Job Title: Security Consultant – Financial Services
Location: London / Hybrid
Employment: Contract – 6 months
The Role
A Security Consultant acts as a trusted advisor to Product, Engineering, and Architecture, embedding secure-by-design principles across delivery while enabling teams to move at pace. The role leads secure design reviews and threat modelling for key solutions, provides clear and actionable security guidance, and applies CIS-aligned security NFRs and patterns across cloud, identity, and application security.
Operating within a structured lifecycle and aligned to Design Authority and CAB, the consultant ensures consistent, auditable assurance outcomes, drives remediation of security technical debt, and influences stakeholders through pragmatic, outcome-focused advice, with success measured by early engagement, reduced security debt, and strong adoption of secure-by-design practices.
Key Responsibilities
* Acts as a trusted security advisor to Product, Engineering, and Architecture within Financial Services
* Embeds secure-by-design principles across delivery without slowing teams down
* Leads secure design reviews and threat modelling (STRIDE) for key solutions
* Provides clear, actionable security guidance aligned to delivery
* Applies security NFRs and patterns (CIS-aligned) across cloud, identity, and application security
* Supports teams to implement security within SDLC
* Aligns with Design Authority (DA) and CAB, delivering security assurance and confirmation outcomes
* Identifies and drives remediation of security technical debt with clear ownership and timelines
* Builds strong stakeholder relationships and influences through pragmatic, outcome-focused advice
* Success is measured by early engagement, reduced security debt, and consistent secure-by-design adoption
Skills
* Hands-on threat modelling experience (STRIDE preferred)
* Strong knowledge of Azure security, IAM, and application/API security
* Experience embedding security within Agile delivery teams / SDLC
* Background in financial services or regulated environments
* Comfortable working with Design Authority (DA) and CAB governance
* Relevant certifications (CISSP, CISM, SC-100 or equivalent)