CrawlJobs Logo

Information Security Consultant

ebrd.com Logo

European Bank for Reconstruction and Development

Location Icon

Location:
United Kingdom , London

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a highly skilled Information Security Consultant to lead the scoping, planning, and execution of advanced security testing initiatives, including Red Team and Purple Team engagements. We are looking for a specialist experienced in managing and delivering ethical hacking campaigns, Red/ Purple team assessments and technical risk assessments. This role validates defensive capabilities, synthesises complex findings to provide actionable guidance for improvement of cyber posture and resilience. This role bridges technical security and security risk management and requires knowledge risk assessment methodologies, an ability to produce metrics, reporting and dashboards as well translate and present technical language, concepts and impacts into language that facilitates business decision making.

Job Responsibility:

  • Define objectives, scope, and success criteria for Red Team and Purple Team exercises
  • Develop detailed test plans aligned with organizational risk priorities and compliance requirements
  • Coordinate scheduling and resource allocation for internal and external stakeholders
  • Act as the primary liaison between internal teams and external MSSPs/consultants
  • Ensure testing activities adhere to agreed timelines, methodologies, and ethical guidelines
  • Monitor progress and provide status updates to senior leadership
  • Review and validate attack scenarios, tactics, techniques, and procedures (TTPs) used during engagements
  • Ensure Purple Team exercises effectively integrate offensive and defensive teams for collaborative improvement to enhance detection and response
  • Analyse findings from Red and Purple Team engagements
  • Prepare comprehensive reports detailing vulnerabilities, attack paths, and defensive gaps
  • Prepare and present results to technical and non-technical stakeholders, including reporting for EBRD senior leadership
  • Incorporate technical findings and outcomes into information security risk reporting templates
  • Provide actionable remediation steps and strategic recommendations based on findings
  • Collaborate with IT security, security engineering, architecture and operations teams to guide implementation improvements
  • Track remediation progress and validate effectiveness through follow-up testing

Requirements:

  • Strong understanding of adversarial tactics (MITRE ATT&CK framework) and threat emulation
  • Experience with penetration testing, exploit development, and detection engineering
  • Familiarity with SIEM, EDR, and threat-hunting tools
  • Commitment to staying up to date with emerging threats and remedies
  • Ability to translate technical concepts, including technical risk, into business language and business impact
  • Experience in proposing actionable remedial steps to address findings
  • Experience of reporting meaningful metrics to a variety of internal technical and non-technical audiences
  • Proven ability to work with external MSSPs and consultants
  • Experience in overseeing and managing testing campaigns with a variety of internal stakeholders
  • Excellent communication skills for cross-functional engagement
  • Extensive background in cybersecurity, covering all major security domains, with solid hands-on experience in Red and Purple Team operations
  • Hands-on experience in scoping and managing security testing engagements
  • Solid experience in metrics and reporting
  • Strategic thinker with strong analytical skills
  • Ability to translate technical findings into business risk language
  • Ability to partner with a wide range of technical and non-technical stakeholders

Nice to have:

  • OSCP, OSCE, CRTO, or similar offensive security certifications
  • GIAC certifications (e.g., GCTI, GPEN, GCFA) or equivalent
What we offer:
  • Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in
  • A working culture that embraces inclusion and celebrates diversity
  • An environment that places sustainability, equality and digital transformation at the heart of what we do
  • Flexible working

Additional Information:

Job Posted:
January 15, 2026

Expiration:
January 28, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
European Bank for Reconstruction and Development - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Consultant

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right

Information Security Consultant

PGI is seeking experienced Information Security Consultants to join our contract...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven people and relationship management skills
  • Demonstrable experience providing Information Assurance consultancy
  • Experience in or knowledge of the PCI DSS standard, NIST CSF, DORA, GDPR/DPA
  • ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Business Continuity or Cloud Security accreditations are highly desirable
  • Experience in conducting risk assessments and forming risk management policies
  • Excellent verbal and written communication skills, with the ability to present to clients and business stakeholders
  • A positive approach to problem-solving and possesses the ability to work smart and collaboratively to prioritise and set deadlines
Job Responsibility
Job Responsibility
  • Engaging confidently with clients relating to solving Information Security Governance, Risk, and Compliance problems
  • Providing hands-on compliance and consultancy services across a range of requirements for clients, such as ISO 27001, business continuity, data protection, DORA, or other regulatory compliance needs, including IASME Cyber Essentials
  • Support colleagues in delivery by also assisting with: Information Security Management System (ISMS) design and implementation
  • GDPR gap assessments and implementation support
  • PCI DSS scoping, gap assessments, implementation guidance, and compliance reporting
  • Maturity Assessments
  • Third-party / supplier assurance reviews
  • Providing expertise to enhance our international capacity-building offer and value
  • Contribute towards the maintenance of PGI’s own accreditations, including ISO 27001, ISO 9001 and business continuity as well as compliance with data protection regulations
  • Maintaining your own continuing professional development, keeping up to date with security industry trends and best practices
Read More
Arrow Right

