Information Technology Security Consultant
Hybrid
Sheffield, United Kingdom
Freelance
13-03-2025
Job Specifications
Banking/Financial Services in recent years is a must.
In this role you will carry out most of the following:
Support control operators to Lead, and deliver transformational initiatives across multiple controls to manage risk in line with the organisations priorities, utilising Agile methodology and tooling, with a focus on using automated solutions.
Ensure technology controls are aligned with industry standards, regulatory requirements, and the company’s risk management strategy.
Undertake initiatives to enhance or remediate controls in a sustainable manner to provide enduring outcomes for the organisation.
Monitor and report on the effectiveness of technology controls, identifying areas for improvement and report to executive management.
Establish and monitor key control indicators (KCIs) to track the effectiveness of risk mitigation efforts.
Develop and maintain relationships with key senior stakeholders (such as GBGF’s, Second/Third Line of Defense, and External Audit) to promote a unified approach to technology risk management across the organization.
Use Risk related data to help influence the prioritisation of activities.
Requirements:
Track record of delivering sustainable outcomes in an enterprise scale organisation.
Evidence of influencing at c-suite level and managing senior stakeholders with conflicting opinions.
Extensive experience in technology risk management, with a track record of successfully implementing and enhancing control design and operations or demonstrate specific experience of supporting control compliance from within a business area.
Understanding of control operation, regulatory requirements, and industry best practices.
Proven ability to effectively communicate complex technical concepts to diverse audiences, including senior leadership and non-technical stakeholders.
Exceptional analytical and problem-solving skills, with the ability to navigate and assess complex technology landscapes preferred
Knowledge of enterprise risk management software and tools in a large financial services organization.
Excellent project management skills with a track record of successfully leading large-scale initiatives preferred
About the Company
Vallum Associates offer best in class talent acquisition on a contingency, retained, or project basis. Through our dedicated sector consultants, our specialised brands have the knowledge and connections to provide tailored hiring and project services across industries : * Banking & Financial * Energy, Utilities & Commodities * Engineering & Renewable * Insurance Services Our specialised industry and sector specific consultants are able to offer a personalised experience to fit your needs. Our unique associate consultativ... Know more
Related Jobs
- Company Name
- WNTD
- Job Title
- Network Security Engineer
- Job Description
- Job Title: Security Engineer – Cisco (OT Environment) Location: Remote Start Date: Within 2–3 weeks Contract Length: 6 months+ Inside IR35 Overview: We're looking for an experienced Cisco Security Engineer to join on a 6-month+ contract. This role will focus on configuring firewalls within an operational technology (OT) environment, and the ideal candidate will be able to hit the ground running. Key Responsibilities: Configure and manage Cisco firewalls, including ASA and Firepower, within a complex OT environment. Support routing and switching operations at CCNP level or above. Collaborate with teams across the UK and US to ensure seamless security posture across sites. Liaise with internal stakeholders to integrate security solutions effectively. Potential use of 3rd-party security management tools like Algosec or Tufin. Requirements: Proven experience at CCNP level in routing and switching. Hands-on experience with Cisco ASA and Firepower firewalls. Strong troubleshooting skills and ability to work independently. Flexibility to support UK working hours, with occasional evening work to coordinate with US-based teams. Nice to Have: Experience with Cisco ISE. Background in a manufacturing or OT-heavy environment. Familiarity with tools such as Algosec or Tufin.
- Company Name
- Hays
- Job Title
- Program Director - Enterprise Security
- Job Description
- Enterprise Security - Programme Director Join a leading technology provider as an Enterprise Security Programme Director! Job Overview: This role involves leading and overseeing the planning, execution, and delivery of enterprise-wide security programs. You will ensure that security initiatives align with the organisation’s strategic objectives, regulatory requirements, and risk management frameworks. Contract Length: 6 months (with visibility to extend to 12) Daily Rate: £700 per day Location: Cambridge (twice per week on-site) Key Responsibilities: Develop and execute a comprehensive security program strategy aligned with business objectives. Establish governance structures, reporting mechanisms, and risk management frameworks for security initiatives. Ensure compliance with relevant regulations, standards, and industry best practices (e.g., ISO 27001, NIST, GDPR). Act as a key liaison between security, IT, business units, and executive leadership. Oversee the planning, budgeting, and execution of security projects, ensuring timely and within-budget delivery. Key Requirements: Experience in cybersecurity, IT security, or related fields. Leadership or programme management roles. Proven track record of delivering large-scale security programs in complex environments. Strong understanding of cybersecurity frameworks, regulatory requirements, and risk management methodologies. Experience delivering change across security technologies such as SIEM, EDR, IAM, and cloud security. Familiarity with project management methodologies (e.g., Agile, PRINCE2, PMP). Industry certifications such as CISSP, CISM, PMP, PRINCE2, or TOGAF. Start Date: ASAP
- Company Name
- NHS Supply Chain
- Job Title
- Cyber Security Compliance Coordinator
- Job Description
