Principal Security Consultant
Role details
Job location
Tech stack
Job description
As a Principal Security Consultant at LRQA, you will be integral to delivering a wide range of security assessments. This includes penetration testing against a variety of environments and technologies, in addition to delivering Cyber Essentials, PCI DSS, and leading engagements under the NCSC's CHECK scheme. This position is remote, however your time is expected to be split between home working (50%) and on customer sites (50%), with visits to our Birmingham office when needed.
Your day-to-day responsibilities will include:
- Client Interaction: Managing the entire lifecycle of security engagements, from kick-off calls through testing, reporting, and debriefing.
- Quality Delivery: Producing high-quality, thorough reports that demonstrate continuous improvement.
- Consultancy: Developing and maintaining professional, consultative client relationships and supporting scoping efforts where required.
- Project Leadership: Leading medium to large projects and taking responsibility for one or more strategic clients.
- Team Development: Providing ongoing mentorship to junior consultants and contributing to team and process improvement.
- Thought Leadership: Providing technical analysis of current IT security events, particularly for media coverage when requested.
Requirements
You should have strong technical skills in information security, with hands-on professional experience in penetration testing across applications, infrastructure, cloud platforms (Azure, AWS, Oracle), mobile environments (Android and iOS), and social engineering., * Excellent written and spoken English skills with the ability to explain complex technical concepts to non-technical audiences.
- Ability to work both independently and as part of a high-performing team, with the capability to lead, teach, present, and inspire colleagues.
- At least 36 months of relevant cybersecurity industry experience within the past 5 years.
- CREST Certified Tester (CCT) or Cyber Scheme Team Leader (CSTL).
- UK Cyber Security Council professional title (Principal or Chartered)
- Current UK security clearance (SC).
Experience in additional technical domains such as container security, code review, or threat modelling would be advantageous.
The ideal candidate
We are looking for someone who truly cares about cybersecurity and the impact their work has on client organisations. You should be a self-starter, naturally curious about emerging threats and comfortable working at the cutting edge where solutions aren't always obvious or well-documented.
We need someone who can be great at what they do while leaving their ego at the door, understanding that true excellence comes from teamwork, humility, and continuous growth. You'll thrive in our team if you're the type of person who actively shares knowledge, asks for help when needed, and believes that lifting up your teammates strengthens the entire team.
Most importantly, you should be driven by a genuine desire to help clients, not just identifying vulnerabilities but working with them to improve their security posture.
Benefits & conditions
- Competitive remuneration package
- 8% employer matched pension scheme
- Private healthcare through AXA Health
- Clear career advancement paths with opportunities for progression within LRQA
