Cyber Security Consultant

Cyber Security Consultant – Financial Services – Up to £110k – City of London - Hybrid   Overview: We are currently partnered with one of the world’s leading financial institutions who offer a broad range of services, including commercial banking, trust banking, securities, credit cards, consumer finance, and asset management. They are seeking a Cyber Security Consultant to lead and develop cybersecurity guidelines, ensuring compliance and audit-readiness.  You will also be responsible for conducting cybersecurity assessments and third-party risk due diligence, reviewing contracts for cyber security terms and collaborate with stakeholders to assess and mitigate information security risks.   Role & Responsibilities: Establish, maintain, and update guidelines for the secure usage, control, and maintenance of information systems and distributed computer resources. Conduct comprehensive cybersecurity assessments of third-party systems, applications, and vendors. Evaluate risks related to external entities and ensure that security controls are properly implemented and effective. Lead the cybersecurity due diligence process for high-profile third-party projects. Assist in reviewing & negotiating cybersecurity-related contractual terms with vendors and partners. Oversee the management of penetration tests, dynamic and static code analysis, and vulnerability scans to proactively identify and mitigate security weaknesses in infrastructure, applications, and networks. Develop and implement incident response procedures, logging protocols, and investigation methodologies. Mentor junior members of the cybersecurity team, providing guidance on best practices, technical issues, and career development. Work closely with internal stakeholders, including IT, compliance, and legal teams, to align cybersecurity measures with business objectives. Produce detailed documentation of cybersecurity assessments, penetration tests, and threat analyses. Ensure that the business adheres to all applicable cybersecurity regulations and standards, such as PCI, SOC2, NIST, and ISO. Stay updated on changes in the regulatory landscape, including Anti-Money Laundering (AML) regulations and requirements such as the USA PATRIOT Act, ensuring that all cybersecurity measures are compliant. Participate in the development and maturity of the Third-Party Risk Due Diligence process.  Essential Skills & Experience: Technical Cybersecurity Expertise: Risk management, access control, cryptography, physical security, network security, and incident management. Hands-on experience with technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), encryption, vulnerability management, and secure software development.Information Security Frameworks & Standards: Working knowledge of SOC2 reports, PCI DSS compliance, NIST 800 series, ISO 27001/27002, and other information security standards. Familiarity with industry frameworks like COBIT, ITIL, and NIST Cybersecurity Framework.Network and Infrastructure Security: Solid understanding of IP networks, including routers, switches, VLANs, and firewalls. Knowledge of network security protocols and configurations (TCP/IP, IP addressing, network segmentation).Compliance & Regulatory Knowledge: Deep understanding of federal and state regulations regarding cybersecurity, including Anti-Money Laundering laws, Bank Secrecy Act, USA PATRIOT Act & other financial industry-specific requirements.Certifications & Education: Possessing or working towards certifications such as CISSP, GIAC, CEH, CISA, or CRISC is highly desirable, showcasing expertise in cybersecurity best practices and principles. Bachelor's degree in Computer Science or equivalent work experience.  Package: Up to £110,000 basic salary Up to 20% discretionary bonus 10% pension contribution Other Excellent benefits Hybrid working – 2 days onsite (City of London)