Information Security Consultant - Contract (Outside IR35)
Location: Liverpool (Hybrid - 2 days on-site per week)
Duration: 6-month initial contract (12-month project)
IR35 Status: Outside IR35
Industry: Financial Services
We are seeking an InfoSec Consultant to support a financial services client in implementing key security processes and frameworks. This is a delivery-focused role requiring hands-on experience in security implementation within a regulated environment.
Key Responsibilities:
- Project Assurance - Conduct risk assessments, develop documentation, and establish processes to support internal security projects.
- M&A Security - Support security due diligence for acquisitions, ensuring key risks are understood and addressed at the executive level.
- Third-Party Assurance - Develop a structured approach for vendor risk management, classification, and compliance with minimum security requirements.
- Developer Security Framework - Implement governance and agile security methodologies for newly insourced development teams, including mobile app security.
- Knowledge Sharing - Work closely with the Head of InfoSec and an internal team (mid-level and junior analysts) to establish long-term security capabilities.
Key Requirements:
- Proven experience delivering security frameworks and processes in a financial services environment.
- Strong background in security governance, risk management, and assurance.
- Expertise in third-party security assessments and compliance requirements.
- Experience working with M&A security and risk management during acquisitions.
- Familiarity with agile security methodologies and securing development teams.
- Ability to collaborate with technical and non-technical stakeholders, ensuring security best practices are embedded within the organisation.
This is a critical role in helping the business establish robust security processes and frameworks, ensuring long-term resilience.
If you're interested or know someone who could be a great fit, please get in touch.
