Company Description/ Business Unit Think the AA is just about roadside assistance? Think again. For over a century, we've been evolving and adapting. Today, as the nation's leading motoring organisation, we offer a wide range of products and services to millions of customers. From roadside assistance to home and motor insurance, and the latest driving technologies, we have it all. As we continue to expand, diversify, and modernise, joining us as a Senior Information Security Consultant means you'll play a crucial role in our success and be part of this exciting motoring journey. This is the job As a Senior Information Security Consultant (InfoSec), you will focus on cybersecurity governance, risk, and compliance activities. You will maintain a cybersecurity assurance framework aligned with NIST, PCI-DSS, and ISO27001 standards. You will also act as a security subject matter expert, ensuring robust security controls are implemented across all change and IT projects. What will I be doing? Serve as an Information Security Expert across the organisation, providing technical expertise and defining security principles and standards. Document security risk assessments, identify issues or risks, and escalate them to senior management. Manage and deliver the testing of security risk controls, working with the business to maintain the Information Security Management System (ISMS). Collaborate with the IT solutions team to detail security designs in project templates and manage penetration testing needs before go-live. Develop processes and configuration documents for IT operations and third-party suppliers, ensuring compliance with Information Security standards. Identify, engage, and manage third-party organisations for vulnerability assessments and security audits, providing recommendations to minimise risks. What do I need? Strong Information Security (InfoSec) experience with a particular focus across ISO27001, PCI-DSS and Cyber Essentials. Relevant qualifications/certifications are essential to this role, particularly with ISO27001 and PCI-DSS. Key stakeholder management and engagement experience with the ability to translate technical to non-technical audiences at all seniority levels. Previous technology security consultancy experience, with knowledge of IT security solutions and their integration into business systems. Strong technical and analytical skills across various technologies (Windows, networks, Linux, Oracle, web applications) and experience with third-party security providers. Familiarity with formalised security risk management methodologies, ITIL and/or Prince2, and experience in cloud and SaaS security. Flexible and pragmatic approach to problem-solving, with the ability to travel to other AA sites as required. Self-starter with the ability to work independently and in teams, and a strong desire to work across multiple projects and business units. Additional information We’re always looking to recognise and reward our employees for the work they do. As a valued member of The AA team, you’ll have access to a range of benefits including: 25 days annual leave plus bank holidays holiday buying scheme Worksave pension scheme with up to 7% employer contribution Free AA breakdown membership from Day 1 plus 50% discount for family and friends Discounts on AA products including car and home insurance Employee discount scheme that gives you access to a car salary sacrifice scheme plus great discounts on healthcare, shopping, holidays and more Company funded life assurance Diverse learning and development opportunities to support you to progress in your career Dedicated Employee Assistance Programme and a 24/7 remote GP service for you and your family Plus, so much more We’re an equal opportunities employer and welcome applications from everyone. The AA values diversity and the difference this brings to our culture and our customers. We actively seek people from diverse backgrounds to join us and become part of an inclusive company where you can be yourself, be empowered to be your best and feel like you truly belong.