- Job Title Cyber Security Compliance Coordinator Function: Data & Technology Location: Nottingham/Hybrid Contract type: Permanent Salary: £41,826 with potential to rise to £49,207 over 3 years, Closing Date: Monday 7th April 2025 NHS Supply Chain currently has an opportunity for a Cyber Security Compliance Coordinator to join our team during an exciting period of transformation, working to make it easier for the NHS to put patients first. We are seeking an experienced Cyber Security Compliance Coordinator which will be a key role within NHS Supply Chain's Cyber Security Team, as part of the Data and Technology Directorate. In this first dedicated Governance, Risk and Compliance (GRC) role, you will manage a number of compliance projects, the delivery of which ensures NHS Supply Chain can provide assurance of its cyber security posture. The role will require engaging with a wide range of internal stakeholders, as well as outsourced IT partners. You will be required to conduct horizon scanning, to ensure NHS Supply Chain is well prepared to deal with any upcoming changes to relevant compliance frameworks such as the Data and Security Protection Toolkit (DSPT) and Cyber Assessment Framework (CAF). Every day you will … Explore and develop a basic understanding of external GRC related developments or emerging issues and contribute to the evaluation of their potential impact on, or usefulness to, the organisation. Maintain a deep knowledge and understanding of the organisation's policies and procedures. Identify, within the team, patterns of noncompliance with the policies and procedures and with relevant compliance frameworks, taking appropriate action to report and resolve these and escalating issues as appropriate Contribute to stakeholder engagement by finding out their needs, issues, and concerns; and by reacting to these needs, issues, and concerns, arranging meetings and events and drafting supporting materials to promote understanding and commitment Collate and analyse data alongside delivering small and medium sized projects. Develop an understanding of cyber risk in our supply chain, supporting third party risk assessements. We Want To Reward You For Your Passion, Enthusiasm, And Hard Work So We Offer Much More Than a Competitive Salary Hybrid working opportunities, giving you the flexibility to work collaboratively in the office and remotely. We recognise our employees' hard work and contributions with annual bonus schemes, long service, and VIP colleagues awards. 27 days holiday plus bank holidays, with the option to purchase an additional 5 days. We are dedicated to your development, through in-house training, support, and access to external qualifications to maximise your potential. A focus on your well-being offering 1 day of paid well-being leave and free access to the 24/7 Employee Assistance Programme Generous pension scheme (with us contributing 12% when you contribute 6%) Access to our Flexible Benefits Scheme, where you can choose from a variety of benefits such as Life Insurance, Critical Illness Cover, Income Protection, Health Cash Plan, Dental Insurance, and additional pension contributions that suit you. 2 days of paid volunteering leave allowing you to give back to your community. Access to many discounts from the Blue Light Card to NHS Discounts. NHS Supply Chain, who are we? Our role is to support the NHS to save lives and improve health. We are a part of the NHS family, and our role is to source, deliver and supply healthcare products, services and food for NHS trusts and healthcare organisations across England and Wales. We serve every NHS Trust and operate a national network of distribution centres, managing relationships with more than a thousand suppliers and delivering more than 8,000,000 orders each year to more than 17,000 locations. Doing all of this on behalf of the NHS gives NHS staff more time to focus on their main priority of providing excellent patient care. What skills will help you thrive in this role? Previous experience of working in a Project Management role, ideally within IT. Strong stakeholder management experience with the ability to influence senior stakeholders. Experience in managing projects with the ability to prioritise your workload with minimum supervision. Strong analytical skills, with previous experience of using Project Management tools such as Prince etc A good understanding of security policies and compliance frameworks within this area. Want to develop your career with the NHS Supply Chain? Then apply below or reach out for an informal discussion about the role in confidence by emailing us at Careers@supplychain.nhs.uk Our Inclusive Commitment At NHS Supply Chain, we are committed to building an inclusive environment where difference is not only valued, but celebrated, giving everyone the opportunity to thrive in their career. Developing our people is key to our success, so if this role sounds like the right next step in your career but your experience doesn’t match perfectly with the job advert, we encourage you to still apply. Struggling to complete our application form, and require additional support? Reach out to our Talent Acquisition team at careers@supplychain.nhs.uk who will be happy to help you with alternative ways to apply. We reserve the right to close any vacancy from further submissions when we have received sufficient applications from which to make a shortlist. Please apply without delay if you wish to be considered for this role. SCCL is a company Registered in England and Wales, with company number 10881715, to act as the management function of the NHS Supply Chain.
- Company Name
- Formula 1
- Job Title
- Security Engineer - FTC
- Job Description
- Our team of hundreds of skilled experts keep Formula 1 moving. We’re on the lookout for a Security Engineer to work with us on a 12-month FTC! Reporting to the Cyber Security Manager, the main purpose of this role is to support the development and management of security technologies across F1’s growing technology landscape. Main Duties & Responsibilities: Assess and maintain high standards of security maturity across Formula 1’s cloud infrastructure Focus on new and existing infrastructure, managing technical vulnerabilities, support continued system maintenance, and minimise technical debt Ensure visibility and reporting of Cloud infrastructure against Formula 1’s compliance and security standards (such as ISO 27001 and CIS) Main duties to be carried out include, but not limited to: Vulnerability Management and reporting across Formula 1’s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1’s security standards Support in the delivery and management of security design and architecture reviews Working closely with Infrastructure teams on security design and control strategies to reduce risks The definition and operation of secure development / operations (DevOps) practices, inc. code scanning, Kubernetes, container security. System and device hardening policies and reporting Technology focused threat assessments to identify threats/risks Documentation of security requirements, patterns, and processes Liaising closely with Formula 1’s cyber security, infrastructure, and digital teams on new and existing initiatives. About You: Extensive hands-on experience with AWS cloud infrastructure – inc. AWS Security Services (CloudTrail, Guard Duty, WAF, IAM, Security Hub etc.) Knowledge of CI/CD including DevSecOps patterns and principles Infrastructure as code experience utilising Terraform Knowledge of container technologies Extensive experience with AWS Security Services & Governance and Information Security Best Practices Experience with other enterprise cloud platforms e.g. Azure Kubernetes experience Identity & Access Management deployment and administration (e.g. Okta, Entra ID) Web application security technologies – WAF, Bot Protection, DDOS Protection, etc. Adaptable, passionate and a team-player Division: Technical