Information Security Consultant

At the heart of our not-for-profit organisation is a commitment and a motivation to make the future-saving experience a simple one for our members. We champion fairness and simplicity, not profit-chasing. Imagine a financial adventure where everyone's a winner, fuelled by our exceptional service and brought to life by the fantastic individuals who work for us. We're a diverse employer with a flexible, hybrid working approach, ensuring everyone gets the opportunity to come to work and be the best version of themselves.

Working within the IT Security Team as an IT Security Consultant, you will play a critical role in safeguarding the organisation’s digital assets. You will advise the business on a wide range of information security matters, support project teams in the secure delivery of technology programmes, and ensure compliance with industry standards. Your expertise will help drive a proactive security culture, enabling the organisation to manage risks effectively while supporting innovation and business objectives.

• Perform comprehensive security assessments of both third-party vendors and internal applications.
• Oversee and evaluate security audits and penetration tests.

• Provide consultancy on risk mitigation, incident response planning, and disaster recovery.
• Analyse security events, incidents, and potential threats.

• Develop security documentation in accordance with ISO 27001, CIS Controls, and other relevant standards.
• Ensure ongoing compliance with industry regulations and internal governance requirements.

• Stay current on new threats, vulnerabilities, and regulatory changes (e.g., GDPR, ISO 27001).
• Conduct threat modelling assessments for new interconnected technologies.

• Strong ability to identify, assess, and prioritise security risks across systems, applications, and third-party vendors.
• Strong understanding of ISO 27001, CIS Controls, GDPR and familiarity with NIST.
• Experience with securing Azure cloud environments including configuration best practices.
• Strong analytical skills to assess threats, investigate incidents, and recommend effective solutions.
• Commitment to staying current with emerging threats, vulnerabilities, and evolving security technologies.

People's Partnership is an equal opportunities employer. We believe everyone has the right to be treated fairly, with dignity and respect. We are committed to treating all our people (and all who apply for a role at People's Partnership) equally and enabling them to perform at their best and demonstrate what they have to offer. This role may support hybrid working.

To make use of this arrangement, employees must have an appropriate home working environment, including a private workspace and reliable, secure high speed internet that enables them to perform their duties effectively. We are a disability committed employer, please let us know if you need any reasonable adjustments made to our recruitment process (application, selection assessments where relevant, and interview) to enable you to show us the best “you”.