Cyber Security Engineer- IAM

We are a $13+ billion global technology company, home to more than 224,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud, and AI, powered by a broad portfolio of technology services and products.

HCLTech is a globally recognized leader in the Tech and IT industry, but we’ve never forgotten the startup mindset that got us here. We’ve always approached our work with an idea-first attitude because every one of our accomplishments —no matter how big or small —can be traced back to an idea’s single spark.

It’s that spark —that inner drive —that sets our people apart from our competitors. It enables us not just to pull off game-changing feat after game-changing feat but to better our world in the process. We want you to find your spark. Because that’s what drives you to be better, be more and ultimately, be more fulfilled.

To learn more about how we can supercharge progress for you, visit www.hcltech.com

Job details: Security Consultant

Location: Edinburgh, Leeds, Halifax, Manchester or Bristol

Hybrid mode- 2 days week (Work from client location)

This is Fixed term contract role

Job Description

Cyber Security Engineer

What you’ll do

• Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence.
• Threat model by deconstructing technical solutions, identifying threats and vulnerabilities, and assessing risks.
• Use experience to analyse the risks and benefits of design options to support making safe architectural decisions.
• Design secure solutions documenting the key security controls and adhering to security standards.
• Define security testing requirements and assess findings.
• Effectively communicate technical concepts to both technical and non-technical audiences, providing security direction, governance, assurance and guidance.

What we’re looking for

• Dynamic solution-oriented individual bringing energy to a rapidly evolving environment with an ability to work well under pressure.
• Broad knowledge of modern Enterprise technologies including Cloud and AI.
• Exposure to contemporary architectures (e.g., RESTful APIs and containerised microservices).
• Up-to-date on emerging threats and experienced with threat modelling frameworks (e.g., STRIDE / MITRE ATT&CK).
• Significant knowledge of cyber security domains and how they apply to Enterprise business environments (e.g., endpoint, network, cryptography and IAM).

Nice to have

• Awareness of industry-related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
• Certifications in security management (e.g., CISSP / CISM / CCSP or equivalent).
• Certifications in technical security domains (e.g., CEH / OSCP or equivalent).
• Experience of Public and/or Private cloud environments.