At a Glance
- Tasks: Secure AI systems and lead innovative projects in cybersecurity.
- Company: Join a leading firm in UK Financial Services with a focus on AI security.
- Benefits: Competitive day rate, hybrid work model, and opportunities for professional growth.
- Other info: Dynamic role with a chance to shape the future of AI security.
- Why this job: Make a real impact in the evolving field of AI security and resilience.
- Qualifications: Expertise in UK FinServ compliance and hands-on experience with AWS and AI frameworks.
The predicted salary is between 48000 - 72000 £ per year.
AI Security & Resilience Experts – Contract (Outside IR35)
Location: London / Hybrid - 2/3 days onsite
Sector: UK Financial Services
Rate: Competitive Market Rates (Role Dependent)
IR35: Inside
Day rate: up to 600 per day
Length: 9 months
All candidates must demonstrate:
- UK FinServ Compliance: Deep familiarity with DORA, FCA Operational Resilience, and the EU AI Act.
- AWS Bedrock Stack: Hands‑on experience with Agents, Knowledge Bases, Guardrails, and model lifecycles.
- AI/ML Core: Mastery of FMs, RAG, tool‑use, and non‑deterministic agent logic.
- Security Frameworks: Proficiency in OWASP LLM Top 10 and NIST AI RMF.
Role 1: Identity Expert
Mission: Secure the "Human‑to‑Agent" and "Agent‑to‑Resource" identity chain.
Key Tasks:
- Lead SPIFFE/SPIRE rollouts with AWS Roles Anywhere; harden OBO (On‑Behalf‑Of) flows.
- Implement sender‑constrained tokens (PoP) and JIT for non‑human identities.
- Modelling for Confused Deputy and Federation Hijacks; ensuring full traceability per EU AI Act Art. 12 & 14.
Role 2: Threat & Adversarial AI Expert
Mission: Lead structured offensive modeling to identify systemic AI vulnerabilities.
Key Tasks:
- Conduct STRIDE modeling and build attack trees for prompt injection and "Denial‑of‑Wallet" scenarios.
- Run scenario workshops to test real-world control effectiveness.
- Maintain an adversarial knowledge base and map safeguards to compliance frameworks.
Role 3: AI Evals & Red Teaming Expert
Mission: Automate the "Release Gate" for AI systems through rigorous adversarial testing.
Key Tasks:
- Integrate tools like Pyrit, Garak, or AgentDojo into CI/CD pipelines.
- Build frameworks for uncertainty, drift detection, and success rates.
- Own the AI-BOM and generate Article 15 evidence for bias, hallucination, and memorisation risks.
Cybersecurity Consultant - AI Security & Resilience Expert employer: Broughton Group
Randstad Technologies is an exceptional employer, offering a dynamic work environment in the heart of London with a hybrid model that promotes work-life balance. Employees benefit from competitive market rates and the opportunity to engage in cutting-edge projects within the UK Financial Services sector, fostering professional growth and expertise in AI security and resilience. With a strong focus on compliance and innovative practices, Randstad encourages continuous learning and collaboration, making it an ideal place for those seeking meaningful and rewarding careers.
StudySmarter Expert Advice🤫
We think this is how you could land Cybersecurity Consultant - AI Security & Resilience Expert
✨Get Active on Cybersecurity Forums
Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.
✨Show Off Your Skills with Public Projects
Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.
✨Attend Local Conferences and Meetups
Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!
✨Market Yourself Smartly
Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!
We think you need these skills to ace Cybersecurity Consultant - AI Security & Resilience Expert
Some tips for your application 🫡
Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help Broughton Group understand what you're capable of.
Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!
Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.
Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at Broughton Group.
How to prepare for a job interview at Broughton Group
✨Showcase Your Cybersecurity Skills
As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.
✨Prepare Your Portfolio
Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.
✨Stay Updated on Trends and Tools
Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.
✨Pitching Your Value as a Freelancer
When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help Broughton Group protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.
