Business Unit: Technology Operations & Cyber Security (TOCS)
Salary Range: circa £80,000 per annum DOE + red-hot benefits
Live for the weekday. Live a life more Virgin.
Our Team
Are you passionate about cyber security and eager to make a real impact? At Virgin Money, we're looking for a Lead Consultant to join our Security Solutions team. We're championing being Secure by Design across all our change and delivery programmes, embarking on threat modelling and giving straight up advice for colleagues on security best practice and our regulatory requirements.
If you like a fast-paced and rewarding role that exposes you to exciting technology and will challenge you, then you may have just found it! We're looking for self-motivated enthusiastic individuals, who are ready to make a real difference to a successful team and play a key role in keeping our customers and colleagues safe.
What you'll be doing
- Cultivate and maintain high-level relationships, driving the transformation of our security culture and championing Secure by Design principles across all projects and wider platform teams.
- Lead comprehensive design reviews, advanced threat modelling, and in-depth risk assessments to ensure top-tier security measures are embedded from the start.
- Deliver strategic advice and consultation on our policies, standards, industry regulations, frameworks, and best practices to steer our change initiatives and operational teams.
- Guarantee that security requirements and considerations are thoroughly integrated into our change solutions and are demonstrably effective.
- Proactively identify and assess security risks, offering strategic recommendations to continuously enhance our security posture in a dynamic threat landscape.
- Define strategic objectives, boundaries, and focus areas for security tests to mitigate vulnerabilities within our technical ecosystem.
- Oversee the remediation of risks or findings from security scans or tests, ensuring they are addressed within risk appetite before changes are deployed to production.
- Tackle intricate security challenges with innovative solutions, ensuring robust protection across all systems, working with platform owners and key technical and business stakeholders.
- Offer technical leadership and direction, guiding the team through complex security landscapes and ensuring best practices are followed.
- Advocate for a strong security culture and raise awareness throughout the organisation, ensuring everyone understands and values security principles.
- Validate and approve threat models to ensure they accurately reflect potential risks and are effectively mitigated.
- Provide leadership and mentorship to team members, fostering a collaborative, innovative, and growth-oriented environment.
We need you to have
- Deep knowledge of Cyber Security Frameworks and can articulate their significance and impact to both technical teams and senior business stakeholders.
- A comprehensive understanding across various Information Security domains, such as Identity & Access Management, Network Security, Cryptography and Public Key Infrastructure, Mobile & API security, cloud security and more.
- Strong analytical skills enable you to interpret how industry trends, regulations, and the evolving threat landscape can affect our business, providing strategic insights.
- Extensive experience in scoping penetration tests, conducting risk assessments, and overseeing remediation plans, ensuring robust security measures.
- Strong skills influencing, communicating, and collaborating with senior management and stakeholders, driving security initiatives and fostering a security-first culture.
- Be well-versed in Cloud Service models like IaaS, PaaS, and SaaS, and understand the security implications when deploying solutions in these environments.
- The understanding and ability to apply methods of threat modelling, providing technical leadership for the team in this area as we build out this capability.
- A wealth of experience from similar senior cyber roles, information technology, or governance/risk positions, offering valuable insights and strategic direction.
- A track record of solving complex security challenges with innovative solutions, ensuring robust protection across all systems.
- Prior experience in leading and mentoring team members, fostering a collaborative, innovative, and growth-oriented environment.
It's a bonus if you have but not essential
- Experience working in regulated industries, particularly within the financial services sector, is highly valued.
- Proficiency and extensive experience in threat modelling, especially using techniques like STRIDE, is a significant asset.
- In-depth knowledge of Microsoft Azure and 365 security products, such as Defender, Sentinel, Azure Information Protection, and Intune, is advantageous.
- Holding Information Security certifications such as CISM, CCSP, CRISC, or CompTIA Security+ demonstrates your commitment to professional development and industry standards.
Red Hot Rewards
- Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time) plus the option to buy more.
- Up to five extra paid well-being days per year.
- 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt.
- Market-leading pension.
- Free private medical cover, income protection and life assurance.
- Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness.
And there's no waiting around, you'll enjoy these benefits from day one.
Feeling insatiably curious about this role? If we're lucky to receive a lot of interest, we may close the advert early and would hate you to miss out.
We're all about helping you Live a Life More Virgin, so happy to talk flexible working with you.
Say hello to Virgin Money
We're making great strides towards achieving our ambition of becoming the UK's best digital bank. As a full-service digital bank with a heritage stretching back over 180 years, we're a workforce to be reckoned with, and we're putting the full power of our experience behind disruptive ideas that reinvent the role a bank plays in people's lives. We're customer-obsessed and work tirelessly to deliver on our purpose, 'Making You Happier About Money.' This means we're able to do banking differently, and by innovating and working together we can make a real difference by creating memorable moments and red-hot experiences for our millions of customers. Join us and Live a Life More Virgin that empowers you with choice and flexibility in how you work.
Be yourself at Virgin Money
Our purpose is to make people happier about money, this means seeing and feeling the world as our customers do by creating a workforce that reflects the rich diversity of our customers and communities. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard.
As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team careers@virginmoney.com.
It's important to note that there may be occasions where it's not possible to interview all candidates declaring a disability who meet the essential criteria for the job. In certain recruitment situations such as receiving a high-volume of applications, we may need to limit the overall numbers of interviews offered to both disabled and non-disabled applicants.
Now the legal bit
Living A Life More Virgin allows our colleagues to be based anywhere in the UK (if the role allows it), but we'll need you to confirm you have the right to work in the UK.
If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks - we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.
Advertised: 01 Nov 2024 GMT Standard Time
Applications close: 10 Nov 2024 GMT Standard Time