OneMain Financial Jobs

Introduction

At IBM CIC, we provide technical and industry expertise to a wide range of public and private sector clients in the UK.

A career in IBM CIC means you'll have the opportunity to work with leading professionals across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. You will get the chance to deliver effective solutions, driving meaningful business change for our clients, using some of the latest technology platforms.

Curiosity and a constant quest for knowledge serve as the foundation to success here. You'll be encouraged and supported to constantly reinvent yourself, focusing on skills in demand in an ever changing market. You'll be working with diverse teams, coming up with creative solutions which impact a wide network of clients, who may be at their site or one of our CIC or IBM locations. Our culture of evolution centres on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

We offer:

• Many training opportunities from classroom to e-learning, mentoring and coaching programs and the chance to gain industry recognized certifications

• Regular and frequent promotion opportunities to ensure you can drive and develop your career with us

• Feedback and checkpoints throughout the year

• Diversity & Inclusion as an essential and authentic component of our culture through our policies and process as well as our Employee Champion teams and support networks

• A culture where your ideas for growth and innovation are always welcome

• Internal recognition programs for peer-to-peer appreciation as well as from manager to employees

• Tools and policies to support your work-life balance from flexible working approaches, sabbatical programs, paid paternity leave, maternity leave and an innovative maternity returners scheme

• More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Program, life assurance and a group personal pension plan of an additional 5% of your base salary paid by us monthly to save for your future.

Your role and responsibilities

IBM is seeking a Data & Application Security (DAS) Consultant to support the design, implementation, and improvement of security controls protecting applications and sensitive data within public sector environments.

This is a hands-on delivery role suited to practitioners who enjoy working close to the technology. You will help clients embed security across the software development lifecycle, strengthen data protection controls, and respond to emerging risks in complex, regulated environments.

Depending on your experience level, you may lead specific workstreams or contribute as a technical specialist within larger delivery teams. We welcome candidates who are continuing to grow their consulting and leadership capability.

What you'll do:

Hands-On Security Delivery

• Implement and improve application and data security controls in client environments.

• Support Threat Modelling activities and Secure SDLC integration.

• Contribute to DevSecOps pipeline improvements and security automation.

• Perform and triage application security testing and vulnerability findings.

• Apply data protection techniques including encryption (at rest and in transit), masking, and anonymisation.

• Support DLP implementation and tuning activities.

Security Engineering & Risk Reduction

• Analyse vulnerabilities and security incidents and help define practical remediation steps.

• Strengthen database security through access controls, auditing, and patch management.

• Help implement security guardrails for cloud and application modernisation programmes.

• Integrate security telemetry with SIEM platforms for monitoring and response.

Client Collaboration

• Work with developers, platform engineers, architects, and security teams to embed security into delivery workflows.

• Contribute to client workshops and technical discussions.

• Translate technical findings into clear, actionable guidance.

Required technical and professional expertise

• Practical, hands-on experience in application and/or data security.

• Working knowledge of Secure SDLC, Threat Modelling, or DevSecOps practices.

Experience with one or more of:

• Application security testing or vulnerability management

• Data protection controls (encryption, masking, anonymisation)

• DLP technologies

• Database security controls

• SIEM or security monitoring tools

• Understanding of common security frameworks (e.g., NIST, ISO 27001, CIS).

• Ability to work within regulated or security-sensitive environments.

This role is subject to pre-employment screening in line with the UK Government’s Baseline Personnel Security Standard (BPSS). An additional range of Personal Security Controls referred to as National Security Vetting (NVS) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV).

Preferred technical and professional experience

• Experience supporting cloud or multicloud security implementations.

• Familiarity with public sector or highly regulated environments.

• Exposure to data classification or data governance practices.

• Relevant certifications (e.g., CISSP, CISM, CCSP, CSSLP) — not required.

• Experience working in consulting or client-facing delivery roles.

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.