CrawlJobs Logo

Principal Information Security Consultant

United Kingdom, London · Job Posted April 05, 2026
Apply Position
Job Link Share

Job Description

Mastercard is looking for a Principal Information Security Consultant based in London, Dunstable, or Harrogate. This senior role sits within Vocalink and provides strategic security leadership across critical products and enterprise platforms. As a Principal Security Consultant, you will act as a trusted advisor and senior technical delegate to the Director of Information Security Consultancy — providing expert guidance, shaping strategy, and representing the Consultancy function in cross‑organisation forums. You will operate with high autonomy, influencing complex decisions and raising the maturity and consistency of security engineering practices across Mastercard.

Job Responsibility

  • Lead high‑impact security consultancy engagements across the enterprise
  • Shape and mature the Security Consultancy function
  • Act as a senior delegate for the Director of Information Security Engineering
  • Provide authoritative guidance to engineering, product, and architecture teams
  • Lead assurance for high‑risk or complex systems
  • Develop, refine, and promote security standards and frameworks
  • Mentor Lead‑level consultants
  • Provide strategic direction on complex technical domains such as cryptography, IAM, network, data and application security

Requirements

  • Strong security mindset and deep knowledge of best practices and threats
  • Broad and mature experience across software, architecture, network, cloud, and assurance
  • Ability to negotiate with senior stakeholders
  • Strong interpersonal and relationship‑building skills
  • Authority in complex technical decision‑making
  • Confidence in providing technical guidance on complex decisions (cryptography, network design, application security, data protection, IAM, etc.)
  • Experience producing high‑quality documentation and threat models
  • Familiarity with ISO 27001, NIST SP 800‑53, PCI DSS, etc.
  • Self‑starter comfortable with ambiguity
  • Experience with third‑party assurance and vendor interaction
  • Proactive approach to enhancing the maturity of the security organisation

Nice to have

  • Security certifications (CISSP, CISM, CSSLP, CISA)
  • Threat modelling and risk assessment expertise
  • Knowledge of PAM, Secrets Management, PKI, Cryptography, Security Logging
  • Experience with JIRA/Confluence

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Principal Information Security Consultant

8 matching positions

Principal Consultant - Offensive Security

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity & Microsoft Security Platform Technology Consultant

We are looking for a Principal Cybersecurity & Microsoft Security Platform Techn...
Location
Location
United States , Annapolis Junction
Salary
Salary:
122500.00 - 214600.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Engineering, Finance, Business, or related field AND 6+ years leadership experience in relevant area of business OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
  • Pass Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Experience aligning Microsoft security capabilities to federal cybersecurity compliance and risk management requirements such as NIST 800‑53, RMF, Zero Trust Architecture (ZTA), Executive Order 14028, or agency‑specific ATO processes
  • Experience supporting security architecture design, control implementation, or assessment activities contributing to system Authorization to Operate (ATO)
  • Relevant Microsoft security certifications (e.g., SC‑100, SC‑200, SC‑300, AZ‑500) or equivalent industry certifications (e.g., CISSP, CCSP, GIAC) are desirable
  • 12+ years leadership experience in relevant area of business
  • Delivery Management certification (e.g., Scrum, Agile, Change Management, Project Management)
Job Responsibility
Job Responsibility
  • Lead customer‑facing technical engagements translating mission or compliance requirements into secure Microsoft platform architectures
  • Provide technical leadership across multi‑domain security solution deployments spanning identity, endpoint, cloud, data, and security operations
  • Influence security design decisions at the enterprise and enclave level through architecture reviews, threat modeling, and risk‑based tradeoff discussions
  • Integrate Microsoft security services into hybrid or multi‑cloud mission environments
  • Mentor consultants and contribute to reusable delivery intellectual property (IP), accelerators, or reference architectures within the Microsoft Security consulting community
  • Desired experience includes hands‑on delivery or architectural leadership in one or more of the following Microsoft security solution domains: Identity & Access Security
  • Endpoint & Device Security
  • Threat Protection & SOC Modernization
  • Cloud Security & Workload Protection
  • Information Protection & Data Security
  • Fulltime
Read More
Arrow Right

Principal Consultant, DFIR, Reactive Services (Unit 42)

Manage and lead incident response engagements, including scoping work, guiding c...
Location
Location
Canada , Toronto
Salary
Salary:
136000.00 - 187000.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree with 8 years of experience, or Master's degree with 6 years of experience, or PhD with 3 years of experience in Information Security, Computer Science, Digital Forensics, or a related field
  • Direct experience in incident response or digital forensics consulting
  • Proficiency with host-based forensics and data breach response methodologies
  • Hands-on experience with forensic tools such as EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, or WireShark
  • Ability to travel as needed to meet business demands, averaging up to 20%
Job Responsibility
Job Responsibility
  • Manage and lead incident response engagements, including scoping work, guiding clients through forensic investigations, and containing security incidents
  • Perform reactive incident response and host-based analysis on Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Examine firewall, web, database, and other log sources to identify evidence of malicious activity and attack vectors
  • Investigate data breaches using forensic tools like EnCase, FTK, X-Ways, SIFT, and Splunk to determine the source and scope of compromises
  • Provide clients with clear, actionable recommendations for long-term remediation and security posture improvement
  • Collaborate with internal teams and external stakeholders to ensure alignment and deliver comprehensive solutions
  • Act as a mentor for junior team members, sharing expertise in incident response and digital forensics best practices
What we offer
What we offer
  • restricted stock units
  • bonus
  • Fulltime
Read More
Arrow Right

