Principal Security Consultant

As a Principal Security Consultant at LRQA, you will be integral to delivering a wide range of security assessments. This includes penetration testing against a variety of environments and technologies, in addition to delivering Cyber Essentials, PCI DSS, and leading engagements under the NCSC's CHECK scheme.

Your day-to-day responsibilities will include:

• Client Interaction: Managing the entire lifecycle of security engagements, from kick-off calls through testing, reporting, and debriefing.
• Quality Delivery: Producing high-quality, thorough reports that demonstrate continuous improvement.
• Consultancy: Developing and maintaining professional, consultative client relationships and supporting scoping efforts where required.
• Project Leadership: Leading medium to large projects and taking responsibility for one or more strategic clients.
• Team Development: Providing ongoing mentorship to junior consultants and contributing to team and process improvement.
• Thought Leadership: Providing technical analysis of current IT security events, particularly for media coverage when requested., If you are successful in securing a role with us, we will carry out preemployment checks in accordance with what is permitted under local law.

These checks may include, where legally allowed: right to work, identification, verification of employment history, education, and criminal record checks.

We will engage our thirdparty background screening provider, Cfirst to conduct these checks on our behalf. Cfirst performs all processing in full compliance with applicable data protection laws and adheres to strict legal, regulatory, and ethical obligations in handling personal data.

Any personal information collected for the purpose of these checks will be used solely for evaluating your suitability for employment and will be retained only for as long as necessary to fulfil these purposes and meet legal requirements.

Your data will be stored securely and managed in accordance with all relevant privacy legislation.

You should have strong technical skills in information security, with extensive hands-on professional experience in penetration testing across applications, infrastructure, cloud platforms (Azure or AWS), mobile environments (Android and iOS), and social engineering., * Excellent written and spoken English skills with the ability to explain complex technical concepts to non-technical audiences.

• Ability to work both independently and as part of a high-performing team, with the capability to lead, teach, present, and inspire colleagues.
• At least 3 years of relevant penetration testing / cybersecurity industry experience within the past 5 years.
• OSCE, CREST Certified Tester (CCT), Cyber Scheme Team Leader (CSTL), or an equivalent level security certification.
• Experience in additional technical domains such as OT, container security, code review, or threat modelling would be advantageous.

The ideal candidate

We are looking for someone who truly cares about cybersecurity and the impact their work has on client organisations. You should be a self-starter, naturally curious about emerging threats and comfortable working at the cutting edge where solutions aren't always obvious or well-documented.

We need someone who can be great at what they do while leaving their ego at the door, understanding that true excellence comes from teamwork, humility, and continuous growth. You'll thrive in our team if you're the type of person who actively shares knowledge, asks for help when needed, and believes that lifting up your teammates strengthens the entire team.

Most importantly, you should be driven by a genuine desire to help clients, not just identifying vulnerabilities but working with them to improve their security posture.

• Competitive remuneration package
• 8% employer matched pension scheme
• Private healthcare through AXA Health
• Clear career advancement paths with opportunities for progression within LRQA
• We maintain a strong commitment to diversity, equity, and inclusion.

As the world's leading global risk management partner, we're a force for good with sustainability at our core. We operate in over 150 countries and are recognised by over 30 accreditation bodies worldwide. Our world-class experts in cybersecurity, assessment, advisory, and inspection services work hand in hand with our clients to solve their biggest business challenges. We're here to shape a better future together; helping our clients strengthen their cybersecurity maturity, source responsibly, achieve product integrity, navigate the energy transition and assure their assets and management systems. And while we're proud of our history of delivering game-changing market firsts, we're quick to embrace change and new ideas from diverse perspectives. Our people are ambitious, future focused and share our passion about driving positive change., At LRQA, you will be part of an exciting work environment, working alongside a highly-experienced and skilled team to help high-profile organisations solve complex challenges. We'll support your growth through certifications, skills development, and the chance to work on cutting-edge research and innovation that keeps you at the forefront of the industry., Diversity and Inclusion at LRQA: We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business. Together our employees make our communities better and we want you to be part of our diverse team! LRQA is a leading global assurance provider. The integrity and expertise we bring to our partnership with clients support their journey to a safer, more secure and more sustainable future. (Group entities).