Senior Security & Resilience Consultant
Senior Security & Resilience Consultant
- Location(s): UK Wide
- Salary: Competitive
- Contract Type: Permanent
- Ref: R00TR01402
- Closing Date: 23 May 2022
- We're happy to consider flexible working approaches for this role
Our mission in the Security & Resilience is: “with our colleagues, to make sure services, money and data are available and secure at all times” and we are privileged to work in an organisation where security and privacy is right at the heart of the relationship we have with our Members.
As a Consultant within the S&R Consultancy Team you will be accountable for ensuring that services and change are delivered in a secure and compliant manner, whilst influencing the future prioritisation and delivery of security improvements. You will be working in a diverse, fast paced organisation and will be responsible for the security risk assessment of new and existing applications and processes, spanning a myriad of legacy and cutting-edge technologies and working with our internal customers to ensure that they get the best advice to support their business objectives.
At Nationwide we openly put our 15 million members at the centre of every decision we make as a business. Every role, no matter what it’s doing, is member focused.
If we receive a high volume of relevant applications, we may close the advert earlier than the advertised date, so please apply as soon as you can.
What you’ll be doing
You’ll be working in a friendly and established team of Security and Resilience professionals, supporting everything from local area initiatives to major corporate transformation projects; enabling our processes and projects to comply with Security standards, policies and regulatory requirements, helping to ensure that the impact of these policies is minimised. To do this, you will:
- Be conducting security risk assessments and providing recommendations to ensure that projects implement controls in accordance with Security Policies and Standards.
- Assessing new and existing systems and applications to provide security advice and support the shaping of solutions as they are defined.
- Work closely with Enterprise Security Architecture and Risk specialists to ensure that new and existing solutions remain within appetite, through the application of appropriate controls.
Working closely with our Mission teams and Business Stakeholders as they embark on ambitious change agenda you will:
- Be the go-to person for trusted security expertise.
- Work with colleagues in delivery and run teams to understand and mitigate their Security & Resilience risks.
- Be on the forefront of providing consultancy and risk assessment for new propositions and deliveries.
You will proactively build relationships across the Society to ensure Security & Resilience is a primary consideration in all business areas, projects and programmes.
As a Security Consultant you will be a subject matter expert for IT Security and Information Security with significant experience in a similar role. As a minimum you’ll:
- Have previous demonstrable experience in Security Consultancy and relevant professional qualifications (or be working towards certification).
- Have a strong grasp of security risk assessment and security principles.
- Be a resilient and highly motivated self-starter who relishes a challenge.
- Be able to demonstrate robust judgement, decision making and creative problem-solving ability to influence positive outcomes.
- Have the ability to explain technical specialism domain(s) to technical and non-technical stakeholders to influence critical business decisions.
- Have the ability to identify, assess and communicate clearly; complex threats/risks using management methodologies, relating them to the wider business environment.
- Have the ability to challenge the thinking and perception of all levels of stakeholders, influencing behaviour and culture change.
It would be nice if you also had:
- Have good working knowledge of databases, cloud vendor security capabilities (AWS/Azure), web components integration, containerisation (such Docker, Kubernetes, OpenShift), Mobile Applications, and APIs.
- Have a good understanding of networking, common operating systems / components and Cloud Service models
- Working knowledge of PCI-DSS (PCI-P qualification or equivalent experience,).
- Experience in working in an Agile or DevSecOps methodology/tools e.g (GIT, Maven/Gradle, Jenkins, Nexus, Terraform, Ansible,).
- Experience in IT security, threats and countermeasure control strategies, particularly within an agile cloud-based environment.
- Knowledge of OWASP, Secure Application Development and Software Development methodologies.
- Vendor specific certification or demonstrable independent learning, such as AWS/Azure/GCP.
- Experience of working within financial sector and/or digital projects.
We’re also interested in who you are as a person. Why? Because our membership is made up of so many different kinds of people, so we want our employees to be just as diverse. We’d love to hear about:
- Your values, and what makes you who you are
- How you’d make a difference to our members in this role
We know applying for jobs can sometimes feel like you’re sending an application into a black hole. We review each application individually. So, it’s a good idea to call out your most relevant experience on your application to give yourself the best chance.
The extras you’ll get
There are all sorts of employee benefits available at Nationwide, including:
- A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
- Up to 2 days of paid volunteering a year
- Life assurance worth 8x your salary
- A great selection of additional benefits through our salary sacrifice scheme
- Access to an annual performance related bonus
- Access to training to help you develop and progress your career
- 25 days holiday
Why work at Nationwide
We’re a building society founded by ordinary people, our members, who came together to help each other get the most from their money, buy homes and save for their futures. For over 130 years, we’ve supported each other and our communities, and we’ve done the right thing for wider society too.
If you come to work here at Nationwide, you’ll be part of that. Part of something a bit different. And something really quite special.
What’s more, we have a strong ethic of care for each other and our members. We recognise that our employees feel most appreciated when their thoughts and values are respected and considered. We’re committed to creating a culture that recognises and truly values our individual differences and identities. So if you’d like to be a part of an inclusive workplace where you can be yourself, where your talents are nurtured, and you feel empowered to contribute, then please apply and help us in building society, nationwide.
What to do next
If this role is for you, please click the ‘Apply Now’ button. You’ll need to attach your up to date CV and answer a few quick questions for us.
We respond to everyone, and so we will be in contact shortly after the closing date to let you know the outcome of your application.