Role Name: Senior Security Design Consultant
Type: Contract – Inside IR35
Location: Leeds, Manchester and Bristol, UK
Hybrid/Remote: Onsite
Role Overview
We are seeking a Senior Security Design Consultant to provide expert cyber security consultancy, security design assurance and risk-based guidance across business and technology change. The role is responsible for assessing new and amended services, applications, cloud platforms and third-party solutions to ensure security risks are understood, controlled and aligned to organisational risk appetite, regulatory obligations and industry best practice.
Required Experience and Skills
- Extensive experience in cyber security, security consulting, risk assessment or security architecture within regulated environments, ideally financial services.
- Strong knowledge of threat modelling methodologies, secure design principles, attack vectors and mitigating controls across network, application and cloud domains.
- Practical understanding of cloud security, secure application delivery, third‑party risk management and access management practices.
- Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks.
- Ability to translate complex technical risks into business language and provide clear, evidence‑based recommendations.
- Exposure to contemporary architectures. e.g. RESTful APIs and containerised microservices.
- Strong stakeholder management, written communication and presentation skills, with confidence engaging senior managers and control functions.
