Press Tab to Move to Skip to Content Link
Select how often (in days) to receive an alert:
City: Cardiff
Address: Cardiff, Wales, GB, CF30LT
Job Requisition Number: 7719
Work Type: Permanent
Job Function: IT
Salary Range: £56,710 - £69,471
Base: Cardiff / Hybrid
Closing Date: 23:59 on 19/06/2025
The Security Consultant works within the Security Risk and Governance team and is responsible for working with project teams, including architects, analysts, technical designers, programme managers, and business users to ensure that projects are delivered securely, protecting customer, company, and employee data, and ensuring compliance with the Information Security policies and standards.
Responsibilities:
1. Provide end-to-end engagement on a wide range of business projects, ensuring security is integrated and data is protected.
2. Attend project meetings and represent Information Security, providing guidance as needed.
3. Review and consult on IT/Business change documentation including Business Requirements, Design Documents, and Network Diagrams.
4. Provide the necessary people, process, and technology requirements to deliver secure solutions.
5. Ensure relevant security policies and standards are applied to projects, adopting a hands-on approach where necessary.
6. Communicate risks effectively to both technical and non-technical stakeholders.
7. Scope, organize, and support penetration testing and vulnerability assessments, tracking remediation efforts.
8. Conduct Security impact assessments to meet policies, NIS D obligations, and GDPR requirements on projects where applicable.
9. Contribute to and review security clauses in supplier contracts.
10. Undertake any additional duties as assigned by the line manager.
Who you’ll work with
Internal:
* CISO
* Security Architecture
* Business Sponsors
* Head of Procurement
* Head of Legal
* DPO
* IT & OT Architects
External:
* Outsource IT providers
* Major suppliers to Welsh Water
* External Auditors
* Regulators
About you
Knowledge, Skills & Experience:
* Recognized professional certifications such as CISSP, CISM, CISA, CRISC
* Familiarity with NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO27001
* Understanding of Security governance frameworks and risk management
* Experience delivering Security assurance in large, complex projects
* Strong stakeholder engagement skills
* Technical knowledge of security implementation and vulnerabilities
* Experience delivering end-to-end Security assurance
* Excellent communication skills, both written and verbal
* Deep knowledge of Security risk management and frameworks
Good to know
* This role includes hybrid working.
We offer a competitive salary, 33 days annual leave, and a range of employee benefits including variable pay schemes, additional leave options, pension contributions, mortgage services, discounts, and more.
Note: We may close or extend the application period based on interest. All new employees will undergo references, medical clearance, and criminal record checks, with additional security clearances as needed.
Who we are
Welsh Water supplies safe, reliable water to 3 million people and manages wastewater responsibly, protecting our environment. We value diversity and inclusion, encouraging applications from minority groups, including ethnic minorities, women, LGBTQ+, and individuals with disabilities. We are committed to a culture of trust, respect, and honesty.
Company registration: Dŵr Cymru Cyf, No. 2366777, registered in Wales. Registered office: Linea, Fortran Road, St. Mellons, Cardiff CF3 0LT.
#J-18808-Ljbffr