Senior Security Consultant
Senior Security Consultant
- Location: Swindon, London, England
- Salary: Competitive
- Contract Type: Permanent
- Ref: R002801801
- Closing Date: 28 January 2020
- A Security Architect/Senior Security Consultant in one of our Swindon or London Offices
A commitment to a £4.1 billion investment has been announced (Sep 2018) in order to address the need to satisfy the increasing demand from our members for an always on, constantly evolving and improving digital service. This investment will introduce new products and services, drive the simplification of our IT infrastructure and develop innovative new technology for our members and colleagues.
As a Security Architect/Senior Security Consultant within the Advice and Assurance Team you will be accountable for ensuring that change is delivered in a secure and compliant manner, whilst influencing the direction.
The key responsibilities will be:
- supporting these changes with consultancy on IT Security, Data Privacy, PCI-DSS, Physical and Information Security,
- design assurance ensuring; the confidentiality, integrity and availability of our customers’ data, and security by design principles are adhered to,
- ensuring that threats/risks are identified and managed appropriately.
Who we're looking for
As a Security Architect/Senior Security Consultant you will be a subject matter expert for IT Security and Information Security with significant experience in a similar role. As a minimum you’ll: -
- have previous demonstrable experience in Security Consultancy,
- be self-driven with a technology focused mindset with an industry recognised Security Qualification (CISSP qualification or equivalent experience,)
- have the ability to identify, assess and communicate clearly; complex threats/risks using management methodologies, relating them to the wider business environment,
- be able to manage senior stakeholders and use your clear communication skills to articulate challenges in language your stakeholders will understand,
- be a good communicator and able to ask the right questions to give specific recommendations,
- have the ability to think strategically and evaluate options in the short, medium and long term,
- have the ability to manage several workstreams simultaneously whilst balancing security priorities and concerns, often working within tight timescales to a high quality,
- have the ability to develop strong working relationships,
- have good working knowledge of a variety of technologies both traditional and cloud (AWS/Azure/Google) e.g. Microsoft technologies, UNIX, Networking, Databases, web components integration, containerisation (such Docker, Kubernetes, OpenShift), Mobile Applications, and APIs.
It would be nice if you also had:
- good working knowledge of PCI-DSS (PCI-P qualification or equivalent experience,)
- good working knowledge of Data privacy and GDPR,
- good working knowledge of cloud security (ideally CCSP or CCSK qualified,)
- experience in working in an Agile or DevSecOps methodology/tools e.g (GIT, Maven/Gradle, Jenkins, Nexus, Terraform, Ansible,)
- advanced experience in IT security, threats and countermeasure control strategies, particularly within an agile cloud-based environment,
- in depth knowledge of OWASP, Secure Application Development and Software Development methodologies,
- vendor specific certs such as AWS/Azure/GCP,
- experience of working within financial sector and/or digital projects.
What you'll be doing
- You’ll be working in a friendly and established team of Security professionals, supporting everything from local area initiatives to major corporate transformation projects; enabling projects (including agile) to comply with Security standards, policies and regulatory requirements, helping to ensure that the impact of these policies is minimised.
- You will be reviewing designs and providing approval in line with agreed requirements, providing detailed risk assessments and ensuring appropriate action is taken.
- You will communicate security issues and goals to a wide range of stakeholders from Senior management, product owners, engineers and operational staff.
- You will recommend service improvements to enhance security throughout the IT infrastructure as well as providing training, knowledge transfer and support to other members of the wider Security teams where required.
The extras you'll get
Our people’s success isn’t based on how long they spend at their desk. While you’ll have contracted hours, we offer a flexible environment. That might be working from home, logging on from other offices across the UK, or working part time or compressed hours. We want to know how you like to work. And if we forget to ask, please tell us. We promise it won’t affect your chances at all.
There are all sorts of benefits, including:
• a personal pension (most people put in 7% of their salary which we’ll top up by a further 16%)
• up to two days of paid volunteering a year
• family-friendly benefits to make life easier for parents and carers
• 25 days holiday with the ability to 'buy’ up to 10 days more holiday
• Access to an annual performance related bonus scheme
• Personal development. Support and training to help you to excel and develop your career.
Work with PRIDE
Why work for us?
At Nationwide, we’re here for our members and we put their needs first in everything we do. And now, more than ever, two things are helping us go from strength to strength: we put our customers first, and we’re known for being open, honest and trustworthy.
We’re also the world’s largest building society, with communities at the heart of everything we do. We aim to do the right thing for our members which helps set us apart from our competitors. But we need good people to help us do it. People who understand what we believe in and have the talent and drive to keep us successful.
At Nationwide we have a strong ethic of care, and a genuine concern for each other and our members. We recognise that our employees feel most appreciated when their thoughts and values are respected and considered. We are committed to creating a culture that recognises and truly values our individual differences and identities. If you’d like to be a part of an inclusive workplace where you can be yourself, where your talents are nurtured, and you feel empowered to contribute then please apply and help us in building society, nationwide.
You may also be interested in these related vacancies
Application Security Engineer - Money Management