Technical Security Consultant

Technical Security Consultant

We are currently hiring for a Technical Security Consultant to join one of our Insurance client son a 12-month contract.

Inside IR35

Hybrid

Responsibilities

• Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
• Provide technical guidance and direction to support the business and its technical teams, contractors, and vendors
• Influences peers and project decision-makers to consider the use and application of leading-edge technologies
• Communicates succinctly at both a practitioner and executive level
• Develop and maintain repeatable security artefacts (models, patterns, templates, standards, and procedures).
• Collaborate with other teams to develop and maintain security policies, procedures, and standards, considering legal, governance and regulatory requirements (e.g. NIST, PCI-DSS, Enterprise Risk Framework, and GDPR).
• Provide impartial assessment of vendor technology proposals and build RFP's with central procurement to meet technical needs.

Experience

• Formal training or certification on architectural security patterns and/or frameworks concepts and 3+ years applied experience
• Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
• Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture.
• Knowledge of application security, MITRE ATT&CK and Threat Modelling.
• Broad knowledge of controls in the industry (NIST, ISO, PCI, SOC, CSF, ISO27001, SABSA and TOGAF)
• Identity and Access Management (SAML, OAuth, certs, TLS)
• Identifying security flaws in solutions through threat modelling, architectural assessments and design reviews
• Identity and Access Management, Data Leakage Prevention, Network and Infrastructure Security
• Cryptography, Encryption and Key Management, Secrets Management, TLS, IPSec, Ciphers, X509
• Application Security Design, DevSecOps, Agile practices, Shift Left concepts and automation

• You have experience of delivering complex large-scale architectural solutions on cloud or hybrid environments and also the integration of cloud platforms into the wider enterprise.
• You must have a thorough knowledge of traditional platform delivery approaches, technologies and op models, and a thorough appreciation of the capabilities of the major cloud platforms (Azure, AWS, GCP and OCI).

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.