Introduction
At IBM CIC, we provide technical and industry expertise to a wide range of public and private sector clients in the UK.
A career in IBM CIC means you'll have the opportunity to work with leading professionals across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. You will get the chance to deliver effective solutions, driving meaningful business change for our clients, using some of the latest technology platforms.
Curiosity and a constant quest for knowledge serve as the foundation to success here. You'll be encouraged and supported to constantly reinvent yourself, focusing on skills in demand in an ever changing market. You'll be working with diverse teams, coming up with creative solutions which impact a wide network of clients, who may be at their site or one of our CIC or IBM locations. Our culture of evolution centres on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
We Offer
Many training opportunities from classroom to e-learning, mentoring and coaching programs and the chance to gain industry recognized certifications
Regular and frequent promotion opportunities to ensure you can drive and develop your career with us
Feedback and checkpoints throughout the year
Diversity & Inclusion as an essential and authentic component of our culture through our policies and process as well as our Employee Champion teams and support networks
A culture where your ideas for growth and innovation are always welcome
Internal recognition programs for peer-to-peer appreciation as well as from manager to employees
Tools and policies to support your work-life balance from flexible working approaches, sabbatical programs, paid paternity leave, maternity leave and an innovative maternity returners scheme
More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Program, life assurance and a group personal pension plan of an additional 5% of your base salary paid by us monthly to save for your future.
Your Role And Responsibilities
IBM is seeking a Data & Application Security (DAS) Consultant to support the design, implementation, and improvement of security controls protecting applications and sensitive data within public sector environments.
This is a hands-on delivery role suited to practitioners who enjoy working close to the technology. You will help clients embed security across the software development lifecycle, strengthen data protection controls, and respond to emerging risks in complex, regulated environments.
Depending on your experience level, you may lead specific workstreams or contribute as a technical specialist within larger delivery teams. We welcome candidates who are continuing to grow their consulting and leadership capability.
What You'll Do
Hands-On Security Delivery
Implement and improve application and data security controls in client environments.
Support Threat Modelling activities and Secure SDLC integration.
Contribute to DevSecOps pipeline improvements and security automation.
Perform and triage application security testing and vulnerability findings.
Apply data protection techniques including encryption (at rest and in transit), masking, and anonymisation.
Support DLP implementation and tuning activities.
Security Engineering & Risk Reduction
Analyse vulnerabilities and security incidents and help define practical remediation steps.
Strengthen database security through access controls, auditing, and patch management.
Help implement security guardrails for cloud and application modernisation programmes.
Integrate security telemetry with SIEM platforms for monitoring and response.
Client Collaboration
Work with developers, platform engineers, architects, and security teams to embed security into delivery workflows.
Contribute to client workshops and technical discussions.
Translate technical findings into clear, actionable guidance.
Preferred Education
Bachelor's Degree
Required Technical And Professional Expertise
Practical, hands-on experience in application and/or data security.
Working knowledge of Secure SDLC, Threat Modelling, or DevSecOps practices.
Experience With One Or More Of
Application security testing or vulnerability management
Data protection controls (encryption, masking, anonymisation)
DLP technologies
Database security controls
SIEM or security monitoring tools
Understanding of common security frameworks (e.g., NIST, ISO 27001, CIS).
Ability to work within regulated or security-sensitive environments.
This role is subject to pre-employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). An additional range of Personal Security Controls referred to as National Security Vetting (NVS) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV).
Preferred Technical And Professional Experience
Experience supporting cloud or multicloud security implementations.
Familiarity with public sector or highly regulated environments.
Exposure to data classification or data governance practices.
Relevant certifications (e.g., CISSP, CISM, CCSP, CSSLP) — not required.
Experience working in consulting or client-facing delivery roles.