Skills

MongoDB CI/CD CI/CD Pipelines Terraform

Job Specifications

We’re working with a major UK retailer that’s continuing to invest heavily in cyber security advisory capability across its digital and platform estate. This is a consultative role focused on guiding, influencing and enabling teams to design and operate secure SaaS and PaaS platforms at scale.

Rather than hands-on operational delivery, you’ll act as a trusted security advisor, partnering with engineering, platform and product teams to reduce risk, improve configuration hygiene and embed secure-by-design practices.

What you’ll be doing

Acting as a Cyber Security Consultant to platform and engineering teams across SaaS/PaaS services (Microsoft, Google, Atlassian, MongoDB Atlas)
Leading security reviews and advisory assessments focused on configuration, access, identity and platform risk
Providing clear, pragmatic guidance on IAM, least privilege, Zero Trust and secure platform patterns
Advising on API and database security design, controls and threat mitigation
Supporting teams to embed security into CI/CD pipelines and IaC workflows, advising on guardrails rather than owning build
Translating security risk into practical recommendations that delivery teams can implement quickly
Producing guidance, standards and documentation, and running workshops and knowledge-sharing sessions
Acting as a bridge between security, engineering, vendors and third parties

What we’re looking for

Experience in a cyber security advisory, consulting or internal consulting-style role
Strong grounding in Identity & Access Management (SSO, JWT, OAuth/OIDC, RBAC/ABAC, least privilege)
Solid understanding of API security and database security fundamentals
Working knowledge of Terraform, CI/CD and automation concepts (hands-on coding not required)
Ability to assess risk, challenge designs constructively and influence without authority
Comfortable engaging senior engineers, architects and product stakeholders
A pragmatic mindset — focused on enabling delivery, not blocking it

About the Company

InfoSec People is a specialist IT and Information Security recruitment business. We are committed to providing best-practice recruitment solutions, upholding the highest levels of service and delivery for our clients and candidates alike. InfoSec People provide Permanent, Contract and Executive Search recruitment solutions in the Information Security sector, working closely with our clients to find the right career move or the best talent in the industry to drive business forward. Our capability to supply includes: - Techn... Know more