Security Consultant

As a Senior Security Consultant, you won't just be "checking boxes." You will be the technical security lead for a high-velocity engineering mission. Reporting directly to the CISO leadership, you will act as both a guardian and an enabler, ensuring that our "secure-by-design" philosophy is baked into every line of code and every AWS instance before we go live. You will operate at the intersection of Fast-Paced Engineering and Robust Banking Governance. Your role is to bridge the gap between a modern "move-fast" DevOps mindset and the rigorous security standards of a Global Bank., 1. Security Architecture & "Shift-Left" Consultancy

• Drive end-to-end security solutions across platform and product engineering.
• Perform deep-dive architectural reviews and threat modeling to catch risks in the design phase.
• Deliver pragmatic, cost-effective guidance that accelerates delivery rather than blocking it.

2. Cloud & DevSecOps Leadership

• Architects secure AWS workloads using cloud-native services, IAM, and zero-trust networking.
• Secure our GitHub-based CI/CD pipelines and containerized environments (Docker/Kubernetes).
• Champion "Controls-as-Code"-moving away from manual audits toward automated, immutable evidence and policy-as-code.

3. Strategic Risk & Stakeholder Management

• Act as the key conduit to CISO leadership, identifying "blockers" and high-risk items early.
• Translate complex technical threats into business risk for both engineers and executive stakeholders.
• Influence the Security Steering Group to ensure the platform meets the CISO risk appetite.

4. Modern Workspace Hardening

• Lead the security hardening of our modern collaborative stack, including Google Workspace and a MacBook-based EUC estate managed via JAMF., Barclays is a British universal bank. It is diversified by business, by different types of customers and clients, and by geography. Barclays businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by its service company which provides technology, operations and functional services across the Group. Values Everything Barclays does is shaped by its five values of Respect, Integrity, Service, Excellence and Stewardship. The Barclays values inform the foundations of its relationships with customers and clients, but they also shape how Barclays measures and rewards the performance of colleagues. Simply put, success is not just about what you achieve, but about how you achieve it. Diversity Barclays aims to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included and their talents are nurtured, empowering them to contribute fully to Barclays vision and goals. Hybrid Working Barclays is currently in the early stages of implementing a hybrid working environment, which means that many colleagues spend part of their working hours at home and part in the office, depending on the nature of the role they are in. Barclays is flexible on how this works and it may continue to change and evolve. Depending on your team, typically this means that colleagues spend a minimum of between 20% to 60% of their time in the office, which could be over a week, a month or a quarter. However, some colleagues may choose to spend more time in the office over a typical period than their role type requires. Barclays also has a flexible working process where, subject to business needs, all colleagues globally are able to request work patterns to reflect their personal circumstances

You are a seasoned Cyber Security professional who thrives in high-pressure, agile environments. You know how to navigate the governance of a major bank while speaking the language of a cloud-native developer. Technical Essentials:

• Extensive experience in Security Architecture or Consulting, ideally within Financial Services or Fintech.

• Cloud Mastery: Deep expertise in AWS security, architecture patterns, and operational guardrails.

• Modern Tooling: Hands-on experience securing CI/CD pipelines, Infrastructure-as-Code (IaC), and Kubernetes.

• Domain Depth: Strong knowledge of Cryptography, AppSec, IAM, and Network Segmentation.

• Frameworks: Practical application of NIST, ISO 27001, and PCI DSS. Desirable "Extra Credit":

• Experience in Merchant Acquiring or Payment flows.

• Specific experience securing MacBook estates (JAMF) and Google Workspace.

• Proven ability to lead "Red Team" readiness and pre-go-live assurance.

As a contract employee of Randstad Sourceright, you'll receive a wide range of financial and personal benefits. There's enrolment in a pension plan (after 12 weeks on assignment) and holiday pay. You'll also get 24/7 access to an Employee Assistance Programme, designed to help you deal with any problems that could be affecting your home or work life. Plus, there's discounts at heaps of high street shops, restaurants and entertainment - from Asda to Zizzi Italian restaurants.

Barclays is reinventing the merchant acquiring landscape. We are building a greenfield, cloud-native, fintech-style platform from the ground up-completely independent of legacy constraints.