Security Consultant/Analyst

Job Title: Security Consultant/Architect

Location: London (hybrid)

Length: 6 months

PAYE only

Overall purpose of the role

Are you a security professional with a "shift-left" mindset and a passion for building secure-by-design platforms? Join Barclaycard Payments as we build a brand-new, cloud-native, and fully independent fintech-style merchant acquiring platform.

This isn't about maintaining legacy systems; it’s about building a target-state platform from the ground up. As a Security Consultant / Analyst, you will be embedded within the CISO function, working directly with engineering and product teams to ensure security is woven into the fabric of the GAIA roadmap.

You will act as a bridge between high-level security standards and technical execution. This role is a blend of Cyber Business Analysis, GRC (Governance, Risk, and Compliance), and Technical Consultancy.

Key Accountabilities:

Secure-by-Design: Provide pragmatic security guidance to engineering workstreams, reviewing designs and technical specifications to identify risks early in the SDLC.

Control Mapping & BA: Perform deep-dive business analysis to map cyber controls against the GAIA roadmap, ensuring alignment with the Barclays Cyber Control Library and refreshed Cyber Standards.

Cloud & DevOps Security: Support the secure configuration of AWS workloads, CI/CD pipelines (GitHub), and containerised environments (Docker/Kubernetes).

Compliance & Frameworks: Ensure the platform is built to be PCI DSS compliant, utilizing frameworks such as ISO 27001/2 and NIST CSF.

Risk Orchestration: Help translate complex technical risks into business-relevant terms for stakeholders, ensuring all risks are logged, understood, and mitigated.

Assurance: Assist in preparing for penetration testing, remediating findings, and validating control improvements.

Key Skills:

We are looking for a high-energy consultant who has spent the last 5+ years in Cyber Security, ideally within Fintech or Financial Services. You should be comfortable "spinning plates" in a greenfield environment and have a strong background in reporting to CISO leadership.

Essential Experience:

Cyber experience within Fintech/Financial Services: Proven experience in security consultancy, advisory, or GRC roles.

Cyber Business Analysis: At least 2 years of recent experience in mapping cyber controls and navigating complex project roadmaps.

Framework Fluency: Deep understanding of ISO 27001/2, NIST CSF, and PCI DSS.

Cloud & Modern Engineering: A solid grasp of cloud implementations (AWS preferred) and secure development lifecycle principles.

Stakeholder Mastery: The ability to challenge and influence developers, architects, and risk officers effectively.

Desirable Skills:

Experience securing End User Compute (EUC), specifically MacBooks managed via JAMF.

Administration and securing of Google Workspace environments.

Knowledge of merchant acquiring, payment flows, and fintech ecosystems.

Security certifications (CISM, CISSP, or equivalent) are a plus.

About Barclays

Barclays is a British universal bank. It is diversified by business, by different types of customers and clients, and by geography. Barclays businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by its service company which provides technology, operations and functional services across the Group.

Values

Everything Barclays does is shaped by its five values of Respect, Integrity, Service, Excellence and Stewardship. The Barclays values inform the foundations of its relationships with customers and clients, but they also shape how Barclays measures and rewards the performance of colleagues. Simply put, success is not just about what you achieve, but about how you achieve it.

Diversity

Barclays aims to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included and their talents are nurtured, empowering them to contribute fully to Barclays vision and goals.

Hybrid Working

Barclays is currently in the early stages of implementing a hybrid working environment, which means that many colleagues spend part of their working hours at home and part in the office, depending on the nature of the role they are in. Barclays is flexible on how this works and it may continue to change and evolve. Depending on your team, typically this means that colleagues spend a minimum of between 20% to 60% of their time in the office, which could be over a week, a month or a quarter. However, some colleagues may choose to spend more time in the office over a typical period than their role type requires. Barclays also has a flexible working process where, subject to business needs, all colleagues globally are able to request work patterns to reflect their personal circumstances

Your Benefits

As a contract employee of Randstad Sourceright, you’ll receive a wide range of financial and personal benefits. There’s enrolment in a pension plan (after 12 weeks on assignment) and holiday pay. You’ll also get 24/7 access to an Employee Assistance Programme, designed to help you deal with any problems that could be affecting your home or work life. Plus, there’s discounts at heaps of high street shops, restaurants and entertainment - from Asda to Zizzi Italian restaurants