Principle Security QA Consultant - SC Cleared - Inside IR35

Remote with travel to Croydon
6 months+ contract
ASAP Start
£600-650 per day

Our client is developing an internal Security Testing capability within the Quality Assurance and Testing function. As a Principle Cyber Security Professional, you will work within the Cyber Security team, collaborating with senior security stakeholders to develop and lead the security testing service, representing security testing for the client. Strong communication and professionalism are essential as you will work closely with senior security colleagues organization-wide.

In Security Testing, your role involves delivering security testing, vulnerability assessments, and ensuring security compliance to protect services and provide technical security advice based on risk assessments.

You will collaborate with key business and technical stakeholders to deliver security testing, technical advice, and guidance to enable secure solutions and services.

1. Lead the development and delivery of security testing documentation to support the service's growth.
2. Coordinate with internal and external partners to ensure security testing and assurance meet standards and regulations.
3. Support security assessments, penetration testing, and other security evaluations, documenting findings.
4. Manage vulnerability and security compliance across on-premise and cloud solutions.
5. Work with project teams to provide expertise on security testing requirements.
6. Act as escalation point for security testing incidents.
7. Research and adopt new security technologies and methodologies.
8. Assess threats and vulnerabilities, identifying deviations from security baselines.
9. Communicate security risks and findings clearly to stakeholders.
10. Stay updated on new threats and vulnerabilities, recommending remedial actions.

• Experience with applying technical security controls in real environments, understanding threats, vulnerabilities, and best practices.
• Passion for security testing and continuous learning.
• Recognized industry certifications such as CREST, Offensive Security, SANS/GIAC, or equivalent.
• Experience conducting diverse security tests across various environments.
• Proficiency with vulnerability management tools, reporting, and assessments.
• Strong communication skills for engaging stakeholders at all levels.
• Ability to work collaboratively within teams, sharing knowledge and advising colleagues.
• Knowledge of common vulnerabilities (OWASP Top 10, CVE databases).
• Understanding of Agile and DevOps practices, integrating security into CI/CD pipelines.

• Knowledge of penetration testing tools and techniques.
• Experience with security testing reports and stakeholder communication.
• Experience delivering security aspects in project delivery.
• Understanding of IT infrastructure and application architectures.
• Knowledge of network protocols, encryption algorithms (AES, RSA), PKI, SSL/TLS, SIEM, and OS patching.

Candidates with or previously holding high-level security clearance are encouraged to apply. Successful applicants will require security clearance, which can take up to 10 weeks. LA International is a recognized ICT Recruitment and Project Solutions provider, committed to diversity and inclusivity.