Senior Technical Security Consultant

We are looking for a consultant to work as part of our Security Consultancy team to support the delivery of business change as we move capabilities to the cloud in a scaled agile environment with a strong and evolving DevSecOps approach. Work to support fast-paced change in an exciting and growing business as Admiral continues to develop its offerings placing the customer at the centre of everything we do.  

As a Senior Technical Security Consultant your main responsibilities will be: 

• Understand the Strategic Business Objectives and actively contribute to achieving them. 
• Provide technical security consultancy to the change delivery functions – agile & waterfall. 
• Assess and improve security posture in CI/CD pipelines. 
• Support the Security Champions Programme and DevSecOps. 
• Liaise with technical stakeholders within Agile Tribes, Projects, and Programmes. 
• Assess changes for technical vulnerabilities and threat models, assess security risk exposure and identify appropriate controls to bring the risk within tolerance. 
• Engage effectively with specialists in Security Architecture, Security Operations, Security Culture, Security Delivery, and Security Risk and Governance teams to ensure completeness and consistency of the advice provided to delivery functions. 
• Ensure advice provided is of a high standard and based on best practice, supported by Security Leadership and within the cost and risk tolerance of the organisation. 
• Work closely with specialists in Security Operations to build operational use cases for detection and response capabilities. Ensuring Logging and Monitoring, Incident Response, and Threat Intelligence are all considered and included in security requirements and are implemented, tested, and validated by the business change delivery owner. 
• Work closely with all areas of Infosec to provide continuous improvement of the advice from knowledge gained from analysing and resolving information security incidents that can be used to reduce the likelihood and/or impact of future incidents.
• Apply the information security risk assessment process to identify risks within the scope of the information security management system and identify the risk owners. 
• Act as a champion for information security initiatives and maintain high standards of integrity and professionalism. 
• Delivering risk assessment reports, threat modelling, and risk treatment recommendations in a timely and repeatable manner
• Contribute to, and maintain effective risk management mechanisms to ensure that system owners have an accurate and current view of information risk exposure. 
• Meeting the InfoSec strategic objectives. 
• Continuously develop technical security skills and capabilities per the organisation’s strategic objectives.
• Development of security playbooks and component specifications. 
• Mentor junior consultants in the team. 
• Support the Technical Security Consultancy Team Manager with required workload management and artefact reviews. 
• Support the Technical Security Consultancy Team Manager with delivering roadmaps to the department. 

Experience and Qualifications Required

Essential skills:

• Technical background, with knowledge of one or more of the following, Development, IT support, Data Science, networking or system administration. 
• Understanding of Cloud migration and Application Security development lifecycle and DevSepOps principles, automation, and familiarity with security architecture modelling. 
• Knowledge and experience in securing Azure and/or Google Cloud Platforms. 
• Knowledge and experience in using at least one risk methodology. 
• Security Software as a Service implementations. 
• Strong stakeholder management and communication skills and a proven track record of working with businesses to meet strategic objectives. 
• Ability to discuss highly complex and technical problems and solutions in business language. 
• Confident in presenting recommendations to the Security Leadership for go/no-go meetings. 
• Great influencer, enabling the business to deliver safely and at a pace. 
• Proactive and can work on own initiative with the ability to effectively prioritise work.
• Experienced in cyber security frameworks such as NIST, CIS20, MITRE Attack and STRIDE. 

Desirable:

• Experience in threat modelling, risk/posture assessments, and control implementation. 
• Educated to degree level related to information security risk management. 
• Experience in agile and waterfall delivery environments. 
• Recognised security professional qualifications (e.g. CISSP, CCSP, CISMP). 
• Cloud specific qualifications (e.g – CSA CCSK, CCSP, AZ-900, GCP fundamentals). 

Our Commitment to You

At Admiral, we are committed to being a diverse and inclusive workplace. Admiral is proud to be an equal opportunities employer and does not discriminate on the basis of race, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), national origin, gender, gender identity, sexual orientation, disability, age, or any other legally protected status.

All qualified applicants will receive equal consideration for employment.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we’re consistently voted one of the Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

All colleagues will receive 33 days holiday (including banks holidays) when they join us, and this will increase with length of service, up to a maximum of 38 days (including banks holidays). You also have the option to buy or sell up to five days of annual leave in addition to your allocation.

You can also view some of our other key benefits here.

#LI-NT1