Security Consultant

Albany Beck is looking for an experienced Security Consultant with a strong background in Security Risk Management, GRC, Vulnerability Analysis, and Compliance to join a high-impact programme within a leading global investment bank. This is an exciting opportunity to play a key role in the design and implementation of security controls, frameworks, and processes to strengthen the bank’s overall security posture.

As a Security Consultant, you’ll be working in the client’s security team, contributing to critical workstreams that span governance, risk and compliance (GRC), vulnerability management, and security control design. You'll work closely with cross-functional stakeholders including technology, audit, and operations teams to ensure the organisation’s security strategy aligns with regulatory expectations and industry best practices.

Key Responsibilities:

1. Conduct security risk assessments and develop risk treatment plans aligned with the bank’s risk appetite.
2. Support the development, implementation, and continuous improvement of security governance frameworks and GRC processes.
3. Design and enhance security controls across infrastructure, applications, and cloud environments.
4. Lead or support vulnerability analysis activities, including risk-based prioritisation and remediation tracking.
5. Ensure alignment with global security standards and frameworks (e.g. NIST, ISO 27001, CIS).
6. Partner with compliance, audit, and internal stakeholders to address regulatory requirements and support evidence gathering for audits.
7. Leverage SIEM and monitoring tools to inform risk posture and ensure control effectiveness.
8. Produce high-quality documentation, dashboards, and risk reports for senior stakeholders.

What We’re Looking For:

1. Proven experience as a Security Consultant, Risk Analyst, or GRC Specialist in enterprise environments—ideally within financial services.
2. Strong working knowledge of security frameworks and standards: NIST CSF, ISO 27001, CIS, etc.
3. Experience with security risk assessments, controls design, and compliance monitoring.
4. Familiarity with vulnerability management practices and tools.
5. Exposure to SIEM platforms and their role in risk and control monitoring.
6. Strong stakeholder management and communication skills—capable of translating technical risk into business impact.
7. Experience within a regulated environment, particularly investment banking, is highly desirable.