At a Glance
- Tasks: Lead security design reviews and risk assessments for innovative tech solutions.
- Company: Join a $13+ billion global tech leader with a startup mindset.
- Benefits: Competitive pay, 20 days vacation, and comprehensive insurance coverage.
- Other info: Great opportunities for personal growth and involvement in impactful initiatives.
- Why this job: Make a real impact in cyber security while working on exciting projects.
- Qualifications: Extensive experience in cyber security and strong knowledge of security frameworks.
The predicted salary is between 60000 - 80000 £ per year.
We are seeking a Senior Security Design Consultant to provide expert cyber security consultancy, security design assurance and risk-based guidance across business and technology change. The role is responsible for assessing new and amended services, applications, cloud platforms and third-party solutions to ensure security risks are understood, controlled and aligned to organisational risk appetite, regulatory obligations and industry best practice.
- Lead security design reviews, threat modelling and risk assessments for applications, infrastructure, cloud services and third-party solutions.
- Define and recommend proportionate security controls, patterns and design guardrails aligned to business objectives and risk appetite.
- Provide consultancy on secure architecture for internet-facing services, internal platforms, data flows and integration patterns.
- Advise on identity and access management, privileged access, recertification and access control design.
- Work closely with engineering, architecture, product and delivery teams in Agile and DevOps environments to embed security by design.
- Support compliance with security and regulatory frameworks including ISO 27001, PCI DSS, OWASP and internal standards.
- Review security posture of vendors and outsourced services, providing due diligence and third-party risk assurance.
- Present security findings, risk opinions and design recommendations clearly to both technical and non-technical stakeholders, including senior leadership.
Extensive experience in cyber security, security consulting, risk assessment or security architecture within regulated environments, ideally financial services.
- Strong knowledge of threat modelling methodologies, secure design principles, attack vectors and mitigating controls across network, application and cloud domains.
- Practical understanding of cloud security, secure application delivery, third-party risk management and access management practices.
- Experience applying recognised frameworks and standards such as ISO 27001, PCI DSS, OWASP, NIST and enterprise security control frameworks.
- Ability to translate complex technical risks into business language and provide clear, evidence-based recommendations.
- Demonstrable experience in security design, cyber risk, security consulting or related cyber security disciplines.
- Experience supporting cloud transformation, digital delivery, third-party assurance and regulated change programmes.
- Commercially aware and able to balance risk reduction with pragmatic business delivery.
- Structured, detail-oriented and focused on producing high-quality, repeatable outcomes.
Success in this role will be measured by the quality and timeliness of security assessments, the effectiveness of recommended controls, stakeholder confidence in security advice, and the consultant’s ability to enable secure delivery without unnecessary friction to business change.
Competitive compensation and benefits that includes up to 20 days’ vacation per year, various insurances like Term life and Business Travel insurance. Employee benefits are regulated by an internal policy that contains full details regarding the entitlement and conditions for the benefits as per the law of the land.
Great opportunities to make the role your own, upskill yourself and get involved with exciting projects. Alongside your professional excellence, you join likeminded colleagues to create a larger impact within the company and society at large in your chosen area of passion - CSR Council, Diversity Council, Women Connect, Sparks – Engagement Champion to name a few.
Senior Security Consultant in Leeds employer: HCLTech
HCLTech is an exceptional employer, offering a dynamic work environment that fosters innovation and collaboration among over 224,000 employees worldwide. With a strong commitment to employee growth, you will have the opportunity to upskill and engage in meaningful projects while enjoying competitive benefits, including generous vacation days and comprehensive insurance coverage. Our hybrid work model promotes flexibility, allowing you to balance your professional and personal life while contributing to impactful initiatives within the company and the community.