Cyber Security Consultant (STRIDE/MITRE ATT&CK)

Cyber Security Consultant (STRIDE/MITRE ATT&CK)

Posted 1 day ago by Jobserve

Apply
Negotiable
Undetermined
Undetermined
Manchester, Leeds, Bristol, Edinburgh
Apply
Agenda (Meeting) Agile Methodology Application Programming Interface (API) Artificial Intelligence AWS Identity And Access Management (IAM) Cloud Computing Cloud Technology Computing Platforms Control Objectives For Information And Related Technology (COBIT) Cryptography Cyber Security ISO/IEC 27000 Management Microservices MITRE ATT&CK Framework Nice (Unix Utility) Open Web Application Security Project (OWASP) Private Cloud RESTful API Security Testing Support Engineering Threat Modeling

Summary: The role of Cyber Security Consultant involves working within a Security Consultancy and Design team to enhance Cyber Security across various computing platforms. The position requires applying Agile methodologies to support engineering initiatives, conducting threat modeling, and designing secure solutions. The consultant will also communicate security concepts to diverse audiences and ensure security is embedded in the organization's change portfolio. This role is crucial in maintaining a secure operating environment for the company and its customers.

Key Responsibilities:

  • Applying Agile methodologies to support engineers and deliver on multiple product initiatives.
  • Conducting threat modeling by deconstructing technical solutions and assessing risks.
  • Analyzing risks and benefits of design options for safe architectural decisions.
  • Designing secure solutions and documenting key security controls.
  • Defining security testing requirements and assessing findings.
  • Communicating technical concepts to both technical and non-technical audiences.

Key Skills:

  • Broad knowledge of modern Enterprise technologies including Cloud and AI.
  • Exposure to contemporary architectures such as RESTful APIs and containerized microservices.
  • Up-to-date on emerging threats and experienced with threat modeling frameworks like STRIDE/MITRE ATT&CK.
  • Significant knowledge of cyber security domains applicable to Enterprise environments.
  • Dynamic solution-oriented mindset with the ability to work under pressure.

Salary (Rate): undetermined

City: Manchester, Leeds, Bristol, Edinburgh

Country: UK

Working Arrangements: undetermined

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Job Description:

Mandatory Skills: Security Architecting

Location: Manchester, Leeds, Bristol, Edinburgh UK

Role Title - Security Consultant
Our Security Consultancy and Design team are continuing their search for Cyber Security Consultants who have a broad knowledge of Cyber Security domains and controls working across a wide range of computing platforms. Join our Chief Security .

About this opportunity
Are you someone who wants to be in the heart of Cyber Security delivering change and working in an agile way, ensuring we execute our strategy and transformation agenda safely? Then we have the perfect opportunity for you.
We are actively welcoming enthusiastic Cyber Security Professionals from all industries and backgrounds to join our expanding team as we embark on an exciting journey where you will have the opportunity to ensure security by design is Embedded across our change portfolio.
Cyber Security sits at the heart of our business providing the Group with a secure operating environment, safe from malicious attacks. It is a dynamic and constantly evolving world where your experience and efforts can deliver tangible results to the safety of a huge company and over 30m customers.
We're on the mission to build the bank of the future, and we need your help to do it!

What you'll do:
Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence.
Threat model by deconstructing technical solutions, identifying threats and vulnerabilities and assessing risks.
Use experience to analyse the risks and benefits of design options to support making safe architectural decisions.
Design secure solutions documenting the key security controls and adhering to security standards.
Define security testing requirements and assess findings.
Effectively communicate technical concepts to both technical and non[1]technical audiences, providing security direction, governance, assurance and guidance.

What we're looking for:
Dynamic solution-oriented individual bringing energy to a rapidly evolving environment with an ability to work well under pressure.
Broad knowledge of modern Enterprise technologies including Cloud and AI
Exposure to contemporary architectures eg. RESTful APIs and containerised microservices.
Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE/MITRE ATT&CK.
Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. endpoint, network, cryptography and IAM.

The nice to haves:
Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
Certifications in security management eg. CISSP/CISM/CCSP or equivalent.
Certifications in technical security domains eg. CEH/OSCP or equivalent.
Experience of Public and or Private cloud environments.

Apply
Similar Jobs
Loading data...