Senior Security Consultant

About the role

A Senior Security Consultant to join the Tech Ops team to deliver technical solutions that meet the organisation’s security policies and standards.

This will include the provision of expert advice on the selection, implementation, and assurance of information Security controls & processes to maintain the confidentiality, integrity, availability of company services & assets.

You will be working effectively with business functions at all levels including project teams and agile squads.

Mentoring & guidance of Security consultants within the team and security stakeholders within the wider organisation.

This role impacts on all areas of the Group, including regulators, customers, employees, third parties and contractors. It involves being responsible for the provision of guidance and governance ensuring delivered products & services are delivered in accordance with the applicable legislation, regulation, and relevant best practice standards

For this role you will have the following responsibilities.:

• To be a senior security subject matter expert for Tech Ops and the organisation.
• To be the Senior Consultant assigned to an individual business tribe.
• Act as a mentor to security consultants and security champions.
• Undertake Security Threat Modelling.
• Define Security Requirements
• Document Security Risk Assessments
• Scope & Facilitate Penetration Tests.
• Shape and develop the Information Security mindset of a Tribe, working with Security Champions to develop training & awareness, Security Metrics and improvement use cases.
• Undertaking professional development to maintain professional skills and knowledge essential to the position.
• Staying abreast with Information and Cyber Security trends, threats and legal & regulatory changes.

Requirements

What you’ll bring

• Practical experience of AWS Services.
• Strong mentoring & stakeholder management skills.
• Experience in:
  • Securing services in cloud platforms.
  • Application security lifecycle, including secure by design process.
  • CI/CD pipelines & automated testing.
  • Security testing tools.
• An understanding of Industry Standards such as NIST, OWASP etc.
• Information Security and /or Information Technology industry qualifications preferred (such as CISSP or CISM).
• Ability to communicate complex information to senior stakeholders.
• Experience of agile delivery methodologies.
• Good understanding and experience of threat and risk modelling (STRIDE, DREAD).
• Good understanding and experience of the Secure Software Development Lifecycle.

Benefits

Some of our benefits

• Flexible, hybrid working model
• Flexible benefits allowance to suit your needs
• 30 days holiday + bank holidays
• Bonus potential (performance and business-related)
• Up to 25% discount on Very.co.uk
• Matched pension up to 6%
• More benefits can be found on our career site

How to apply

Please note that the talent acquisition team are managing this vacancy directly, and if successful in securing this role, you may be required to undertake a credit, CIFAS and CRB check.

What happens next?

Our talent acquisition team will be in touch if you’re successful so keep an eye on your emails! We’ll arrange a short call to learn more about you, as well as answer any questions you have. If it feels like we’re a good match, we’ll share your CV with the hiring manager to review, and then be in touch to move to the interview process. Our interview process is tailored to each role and can be in-person and remotely. We will always look to make the adjustments you need to bring your best self to interview.

About us

We’re The Very Group – home to Very.co.uk and a 3,250-strong team of super talented people, all passionate about making good things easily accessible to more people so they can live life well. We combine amazing brands and products with flexible payment options that help people say yes when it matters most.

Equal opportunities

We’re an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.