Information Security Consultant

B&M Retail
Liverpool, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Liverpool, United Kingdom

Tech stack

Computer Security
Simple Password Exponential Key Exchange (SPEKE)

Job description

We're currently looking for a passionate and knowledgeable Information Security Consultant to join our fast-paced and growing Information Security function. In this role, you'll work closely with technology teams, business stakeholders and third-party partners, providing security-by-design guidance and helping embed strong security practices across the organisation., * Provide security-by-design consultancy to projects, programmes and business initiatives from inception through delivery

  • Translate security policies, standards and risk requirements into clear, actionable guidance for technical and non-technical stakeholders
  • Act as the primary security point of contact for assigned business areas and change initiatives
  • Conduct and support information security risk assessments, threat modelling and control gap analysis
  • Advise on proportionate, risk-based treatments and support risk acceptance and governance processes
  • Embed security into technology change across cloud, infrastructure, identity, applications and third-party services
  • Support security testing activities and remediation planning with engineering and delivery teams
  • Build strong relationships with IT, Architecture, Engineering, SOC and business stakeholders
  • Contribute to security reporting, KPIs and governance forums to support

Requirements

  • An experienced Information Security Consultant, Advisor or similar
  • Confident in information security risk management, security controls and secure design principles
  • Experienced in supporting projects, programmes or product teams with security assurance
  • Knowledgeable of frameworks and standards such as ISO 27001, NIST or CIS
  • Able to communicate clearly with technical and non-technical stakeholders
  • Pragmatic, commercially aware and able to balance security with business pace
  • Experienced in retail or e-commerce environments, including customer-facing platforms or payment risk
  • A professional security qualification such as CISSP (desirable but not essential)

Benefits & conditions

This is a full-time, permanent role based at our Support Centre in Speke, Liverpool.

Apply for this position