Technical Security Consultant
At 118 118 Money, we help people every day. Our innovative personal loans and revolutionary credit cards have been game changers in the UK financial services space, giving folks access to the affordable credit that we believe they deserve.
Based in Cardiff or London, we are looking for a Technical Security Consultant to champion information security across the business; leading the delivery of security in IT services, software development and cloud infrastructure.
To support the 118 118 Money infosec programme, you will deliver in three areas:
- Evaluating the opportunities and risks associated with new technical projects (e.g. the delivery of new applications, changes to platforms and infrastructure, changes to business processes, etc.). You will assess the impact of projects on our security posture, define controls to meet the security requirements of CIS 20, PCI DSS, ISO 27001 and DPA2018, and work with the Technology team to drive their delivery.
- Conducting technical audits against CIS controls, PCI DSS and ISO 27001 requirements.
- Leading threat assessment and threat hunting exercises.
In addition, you will work with teams throughout 118 118 Money to help them deliver secure products and services to our customers. This will include:
- The delivery of technical, procedural and cultural security controls.
- Assisting with cyber incident response.
- Contributing to the operation of our risk management framework.
- Conducting internal audits in support of ISO27001.
The Ideal Candidate
- You will have a strong background in IT that you apply to your role in delivering security (ideally you will have maintained or managed services and software in a Windows enterprise environment, prior to working in a dedicated infosec role).
- Financial Services experience would be desirable.
- You will be experienced at defining and delivering technical security requirements and be comfortable auditing against technical security frameworks like the CIS 20 and PCI DSS.
- You will have an excellent knowledge of cyber security tools, products and services.
- Knowledge of AWS would be advantageous.
- You are comfortable working with complexity and ambiguity, and you take a logical approach to navigating this and identifying the key things that need to get done.
Please be aware that should we pursue your application, all our Financial Services employees will be expected to complete background checks to assess suitability for employment, these include; a criminal record, identity, sanctions, adverse finance, fraud prevention and reference checks to comply with our regulatory requirements.