Product Security Specialist
Description
10 Bressenden Place, London, SW1E 5DN, United Kingdom, London SW1E 5DN, GB
Company description
We believe in the power of ingenuity to build a positive human future.
As strategies, technologies, and innovation collide, we create opportunity from complexity.
Our teams of interdisciplinary experts combine innovative thinking and breakthrough technologies to progress further, faster. Our clients adapt and transform, and together we achieve enduring results.
We are over 4,000 strategists, innovators, designers, consultants, digital experts, scientists, engineers, and technologists. And we have deep expertise in consumer and manufacturing, defence and security, energy and utilities, financial services, government and public services, health and life sciences, and transport.
Our teams operate globally from offices across the UK, Ireland, US, Nordics, and Netherlands.
PA. Bringing Ingenuity to Life.
We believe in the power of ingenuity to build a positive human future. We challenge where it matters and own the outcome. We combine strategic thinking, customer-centric service design, and agile engineering practices to accelerate innovation in a tech-driven world.
Why consider joining our Digital & Data community? đ€
Join our Digital & Data team working alongside product, design and a wide range of other experts and cross-disciplinary teams to bring ideas to life through innovative software solutions.
Grow a flexible and unique career within a trust-based, inclusive environment that values excellence, innovation, and curiosity. You have the option to progress with us on a technical career track. No need to go onto the Partner career track if this doesnât align with what you want to do.
Hybrid working - our approach is to be in the office or on client site a minimum of 2 days per week.
Work on a broad variety of projects and tech stacks for clients across seven sectors - no project is ever the same
Join other experts within our supportive and collaborative tech community through knowledge-sharing and peer-level support, coaching and mentoring
Deepen your expertise through our a culture of learning and growth â youâll have budget to take courses (technical and non-technical training), plus gain certifications
What you can expect đ±
Work to agile best practices and cross-functionally with multiple teams and stakeholders. Youâll be using your technical skills to problem solve with our clients, as well as working on internal projects
Work with client product teams and functional groups on determining objectives, scope, and timelines for key product security initiatives and architecting the delivery methodologies
Assess security risks across client product portfolios and recommend remediation strategies while balancing business and technical requirements
Advice on strategies around coding, threat modeling, and security testing for embedded systems, IoT devices while ensuring compliance with industry regulations
Work alongside client R&D teams to lead on secure code reviews, threat modeling, security risk assessments, vulnerability assessments and validation and verification of controls
Monitor emerging cybersecurity threats in the IoT and medical device landscape and write though leadership to showcase PAâs point of view on these
Build strong stakeholder relationships across our clients
Foster team growth, training and deliver outcomes.
Support and drive business development efforts
Manage projects with expertise.
Solve problems with a consulting approach.
Hybrid working with the team on client site or in our office a minimum of two days per week. However, the actual time you spend and where you spend it will vary by role or assignment, including up to 5 days per week on a client site.
An environment that deeply cares about its values Values | PA Consulting
Essential requirements â
Even if you donât meet every requirement below, feel free to still apply as we are often hiring for similar roles which your background might be better suited to.
8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry.
Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance
Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining residual risk after applying compensating security controls
Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA,, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems
Experience working with teams in a structured software development lifecycle process
Excellent interpersonal skills, both written and verbal, with the ability to clearly convey complex security topics to a wide audience - technical and non-technical teams.
Proven track record of achieving outcomes and nurturing relationships.
Skilled in crafting compelling proposals and other business development materials. Proficient in cultivating opportunities within the client base and network.
Holds Cyber Security accreditations/qualifications such as [CISSP, CSSLP, CISM], indicating a solid foundation in the field.
You thrive in problem-solving and analytical thinking
You enjoy collaborating with multiple stakeholders in a fast-paced environment
Please be aware that some of our UK roles at PA Consulting require a UK security clearance.
All PA people are required to undergo background checks and to achieve the Baseline Personnel Security Standard however, some UK roles also require higher levels of National Security Vetting, where applicants must have at least 5 years of continuous residency in the UK.
We therefore ask XXXX XXXX only apply if you meet the residency requirements (i.e. you are a British citizen or have been resident in the UK for the past 5 years), as this is the prerequisite for a security clearance. If you're unsure about your eligibility, we encourage you to review the UK Governmentâs guidance on security vetting before applying.
Additional information
Assessment process âïž
Please note that the interview stages may be subject to change based on the specific requirements of the role.
Quick call with one of our Tech Recruiters
- to discuss your application, the role and PA
Round 1: Either a competency or technical interview (60 mins)
Round 2: Either a competency or technical interview, whichever you didnât do at first round (60 mins)
Final round đ: Meeting with a PA leader - a mini case study and discussion around your client-centricity (60 mins)
Life At PA encompasses our peoples' experience at PA. It's about how we enrich peoplesâ working lives by giving them access to unique people and growth opportunities and purpose led meaningful work.
Our purpose guides how we work with our clients and our teams, and support our communities, to deliver insight and impact, solving the worldâs most complex challenges. We're focused on building a workplace that values human difference and diverse mindsets, and a culture of inclusion and equality that unlocks the potential in our people so everyone can be their best self.
Find out more about Life at PA here.
We are dedicated to supporting the physical, emotional, social and financial well-being of our people. Check out some of our extensive benefits:
Health and lifestyle perks accompanying private healthcare for you and your family
25 days annual leave (plus a bonus half day on Christmas Eve) with the opportunity to buy 5 additional days
Generous company pension scheme
Opportunity to get involved with community and charity-based initiatives
Annual performance-based bonus
PA share ownership
Tax efficient benefits (cycle to work, give as you earn)
Weâre committed to advancing equality. We recruit, retain, reward and develop our people based solely on their abilities and contributions and without reference to their age, background, disability, genetic information, parental or family status, religion or belief, race, ethnicity, nationality, sex, sexual orientation, gender identity (or expression), political belief, veteran status, any other range of human difference brought about by identity and experience. We welcome applications from underrepresented groups.
Adjustments or accommodations - Should you need any adjustments or accommodations to the recruitment process, at either application or interview, please contact us on inquiries@consultant.dev