Technical Information Security Consultant required for market-leading financial services firm. The role will be centred on ensuring security is delivered into the DevOps process. There will be a focus on working closely with DevOps and Engineering teams and providing security assurance throughout project and development life cycles. Responsibilities: Act as the main security point of contact & SME Conduct High Level & Low-Level technical risk assessments Conduct document and conceptual design reviews Perform security activities, including but not limited to, security design reviews, risk assessments, threat modelling, and vulnerability management and risk mitigation Embedding security within DevOps (eg CI/CD pipelines), developing security requirements On-demand Security assessment of various components like Web apps, Containers, Platforms etc Reviewing security assessment reports and create a remediation pipeline Experience in web application security assessments like SAST, DAST etc. Act as the Security subject matter expert within Agile/waterfall project planning, development, and execution Obtain and review all required artefacts as part of the application security framework Drive security evaluation early in the cycles through iterative security testing Provide advisory services and direction to development teams during development cycles Manage control exemptions/remediations identified through projects Advise on external regulatory requirements Provide metrics for relevant areas of responsibility when required Challenge stakeholders to ensure security is efficiently delivered Mediate between development and security teams to facilitate business As an ideal candidate, you will have expert knowledge of DevSecOps, Security Governance, NIST or OWASP (SAMM, DSOMM) and Cloud Security. You will have strong knowledge of threat & vulnerability management and penetration testing, although we do not require a penetration tester. You will also have a proven track record of success in a similar role.

Operational Resilience Consultant required for global firm. The role will be focused on accessing and developing strategic direction of their Operational Resilience and Disaster Recovery function. About You: Broad and deep Operational Resilience experience, ideally gained in a consulting or transformation context. Consultancy skills - discover, assess, prioritise, advise - a must. Comfortable assessing strategic Operational Resilience maturity in context of real-world resilience issues and setting Operational Resilience Strategy and approach. Able to assess operating companies or franchises to validate strategy, policy, governance assumptions. Strength on process, governance aspect of Operational Resilience is a must. Familiarity with modern ITSCM desirable Exposure to Operational Technology (OT) resilience nice to have. Exposure to Enterprise Operational Resilience a must, international enterprise experience desirable. Able to self-start and deliver work to a specification as part of a wider team Confident in producing and presenting Operational Resilience Strategy and roadmap report. Please note: This is a consultancy type engagement and is initially 30 days' work over 2 months with scope to extend after completion of first phase. The role is outside IR35 and can be done remotely however there are 2 planned site visits in the UK.

This well established bank seeks an experienced Security Architect to join the team in London. You will be responsible for designing and implementing security solutions, working collaboratively with the CTO function and the business. The successful candidate will be an experienced IT security architect with good knowledge and experience in Azure and Microsoft technologies and the deployment of technology solutions into landing zones. You are likely to hold a relevant certification such as CISSP, CCSP, TOGAF, or Azure/Microsoft-specific certifications. Broad knowledge of a range of different security domains is beneficial, as is experience in major transformation projects. You will be proactive with excellent communication skills. The successful candidate will have previous financial services experience. This is an excellent opportunity to work in a highly varied and visible role for a household-name bank. The role offers hybrid working with time split between the central London (City) office and working from home. The base salary is up to £115,000 + bens + good bonus potential. There is no visa sponsorship available.

Global bank seeks a security SOAR engineer with good automation skills and knowledge of ServiceNow to join their large, global security engineering function as a VP level individual contributor. The role will see you building new automations and integrations for the Security teams so that they can respond faster to threats. Your focus will be on the ServiceNow platform but you will also have the opportunity to learn new tools, and the bank offers 5+ days study leave per annum for this. The successful candidate must have strong knowledge of the ServiceNow platform and will have good coding skills, ideally in python or java. It is beneficial if you have worked in a dedicated security role previously, although this is not essential. You will be required in the office 2 days a week (HR policy so this is not flexible) with 3 days a week working from home. Salary up to £85,000 base + benefits + good bonus. There may be some flex on the base salary for a candidate who meets all the requirements. There is visa sponsorship available for candidates who are already living in the UK and who have relevant experience in a similar role.