Principal Security Consultant

M&S
London
2 days ago
Create job alert

Job Description

Have you got what it takes to succeed The following information should be read carefully by all candidates.Summary

We are seeking a highly skilled Principal Security Consultant to lead the security strategy, implementation, and assessment of our web platforms in an Azure cloud environment. This role will be instrumental in securing web applications, APIs, cloud workloads, and CI/CD pipelines while ensuring alignment with industry best practices and compliance standards. The successful candidate will work closely with development, DevOps, and architecture teams to embed security within the engineering lifecycle. Additionally, this role requires expertise in Akamai security solutions, ensuring that edge security, WAF policies, bot mitigation, and CDN configurations align with security best practices.

What you'll doLead and define security strategy for web platforms in Azure and Akamai environments, ensuring alignment with security frameworks (OWASP, CIS) and developing policies and guidelines.Implement secure-by-design principles, lead threat modeling, and drive security testing (SAST, DAST, IaC) across the SDLC, while securing CI/CD pipelines and authentication mechanisms (Azure AD, OAuth).Manage and optimize Akamai security solutions (WAF, Bot Manager, ASE), implementing zero-trust principles and tuning WAF rules to minimize false positives.Enforce security controls in Azure (Defender for Cloud, NSGs) and guide secure IaC practices, container security, and monitoring using Azure Sentinel and SIEM tools.Lead incident response, security investigations, and compliance with standards (GDPR, PCI-DSS, SOC 2), while mentoring teams and aligning security priorities with business goals.

Who you areStrong expertise in securing web applications (OWASP Top 10, API security, web frameworks) and experience with Akamai security solutions (Kona Site Defender, Bot Manager, Edge DNS).Deep knowledge of Azure security (Azure AD, Key Vault, Defender for Cloud, WAFs) and experience securing API gateways, microservices, and serverless functions (Azure Functions, API Management).Proficiency in DevSecOps practices, tools (GitHub Actions), and IaC security (Terraform, ARM templates), with hands-on experience in security scanning (SAST, DAST, SCA, IAC).Expertise in container security (Docker, Kubernetes, AKS), threat modeling (Microsoft Threat Modeling Tool), and understanding Zero Trust architecture and IAM best practices.Strong stakeholder engagement skills, the ability to communicate security risks to technical and non-technical audiences, and experience leading security initiatives.Preferred: Certifications (CISSP, CISM, AZ-500), experience with SIEM tools (Azure Sentinel, Splunk), and familiarity with secure coding practices and penetration testing.

We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.

#J-18808-Ljbffr

Related Jobs

View all jobs

Principal Security Consultant

Principal Consultant, Offensive Security, Proactive Services (Unit 42) Remote

Cyber Security Consultant

Penetration Tester (Principal Consultant)

Penetration Tester (Principal Consultant)

Principal Consultant, Offensive Security, Proactive Services (Unit 42) Remote

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

Global vs. Local: Comparing the UK Cybersecurity Job Market to International Landscapes

Understanding opportunities, salaries, and work culture in cybersecurity across the UK, the US, Europe, and Asia Cybersecurity has rapidly ascended from a back-office concern to a strategic priority for every industry. As data breaches, ransomware, and nation-state attacks increase in frequency and sophistication, organisations worldwide are racing to fortify their digital defences. This ongoing surge in cyber threats fuels an unprecedented demand for skilled security professionals—ranging from penetration testers and threat intelligence analysts to cloud security architects and CISOs. In this article, we’ll explore how the UK cybersecurity job market compares to major international hubs in the United States, Europe, and Asia. We’ll discuss job opportunities, salary bands, work culture, and provide guidance for those who might be contemplating remote or overseas positions. By understanding the nuances of each region’s cybersecurity ecosystem, you can make a more informed decision about where and how to advance your career in this high-impact, fast-evolving sector. Whether you’re a seasoned expert with years of experience or a career-changer eager to break into cybersecurity, this overview will help you navigate the global landscape. By the end, you’ll have a clearer perspective on each region’s advantages and challenges—along with practical insights for seizing the best opportunities in a field that has become mission-critical for every modern organisation.

Careers

Cybersecurity Leadership for Managers: Strategies to Motivate, Mentor, and Set Realistic Goals in Threat-Driven Environments

In an era of rapidly increasing data breaches, ransomware attacks, and corporate espionage, the importance of robust cybersecurity cannot be overstated. Protecting digital assets has become as essential as safeguarding physical resources, and organisations worldwide rely heavily on specialised teams to defend against sophisticated cyber threats. However, even the most advanced tools and techniques are only as effective as the leadership guiding their use. Cybersecurity leadership requires a dynamic blend of technical know-how, strategic thinking, and people-management skills to maintain readiness against ever-evolving threats. This article is designed for professionals aiming to lead cybersecurity teams or transition into managerial roles where understanding how to motivate, mentor, and set realistic goals is paramount. With insights into building high-performing teams, fostering collaboration, and embracing continuous learning, you’ll be equipped to protect your organisation from a broad spectrum of cyber risks.

Careers Jobs

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.