Summary: The Information Security Consultant role is a contract position focused on supporting a financial services client in implementing essential security processes and frameworks. The position requires hands-on experience in security implementation within a regulated environment and emphasizes collaboration with various stakeholders. The consultant will be responsible for project assurance, M&A security, third-party assurance, and knowledge sharing within the team. This role is critical for establishing robust security capabilities and ensuring long-term resilience for the organization.

Key Responsibilities:

• Conduct risk assessments, develop documentation, and establish processes to support internal security projects.
• Support security due diligence for acquisitions, ensuring key risks are understood and addressed at the executive level.
• Develop a structured approach for vendor risk management, classification, and compliance with minimum security requirements.
• Implement governance and agile security methodologies for newly insourced development teams, including mobile app security.
• Work closely with the Head of InfoSec and an internal team (mid-level and junior analysts) to establish long-term security capabilities.

Key Skills:

• Proven experience delivering security frameworks and processes in a financial services environment.
• Strong background in security governance, risk management, and assurance.
• Expertise in third-party security assessments and compliance requirements.
• Experience working with M&A security and risk management during acquisitions.
• Familiarity with agile security methodologies and securing development teams.
• Ability to collaborate with technical and non-technical stakeholders, ensuring security best practices are embedded within the organisation.

Salary (Rate): undetermined

City: Liverpool

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: Finance