Cyber Security Consultant

HCLTech is a global technology company, spread across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. We re powered by our people a global, diverse, multi-generational talent - representing 161 nationalities whose unique spark, perspective and boundless passion drive our culture of proactive value creation and problem-solving.

To learn more about how we can supercharge progress for you, visit www.hcltech.com

Job details: Security Consultant Location: Edinburgh, Leeds, Halifax, Manchester or Bristol Hybrid mode- 2 days week (Work from client location)

Job Description About this opportunity: Our Security Consultancy and Design team are continuing their search for Cyber Security Consultants who have a broad knowledge of Cyber Security domains and controls working across a wide range of computing platforms. Join our Chief Security Office here at client as we build the bank of the future. We are actively welcoming enthusiastic Cyber Security Professionals from all industries and backgrounds to join our expanding team as we embark on an exciting journey where you will have the opportunity to ensure security by design is embedded across our change portfolio. Cyber Security sits at the heart of our business providing the Group with a secure operating environment, safe from malicious attacks.

What you’ll need Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence. Threat model by deconstructing technical solutions, identifying threats and vulnerabilities and assessing risks. Use experience to analyse the risks and benefits of design options to support making safe architectural decisions. Design secure solutions documenting the key security controls and adhering to security standards. Define security testing requirements and assess findings. Effectively communicate technical concepts to both technical and non technical audiences, providing security direction, governance, assurance and guidance.

Any experience of these would be really useful Dynamic solution-oriented individual bringing energy to a rapidly evolving environment with an ability to work well under pressure. Broad knowledge of modern Enterprise technologies including Cloud and AI Exposure to contemporary architectures eg. RESTful APIs and containerised microservices. Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE / MITRE ATT&CK. Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. endpoint, network, cryptography and IAM.

The nice to haves: Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Certifications in security management eg. CISSP / CISM / CCSP or equivalent. Certifications in technical security domains eg. CEH / OSCP or equivalent. Experience of Public and or Private cloud environments.