Information Security Consultant - Banking

Information Security SME - Banking Excellent opportunity opens for an Infosec / Information Security Consultant to join a leading Bank (ideally CISSP). We are looking for a proactive and versatile Information Security Consultant with strong technical and communication skills, capable of acting as a security lead within delivery teams, the ideal candidate will be an SME on Customer Management projects and have Salesforce experience. This role offers the opportunity to be Embedded in a dynamic technology delivery team, driving security integration across a major transformation programme. You'll have the autonomy to solve real-world security challenges hands-on, collaborating closely with engineers, product managers, and stakeholders. The position provides a chance to shape the security posture of critical systems while applying broad expertise across architecture, threat modelling, and compliance.

Key Responsibilities:

• Security Integration in Delivery Teams: Act as the Embedded security lead in technology delivery teams, ensuring security is integrated throughout project life cycles.
• Advisory & Compliance: Provide expert advice on security best practices and regulatory requirements; escalate issues when specialist input is required.
• Secure Change Process Guidance: Guide teams through secure change assessments and approval gates.
• Risk Identification and Problem Solving: Develop deep understanding of the technology stack and business objectives to identify risks and propose practical solutions.
• Risk & Control Assessments: Conduct supplier due diligence, privacy impact assessments, and project security reviews using defined frameworks.
• Risk Management: Support the identification, articulation, documentation, and treatment of security risks in accordance with risk management policies.
• Stakeholder Relationship Management: Build strong, trust-based relationships with developers, testers, product managers, and other delivery team members; actively participate in Agile ceremonies and planning sessions.

Key Requirements:

• Strong communication skills with the ability to explain complex security topics to both technical and non-technical audiences.
• Awareness of personal knowledge limits and willingness to seek external input when needed.
• Understanding of the relationship between Risk Management and Information Security in a Three Lines of Defence (3LoD) model.
• Proven ability to foster collaboration and shared security ownership across engineering, product, compliance, and business functions.
• Practical problem-solving skills and a creative approach to managing security risks.

Required Experience Must-Haves:

• Information Security: Demonstrable experience in both technical and non-technical aspects of information security.
• Technology Change: Experience ensuring security throughout the life cycle of technology change initiatives.
• Privacy: Working knowledge of privacy principles and their application in technology change.

Nice-to-Haves:

• Exposure to intra-group outsourcing environments.
• Participation in large-scale technology transformation programmes.

Professional Qualifications:

• Strong knowledge of Information Security best practices and regulatory requirements.
• Ideally holds or is capable of obtaining certifications such as CISSP (Certified Information Systems Security Professional).

Interested? Apply In Information Security Consultant Salesforce Customer Management Security Lead Technology Change Transformation Programme Risk Management Change Processes Security Privacy Bank Banking Financial Services Intra Group Technology Transformation GDPR Infosec