Principal Consultant, Red Team

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

We have an exciting opportunity for a Senior Security Consultant to join our gro...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards
  • Experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experience applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
  • Flexibility to work from home, FSP office locations or at times visit client sites
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes
  • Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right

Principal Consultant, Infrastructure

Microsoft is on a mission to empower every person and every organization on the ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep technical background with 10+ years of technology-related experience
  • 3+ years of Microsoft Azure experience (Experience on AWS or GCP will be an added advantage)
  • In depth expertise in designing and implementing private, public and/or hybrid cloud solutions
  • In depth expertise in designing, implementing, and securing resources in Azure
  • In depth expertise in designing and implementing Azure Landing Zones
  • In depth expertise in designing and implementation of Azure Kubernetes Services
  • In depth expertise in modernizing legacy applications with Azure Cloud Native solutions
  • In depth expertise in migrating workloads from on-prem to cloud or between hyperscale clouds
  • Knowledge in one or more of the following: Azure PowerShell, CLI, Visual Studio Code, Python, ARM or Terraform
  • Knowledge of Azure DevOps and Infra-as-Code (IaC)
Job Responsibility
Job Responsibility
  • Demonstrate the ability to adapt to modern technologies and learn quickly
  • Ability to deliver results through teamwork while achieving individual billable attainment goals
  • Ability to focus on customers, proven ability to be client focused, create results, proactive, and collaborate with others
  • Demonstrate a passion for mentoring, supporting peers & sharing knowledge
  • Consume and contribute best practices, lessons learned, and intellectual property (IP) to the global Microsoft community with a focus on continuous improvement
  • Foster senior level client relationships and engage with senior level Microsoft and client stakeholders to drive solution success
  • Display strong time, project, and priority management skills
  • Express excellent communication skills, presentation skills, written skills, customer/partner relationships and expectations management
  • Fulltime
Read More
Arrow Right

Principal Consultant - Data & AI

The Principal Consultant is a senior leader responsible for the successful techn...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years of experience in software/solution engineering, with at least 3–5 years in delivery leadership roles
  • Proven experience in leading delivery of complex, multi-disciplinary projects
  • Strong understanding of modern delivery methodologies (Agile, Scrum, DevOps, etc.)
  • Excellent communication, stakeholder management, problem-solving, and team leadership skills
  • Bachelor’s degree in computer science, Engineering, or related field (or equivalent experience)
  • Relevant certifications are a plus
  • Areas of Expertise: Enterprise Data Architecture & Modern Platforms
  • Data Engineering & Large Scale Data Processing
  • Database Platforms, Performance & Capacity Engineering
  • RealTime Analytics & Operational Intelligence
Job Responsibility
Job Responsibility
  • AI-First Delivery Leadership
  • Embed AI-first principles into delivery workflows, leveraging automation and intelligent orchestration where applicable
  • Lead end-to-end delivery of complex projects, ensuring solutions are scalable, robust, and aligned with client business outcomes
  • Drive engineering excellence through reusable components, accelerators, and scalable architecture
  • Oversee technical execution across multiple projects, ensuring adherence to best practices, quality standards, and compliance requirements
  • Collaborate with clients and internal stakeholders to define strategies, delivery plans, milestones, and risk mitigation approaches
  • Act as a technical point of contact for clients, translating business requirements into scalable technical solutions
  • Ensure delivery models are optimized for modern AI-native execution, including integration of automation and intelligent processes
  • Ability to step into at‑risk projects, quickly assess issues, and establish a credible path to recovery or exit
  • Engineering Excellence
  • Fulltime
Read More
Arrow Right

Principal Consultant, Incident Preparedness - Proactive Services

As a client-facing Principal Consultant, you will be a key leader in our proacti...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Information Security, Computer Science, Cyber Security, or a related field, or equivalent practical experience
  • 8+ years of combined experience in incident preparedness and incident response consulting
  • Demonstrated experience leading and delivering complex, client-facing cybersecurity engagements from scoping through to completion
  • Mandatory, hands-on experience in both incident response (IR) and incident preparedness, with a primary focus on preparedness
  • Professional business fluency in both French and English
Job Responsibility
Job Responsibility
  • Lead the end-to-end delivery of proactive incident preparedness projects, including Tabletop Exercises (TTX), Incident Response Plan development, and Response Maturity Assessments
  • Critically review and analyze client documentation, such as Crisis Management, Incident Response, and Business Continuity plans, to identify gaps and provide actionable recommendations
  • Design, plan, and facilitate a variety of TTXs for diverse audiences, from technical teams to C-suite executives, delivering detailed post-exercise reports with strategic insights
  • Manage the full lifecycle of client engagements, from initial scoping and stakeholder alignment to final deliverable production, ensuring high-quality outcomes and customer satisfaction
  • Proactively collaborate with clients and internal Unit 42 teams, serving as a trusted advisor to enhance their overall cyber resilience and preparedness posture
  • Contribute to the continuous improvement of service delivery methodologies and internal team knowledge by sharing insights and applied learnings from client engagements
  • Travel as required (approximately 20%) to meet client engagement needs and business demands
  • Fulltime
Read More
Arrow Right