Security Consultant

As a digital transformation company, Sopra Steria’s digital assets are vital; an...
Location
Location
Netherlands , Nieuwegein
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A bachelor's or master's degree in IT, Safety & Security Management
  • At least one certification in the field of information security, such as CISM, ISO27001, CRISC, CISSP
  • At least 3 years of experience in the field of information security
  • Strong fundamental knowledge and experience in the field of information security
Job Responsibility
Job Responsibility
  • Implement security protocols
  • Conduct regular audits
  • Develop and enforce security policies
  • Educate staff and raise awareness of potential threats
What we offer
What we offer
  • Flexible, location-independent work
  • Laptop, phone and home office necessities
  • A competitive salary and indefinite contract
  • A company car or mobility budget
  • 27 days paid time off (20 fixed days + 7 bonus days)
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Consultant

As a Lead Cyber Security Consultant at Actica Consulting, you will have the oppo...
Location
Location
United Kingdom , London; Guildford; Bristol; M4 corridor
Salary
Salary:
Not provided
actica.co.uk Logo
Actica Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of complex ICT systems security in a technical delivery or consulting capacity in the UK Defence sector or Public Sector
  • The ability to present and justify conclusions to project teams and business stakeholders
  • Proven abilities in delivering to client expectations and requirements
  • Strong verbal and written communications skills
  • Must be eligible and willing to obtain UK Government Security Clearance
Job Responsibility
Job Responsibility
  • Leading one or more Actica teams to undertake varying consultancy assignments
  • Providing security expertise for major system procurements and Agile programmes to ensure secure delivery
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems
  • Explaining to risk owners the causes, likelihood and potential business impacts of information risks
  • Identifying and presenting options for treating or transferring information risks
  • Authoring and/or supporting the development of security assurance documentation
  • Developing or reviewing new security architectures
  • Scoping security testing activities, and explaining the results and required remediation
  • Managing the delivery of security services by Actica teams across several live projects
  • Working with our client-side customers to manage contract delivery
What we offer
What we offer
  • 25 days of paid leave per annum plus 8 UK bank holidays
  • Discretionary, Performance-Based Bonus Scheme
  • Enrolment in Stakeholder Pension Scheme
  • Cycle To Work Scheme
  • Employee Assistance Programme
  • Electric Vehicle Leasing Scheme
  • Private Medical Insurance
  • Substantial training leading to nationally recognised certifications
  • Mentor support and guidance
  • Performance and Development Manager for regular reviews and career progression planning
  • Fulltime
Read More
Arrow Right

Graduate Cyber Security Consultant

We will provide you with a fantastic springboard into a consulting career with c...
Location
Location
United Kingdom , London; Guildford; Bristol
Salary
Salary:
Not provided
actica.co.uk Logo
Actica Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A good degree in a STEM subject
  • Further study at Masters and/or PhD level a bonus
  • An NCSC certified Information / Cyber / Systems Security master’s degree
  • Understanding of the use of technology in business and public sector contexts
  • Familiarity with the HMG Security Policy Framework (SPF) and the NCSC Information Assurance Portfolio
  • Must be eligible and willing to obtain UK Government Security Clearance
Job Responsibility
Job Responsibility
  • Provide technical assurance that proposed solutions are fit for purpose
  • Develop new architectures that mitigate risks posed by new technologies
  • Provide advice on Information Assurance and architectural problems
  • Support development of Risk Management Accreditation Document Sets (RMADS)
  • Scope security testing activities and explain findings
  • Investigate security incidents
  • Promote security awareness
  • Conduct Cyber Security Risk Assessments
  • Provide Assurance of cyber security management controls
What we offer
What we offer
  • 25 days of paid leave per annum plus 8 UK bank holidays
  • Discretionary, Performance-Based Bonus Scheme
  • Enrolment in Stakeholder Pension Scheme
  • Cycle To Work Scheme
  • Employee Assistance Programme
  • Electric Vehicle Leasing Scheme
  • Private Medical Insurance
  • Substantial training leading to nationally recognised qualifications
  • Mentor support
  • Performance and Development Manager
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Consultant

As a Senior Cyber Security Consultant at Actica, you will have the opportunity t...
Location
Location
United Kingdom , London; Guildford; Bristol; M4 corridor
Salary
Salary:
Not provided
actica.co.uk Logo
Actica Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of complex ICT systems in a technical delivery or consulting capacity
  • A good understanding of enterprise information and communications technology
  • The ability to present and justify conclusions to project teams and business stakeholders
  • Proven abilities in delivering to client expectations and requirements
  • Strong verbal and written communications skills
  • Must be eligible and willing to obtain UK Government Security Clearance
Job Responsibility
Job Responsibility
  • Providing security expertise for major system procurements and Agile programmes
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems
  • Explaining to risk owners and other stakeholders the causes, likelihood and potential business impacts of information risks throughout the information system lifecycle
  • Authoring and/or supporting the development of security assurance documentation in accordance with risk management frameworks
  • Developing or reviewing new security architectures that mitigate the risks posed by new technologies and business practices
  • Scoping security testing activities, and explaining the results and required remediation
  • May lead assignments and be responsible for supervising direct reports
What we offer
What we offer
  • 25 days of paid leave per annum plus 8 UK bank holidays
  • Discretionary, Performance-Based Bonus Scheme
  • Enrolment in Stakeholder Pension Scheme
  • Cycle To Work Scheme
  • Employee Assistance Programme
  • Electric Vehicle Leasing Scheme
  • Private Medical Insurance
  • Substantial training leading to nationally recognised certifications
  • Mentor support
  • Performance and Development Manager
  • Fulltime
Read More
Arrow Right

