Platforms etc
- Reviewing security assessment reports and create a remediation pipeline
- Experience in web application security assessments like SAST, DAST etc.
- Act as the Security subject matter expert within Agile/waterfall project planning, development, and execution
- Obtain and review all required artefacts as part of the application security framework
- Drive security evaluation early in the cycles through iterative security testing
- Provide advisory services and direction to application development teams during development cycles
- Manage control exemptions/remediations identified through projects
- Advise on external regulatory requirements
- Provide metrics for relevant areas of responsibility when required
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and have expert knowledge of project-based Information Security. You will also have a proven track record of delivery in a similar role. Experience in financial services is highly advantageous.
Posted Date: 17 May 2024
Reference: JSJEM/41708
Employment Business: Barclay Simpson Recruitment
Contact: Jeff Mayger