At a Glance
- Tasks: Advise on security during IT divestments and assess technical designs.
- Company: Leading financial services firm in Edinburgh with a focus on security.
- Benefits: Flexible working, competitive salary, and opportunities for professional growth.
- Other info: Inclusive workplace valuing diversity and offering support throughout the recruitment process.
- Why this job: Join a dynamic team and make a real impact in information security.
- Qualifications: Extensive experience in information security and IT divestment projects.
The predicted salary is between 60000 - 80000 £ per year.
Information Security Consultant (CISO, Divestment) needed for our Financial Services client in Edinburgh. The right candidate must have extensive demonstrable experience as a Senior Information Security Consultant or senior security SME within large enterprise environments along with previous experience supporting IT divestments, separation, carve‑out or M&A activities from an Information Security & Risk standpoint.
Candidates must engage via an FCSA accredited Umbrella company and will be required onsite approximately 2 days per week in Edinburgh.
In addition to prior InfoSec divestment experience, candidates should have a broad and deep understanding of:
- Application segregation and separation
- Identity and access management separation (including Active Directory / Entra ID separation)
- Data management and information risk (including data classification and handling during migration, data transfer, duplication, decommissioning risks, and data leakage during transition)
The successful candidate will be responsible for helping to advise and guide on a separation & divestment portfolio, assessing & challenging technical designs, translating technical security risk into clear advice for project teams and identifying, detailing and prioritising real security risks in imperfect transitional states rather than aiming for theoretical target‑state purity.
Key Skills:
- Proven experience operating as a hands‑on Information Security Consultant or Senior Security SME within large enterprise environments
- Proven experience supporting IT divestment, separation, carve‑out or M&A programmes, with direct involvement in technical and architectural security decisions
- Strong, practical understanding of application segregation and separation, including access control models, authentication and authorisation separation, data boundary definition, and transitional/shared service risks
- Strong, practical understanding of identity and access management separation, including Active Directory / Entra ID separation, tenant and domain separation, and identity lifecycle and residual access risks
- Strong understanding of data management and information risk, including data classification and handling during migration, data transfer, duplication, decommissioning risks, and data leakage during transition
- Ability to assess and challenge technical designs produced by architects and engineers, not just review them at a high level
- Ability to identify, describe, and prioritise real security risks in imperfect transitional states rather than aiming for theoretical target‑state purity
- Ability to translate technical security risk into clear, actionable advice for programme and project teams
- Strong analytical, communication, and problem‑solving skills
- Hands‑on advisory experience across cloud environments, particularly AWS accounts, IAM, network and trust boundary separation, and shared services
- Experience engaging directly with enterprise applications, including SaaS, on‑prem, and hybrid solutions
- Practical understanding of privileged access management in separation scenarios
- Experience contributing to or drafting risk assessments, security positions, and exception recommendations
- Ability to work constructively with delivery teams
- Practical experience working within UK financial services environments, with awareness of FCA/PRA expectations and regulator‑defensible security outcomes
If interested, immediately available and able to work in Edinburgh 2 days per week, please Apply Immediately!
Head Resourcing is committed to being an inclusive business where diversity is valued and celebrated. We welcome enquiries and applications from everyone. We will be happy to discuss with you any workplace adjustments you need in order to be at your best during the recruitment process.