Information Security Analyst

Robert Half is the world’s first and largest specialized talent solutions firm t...
Location
Location
United States , Ashland
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, or related field
  • 3-5+ years of experience in information security, with specific expertise in risk assessments, compliance, and strategic security planning
  • Strong working knowledge of NIST, ISO/IEC 27001, and other industry standards
  • Experience conducting security-focused business impact analyses
  • Familiarity with regulatory requirements such as GDPR, HIPAA, and PCI DSS
  • Strong communication skills with the ability to translate technical concepts for non-technical audiences in consultative settings
  • Industry certifications such as CISSP, CISM, CRISC, or CISA are highly preferred
Job Responsibility
Job Responsibility
  • Develop and implement comprehensive information security strategies and programs that align with the business’s overall goals
  • Facilitate consultative discussions across departments to identify security needs and integrate them into long-term planning processes
  • Apply and customize NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 standards to create secure systems, processes, and environments
  • Conduct gap analyses to benchmark current security processes against established frameworks and recommend improvements
  • Perform and document risk assessments, evaluating potential vulnerabilities and threats
  • Conduct business impact analyses to prioritize assets and ensure appropriate allocation of security resources to critical areas
  • Evaluate the organization’s compliance with relevant regulatory standards, such as GDPR, HIPAA, CCPA, and PCI DSS, and provide remediation plans to address deficiencies
  • Partner with internal and external auditors to perform compliance-related audits and assessments
  • Act as a point of consultative support for business leaders and departments regarding information security risks, requirements, and best practices
  • Collaborate with IT teams, project managers, and other stakeholders to ensure security is embedded into new system implementations and upgrades
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

VP, Information Security Officer (ISO), Markets, Taiwan

The Chief Information Security Office (CISO) is home to deeply talented colleagu...
Location
Location
Taiwan , Taipei
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of relevant experience in Information & Cybersecurity space or related domains such as risk management, auditing, consulting & advisory services
  • One or more of IS/Cybersecurity industry standard certifications (e.g. CISA, CISSP, CISM, SANS GIAC, CEH, CRISC, CCSP,SSCP, CompTIA Security+ etc.) are mandatory
  • Strong understanding of Information security domains with hands on experience of performing application security risk assessments covering controls such as Identity & Access Management, API Security, Cloud/SaaS Security, Cryptography, Sensitive Data protection, Audit Logging/Monitoring, Secure SDLC controls
  • Sound knowledge of Network Security controls (including Firewalls, IDS/IPS) and Application Vulnerability Assessments/Source code & component vulnerability scanning related controls
  • Good understanding of Markets Business and Applications such as such as trading platforms, order management systems, risk management systems, pricing engines etc. is an advantage
  • Hold relevant professional certificates recognized by local authorities
  • Sound knowledge of IS/Cybersecurity related local regulatory, and compliance requirements in the financial services industry and Securities & Futures Markets
  • Understanding of policy compliance and how it relates to risk
  • Extensive knowledge of information security risk assessment methodologies/industry standards
  • Demonstrated ability to take ownership and follow up on issues
Job Responsibility
Job Responsibility
  • Act as a Trusted Security Advisor to business and technology teams, guiding them on IS/Cyber risks
  • Appropriately assess risks when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients and assets
  • Drive compliance with applicable Information & Cybersecurity laws, rules and regulations, adhering to relevant Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Serve as the local point of contact of all information security matters, including management, governance, compliance, and third-party risk management
  • Manage local audit and regulatory engagements impacting CISO
  • Drive country-specific control implementations or special programs, where deemed necessary based on risk assessments or local regulatory requirements
  • Work with business & technology management to drive the information security program and govern risk management activities including CSRA (Cybersecurity Risk Appetite) reporting
  • Work with the internal Applications Development function to facilitate improvements in both architectural and application security posture
  • Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of security controls and corrective actions to mitigate/remediate risks
  • Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
What we offer
What we offer
  • Extensive on-the-job training and exposure to senior leaders
  • Access to telehealth options, health advocates, confidential counseling
  • Expanded Paid Parental Leave Policy
  • Access to an array of learning and development resources
  • Generous paid time off packages
  • Resources and tools to volunteer in the communities
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy