Information Security Consultant- Digital

Co op Group
£50000.0 - £62000.0 per annum
07 Oct 2017
07 Nov 2017
Contract Type
Full Time

Information Security Consultant - Digital

£50,000 - £62,000 p/a + amazing benefits (Grade D)

Manchester city centre

The Co-op is changing. And it's changing fast. We're re-building our business to make it fit for the future, and our Information Security (InfoSec) team has a vital role to play in this transformation. With new legislations coming in all the time, it's never been more important for us to protect our business, our members and our customers. That's why we're investing in people and technology to really develop our information security capabilities. Now we're looking for a talented InfoSec consultant to join us and help deliver the information security strategy in our complex, socially responsible business. If you can bring us the unique mixture of technical know-how and amazing people skills we need, we can offer you the chance to develop your skills and build a career with a business that really does put people at the heart of its strategy.

As an InfoSec consultant at the Co-op, you'll focus on all things digital, understanding business processes and technical environments, and helping to strengthen internal controls across a range of projects and business areas. It's an exciting opportunity to be part of our growing team. The next generation of information security is coming - and we need talented people to make sure we stay ahead and maintain trust with our members, colleagues and customers.

What you'll do:

  • provide advice, guidance & consultancy to colleagues across the digital teams
  • participate as an active member of the Digital Engineering leadership team
  • work with a diverse set of cloud platforms including AWS, Heroku and Salesforce
  • review end-to-end web architectures to fulfil resilience and security requirements through content delivery mechanisms and application firewalls
  • build and develop relationships with colleagues from all of our businesses, supporting change and promoting information security as a business enabler
  • identify, evaluate and resolve security risks affecting new and existing solutions, explaining the causes, likelihood and impact of information security risks to risk owners
  • contribute to the development of InfoSec strategies, roadmaps, business cases and remediation plans
  • feed into a continuous integration process which includes secure 'infrastructure as code' employing tools such as Terraform, Puppet, Gitlab, and Jenkins
  • assess applications built on frameworks including Django and Rails
  • provide input into secure scalable web services and APIs
  • scope and manage penetration testing engagements and support business units in the management of risks and the remediation process
  • support the supplier selection processes following RFIs & RFPs, using formal due diligence procedures to ensure that any selected supplier has adequate security levels to be able to trade securely with the Co-op

To be successful, you'll need a proven track record in successfully delivering information security consultancy, and the knowledge and expertise to lead the way on technology decisions. Technical skills alone won't get you through. You'll also be a great communicator. Someone who can build trusting and productive relationships with both a range of external partners and colleagues at all levels.

We'd love to speak to you if:

  • you have experience in InfoSec consultancy or Security Management within a big complex business
  • you're great at building trusting relationships at all levels of the organisation that allow you to influence and lead on the InfoSec agenda, managing complex trade-offs across our business
  • you've worked with cloud technologies and would describe yourself as open, agile and digital
  • you can write code, even if only a little
  • you have a proven track record helping to secure application development processes
  • you can bring a diverse technology background and the ability to make a big contribution to our information security strategy
  • you have an in-depth understanding of the ISO27000 series and PCI DSS standards, and a recognised security qualification

Why Co-op

173 years ago the Rochdale pioneers came up with an idea that changed the world. They believed that when people work together, they're stronger, and it's thanks to them that as a Co-op colleague you'll receive a competitive salary and benefits including 27 days holiday, an annual incentive scheme, discounts on all kinds of products and services, and an amazing pension.

We're actively building diverse teams and we welcome applications from everyone. But we know that simply having a diverse workforce is not enough. We want to create an inclusive environment, where everyone can contribute their best work and develop to their full potential. We celebrate our differences. And we recognise the importance of our teams reflecting the communities they serve.

We can make adjustments to our interview process according to your needs. And we offer a flexible working environment, enabling our colleagues to adjust their hours to accommodate personal circumstances. You can find out more about all our Co-op people policies at

This job was originally posted as