Senior Security Consultant
Location: London (hybrid)
Length: 6 months
PAYE only
Overview
Barclays is reinventing the merchant acquiring landscape. We are building a greenfield, cloud‑native fintech platform from the ground up, independent of legacy constraints.
As a Senior Security Consultant you will be the technical security lead for a high‑velocity engineering mission, ensuring secure‑by‑design philosophy is baked into every line of code and every AWS instance before launch.
Key Accountabilities
* Security Architecture & Shift‑Left Consultancy
* Drive end‑to‑end security solutions across platform and product engineering.
* Perform deep‑dive architectural reviews and threat modeling to catch risks in the design phase.
* Deliver pragmatic, cost‑effective guidance that accelerates delivery rather than blocking it.
* Cloud & DevSecOps Leadership
* Architect secure AWS workloads using cloud‑native services, IAM, and zero‑trust networking.
* Secure our GitHub‑based CI/CD pipelines and containerized environments (Docker/Kubernetes).
* Champion Controls‑as‑Code—moving away from manual audits toward automated, immutable evidence and policy‑as‑code.
* Strategic Risk & Stakeholder Management
* Act as the key conduit to CISO leadership, identifying blockers and high‑risk items early.
* Translate complex technical threats into business risk for both engineers and executive stakeholders.
* Influence the Security Steering Group to ensure the platform meets the CISO risk appetite.
* Modern Workspace Hardening: lead the security hardening of our modern collaborative stack, including Google Workspace and a MacBook‑based EUC estate managed via JAMF.
Key Skills
You are a seasoned Cyber Security professional who thrives in high‑pressure, agile environments, navigating the governance of a major bank while speaking the language of a cloud‑native developer.
Technical Essentials
* Extensive experience in Security Architecture or Consulting, ideally within Financial Services or Fintech.
* Cloud Mastery: Deep expertise in AWS security, architecture patterns, and operational guardrails.
* Modern Tooling: Hands‑on experience securing CI/CD pipelines, Infrastructure‑as‑Code (IaC), and Kubernetes.
* Domain Depth: Strong knowledge of Cryptography, AppSec, IAM, and Network Segmentation.
* Frameworks: Practical application of NIST, ISO 27001, and PCI DSS.
Desirable “Extra Credit”
* Experience in Merchant Acquiring or Payment flows.
* Specific experience securing MacBook estates (JAMF) and Google Workspace.
* Proven ability to lead “Red Team” readiness and pre‑go‑live assurance.
Benefits
As a contract employee through Randstad Sourceright you’ll receive financial and personal benefits, including pension plan enrolment after 12 weeks, holiday pay, Employee Assistance Programme, and various discounts.
#J-18808-Ljbffr