At a Glance
- Tasks: Lead security design and assurance for online platforms, ensuring robust protection against risks.
- Company: Join M&S, a dynamic and inclusive leader in the retail industry.
- Benefits: Enjoy a 20% discount, competitive holidays, bonuses, and a generous pension scheme.
- Other info: Be part of a diverse team that values innovation and personal growth.
- Why this job: Make a real impact in securing digital services while working with cutting-edge technology.
- Qualifications: Senior experience in security consulting and strong knowledge of Azure cloud security required.
The predicted salary is between 70000 - 90000 £ per year.
The Principal Security Consultant (Online) is a senior, hands-on security specialist supporting the secure design and delivery of online and digital platforms. The role provides expert security assurance, design review, and DevSecOps guidance across web, mobile, API, and cloud-native services hosted primarily on Microsoft Azure. The role works closely with the Business Information Security Officer (BISO) for the online domain to ensure security risks are identified early, assessed pragmatically, and managed in line with business priorities and enterprise risk appetite.
What you'll do
- Review and assess solution designs and architectures for online and digital services
- Identify security risks across identity, APIs, cloud services, data flows, and third-party integrations
- Provide clear, proportionate security recommendations aligned to enterprise standards
- Advise on embedding security controls into CI/CD pipelines (e.g. SAST, SCA, secrets scanning, IaC scanning)
- Support secure engineering practices across build, deploy, and operate phases
Who you are
- Senior experience in security consulting, product security, or application security
- Strong background in online and digital platforms (web, mobile, APIs, e-commerce)
- Proven ability to review and challenge technical designs and architectures
- Strong understanding of DevSecOps and modern CI/CD practices
- Hands-on knowledge of Azure cloud security
What’s in it for you
Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day. We’re an inclusive, dynamic, exciting, and ever-evolving business built on doing the right thing and bringing exceptional quality, value, service to every customer, whenever, wherever and however they want to shop with us.
After completing your probationary period, you’ll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household. Competitive holiday entitlement with the potential to buy extra holiday days! Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business. A generous Defined Contribution Pension Scheme and Life Assurance. A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills. Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing. Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family. Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family. A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.
Everyone’s welcome
We’re ambitious about the future of retail. We’re innovating, disrupting, and leading the way into a more inspiring, digital era. It’s an exciting time to be part of M&S. To support us on our journey, we’re building inclusive, diverse teams where everyone can be themselves, do their best work, and make change happen. We support each other and succeed together. Don’t worry if you don’t meet every single requirement of the job description. It’s more of a guide to what’s possible within the role. If you’re passionate, ready to work hard, and think the role feels right for you, we’d love to hear from you.
Principal Security Consultant in City of Westminster employer: Marks & Spencer Plc
Marks & Spencer Plc is an excellent employer, offering a vibrant work culture that fosters innovation and collaboration in the heart of Salford. Employees benefit from a competitive package, extensive professional development opportunities, and the chance to lead cutting-edge HR technology initiatives, making it a rewarding place for those looking to make a meaningful impact in their careers.
StudySmarter Expert Advice🤫
We think this is how you could land Principal Security Consultant in City of Westminster
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with potential colleagues on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for those interviews by brushing up on your technical skills and understanding the latest trends in security consulting. We recommend practising common interview questions and even doing mock interviews with friends to build your confidence.
✨Tip Number 3
Showcase your hands-on experience! When discussing your past roles, highlight specific projects where you’ve implemented security measures or improved processes. This will demonstrate your expertise and make you stand out as a candidate.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in being part of our team at M&S.
We think you need these skills to ace Principal Security Consultant in City of Westminster
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that align with the Principal Security Consultant role. Highlight your hands-on security experience, especially in online and digital platforms, to catch our eye!
Craft a Compelling Cover Letter:Use your cover letter to tell us why you’re passionate about security consulting and how your background fits with our needs. Be specific about your experience with Azure cloud security and DevSecOps practices.
Showcase Your Problem-Solving Skills:In your application, give examples of how you've identified and managed security risks in past roles. We love seeing candidates who can think critically and provide clear, actionable recommendations.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Marks & Spencer Plc
✨Know Your Stuff
Make sure you brush up on your knowledge of security consulting, especially around online and digital platforms. Be ready to discuss your hands-on experience with Azure cloud security and how you've tackled security risks in past projects.
✨Showcase Your Problem-Solving Skills
Prepare to share specific examples where you've identified and managed security risks. Think about times when you had to challenge technical designs or provide clear security recommendations. This will demonstrate your ability to think critically and pragmatically.
✨Understand DevSecOps
Familiarise yourself with modern CI/CD practices and how security controls can be embedded into these pipelines. Be prepared to discuss tools like SAST, SCA, and secrets scanning, and how they fit into secure engineering practices.
✨Align with Company Values
Research M&S's commitment to inclusivity and innovation. During the interview, express how your values align with theirs and how you can contribute to their mission of delivering exceptional quality and service. This shows you're not just a fit for the role, but for the company culture too.