Security Consultant/Engineer- 12 Month Contract- Inside IR35- Hybrid in Multiple UK Locations
Hamilton Barnes
Bristol, United Kingdom
6 days ago
Role details
Contract type
Temporary contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Compensation
£ 117KJob location
Bristol, United Kingdom
Tech stack
Agile Methodologies
Artificial Intelligence
Control Objectives for Information and Related Technology (COBIT)
Identity and Access Management
Information Management
Open Web Application Security
PCI Data Security Standards
Private Cloud Environment
Cloud Platform System
Mitre Att&ck
REST
Microservices
Job description
- Design secure solutions, documenting key security controls and adhering to security standards across networks, applications, and cloud environments
- Perform threat modelling by deconstructing technical solutions, identifying threats and vulnerabilities using recognised methodologies such as STRIDE and MITRE ATT&CK
- Analyse risks and benefits of design options to support safe architectural decisions, defining security testing requirements and assessing findings
- Communicate technical security concepts clearly to both technical and non-technical audiences, providing security direction, governance, and assurance
- Apply Agile methodologies to support engineers and deliver across multiple product initiatives simultaneously, driving engineering excellence
Requirements
- Broad knowledge of modern enterprise technologies including cloud and AI, with exposure to contemporary architectures such as RESTful APIs and containerised microservices
- Up-to-date knowledge of emerging threats with practical experience applying threat modelling frameworks including STRIDE and MITRE ATT&CK
- Strong understanding of cybersecurity domains across endpoint, network, cryptography, information management, and IAM in enterprise environments
- Awareness of industry security standards including ISO 27001, NIST, PCI DSS, COBIT, and OWASP, with experience in public and/or private cloud environments
- Desirable: security certifications such as CISSP, CISM, CCSP, CEH, or OSCP