At a Glance
- Tasks: Lead security initiatives and embed Secure-by-Design principles across M&S.
- Company: Join M&S, a dynamic and inclusive retail leader shaping the future of secure innovation.
- Benefits: Enjoy 20% discount, competitive holidays, bonuses, and extensive wellbeing support.
- Other info: Be part of a diverse team driving change in a rapidly evolving digital landscape.
- Why this job: Make a real impact in securing M&S against evolving cyber threats.
- Qualifications: 5 years in tech with security engineering experience; knowledge in multiple security domains.
The predicted salary is between 60000 - 80000 £ per year.
Join M&S as a Specialist Security Consultant and play a pivotal role in shaping the future of secure innovation. In this role, you'll lead a portfolio of change initiatives, embedding Secure-by-Design principles into everything we do. Your expertise will ensure that cyber risks are understood, managed, and reduced across the organisation. Working cross-functionally with teams across business and technology, you'll maintain strong relationships within your portfolio and help drive our mission to protect and strengthen M&S against evolving threats.
What you'll do
- Support the InfoSec relationship with identified portfolio of change
- Identify when your portfolio requires additional InfoSec support from areas such as Security Architecture, Security Design or Security Engineering and broker the engagement
- Provide security requirements and guidance into the change activities
- Responsible for ensuring Threat Modelling is in place for the identified programs, projects, engineering
- Work with GRC to inform on risk, compliance and assurance with regard to your portfolio of change
Who you are
- Clear understanding and experience of risk assessment and compliance frameworks
- 5 years in technology with at least 2 years' experience of security engineering or similar role
- Must be knowledgeable in 2 or more security domains:
- Application Security
- Network Security
- Infrastructure Security
- Cloud Security
- End-User Compute Security
- IoT and ICU Security
- Supporting qualifications in technology or security such as the following:
- Microsoft/Azure Architecture
- British Computer Society Diploma
- CISSP, CISM, CRISK, CGEIT, CCAK, CCSK, CCSP
- Computer Science or Cyber Security Degree
What's in it for you
Being a part of M&S is exactly that - playing your part to bring the magic of M&S to our customers every day. We're an inclusive, dynamic, exciting, and ever-evolving business built on doing the right thing and bringing exceptional quality, value, service to every customer, whenever, wherever and however they want to shop with us.
Here are some of the benefits we offer that make working for M&S just that little bit more special:
- After completing your probationary period, you'll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
- Competitive holiday entitlement with the potential to buy extra holiday days.
- Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
- A generous Defined Contribution Pension Scheme and Life Assurance.
- A dedicated welcome to our teams with a tailored induction and a wide range of training programs to develop your skills.
- Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
- Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
- Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
- A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.
Everyone's welcome
We are ambitious about the future of retail. We're disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We're transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.
We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.
If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don't hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.
Security Consultant: Secure-by-Design & Risk Lead employer: Marks and Spencer
Joining M&S as a Security Consultant means becoming part of a forward-thinking team dedicated to secure innovation and excellence. With a strong emphasis on employee development, competitive benefits, and a culture that values inclusivity and collaboration, M&S offers a dynamic environment where your expertise can thrive. Enjoy perks like a generous colleague discount, flexible working options, and comprehensive wellbeing support, all while contributing to a mission that prioritises security and customer satisfaction.
StudySmarter Expert Advice🤫
We think this is how you could land Security Consultant: Secure-by-Design & Risk Lead
✨Tip Number 1
Network like a pro! Reach out to current or former employees at M&S on LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
✨Tip Number 2
Prepare for the interview by understanding M&S's values and how they align with your experience. Be ready to discuss how you can embed Secure-by-Design principles in their projects—show them you’re the perfect fit!
✨Tip Number 3
Practice common interview questions related to risk assessment and security domains. We recommend doing mock interviews with friends or using online platforms to get comfortable with your responses.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in being part of the M&S team.
We think you need these skills to ace Security Consultant: Secure-by-Design & Risk Lead
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Security Consultant role. Highlight your experience in risk assessment and compliance frameworks, as well as any relevant security domains you've worked in. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about secure innovation and how you can contribute to our mission at M&S. Be sure to mention specific projects or experiences that demonstrate your expertise.
Showcase Your Technical Skills:Don’t forget to highlight your technical qualifications and certifications, like CISSP or CISM. We love seeing candidates who are knowledgeable in multiple security domains, so make sure to list them out clearly in your application.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll find all the details you need about the role and our company culture there!
How to prepare for a job interview at Marks and Spencer
✨Know Your Security Domains
Make sure you brush up on your knowledge of the various security domains mentioned in the job description. Be ready to discuss your experience in Application Security, Network Security, and Cloud Security, as well as how you've applied Secure-by-Design principles in past roles.
✨Showcase Your Risk Assessment Skills
Prepare to talk about your experience with risk assessment and compliance frameworks. Think of specific examples where you've identified and managed cyber risks, and be ready to explain how you would approach risk management for M&S's portfolio of change initiatives.
✨Engage Cross-Functionally
Since this role involves working with various teams, think about how you've successfully collaborated across departments in the past. Be prepared to share examples of how you’ve built strong relationships and brokered support from different areas like Security Architecture or Security Engineering.
✨Ask Insightful Questions
At the end of the interview, don’t forget to ask questions that show your interest in the role and the company. Inquire about M&S's current security challenges or how they envision the future of secure innovation. This not only demonstrates your enthusiasm but also helps you gauge if the company is the right fit for you.
