as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security More ❯
london (city of london), south east england, united kingdom
Tosca
as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security More ❯
as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable. Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA Proficiency in risk management processes, vulnerability assessments, and incident response strategies. Current technical and hands-on experience with security More ❯
Education: Degree in IT, Information Security, Risk Management or a related field. Strong knowledge of DORA, NIS2, and UK/EU cyber regulations . Familiarity with frameworks: ISO27001, NIST, COBIT, CAF . Recognised certifications such as CISSP, CISM, CISA, CRISC, CTPRP . Experience with European financial regulations (BaFin, AMF, etc.). Proven background in information security, audit, or risk management More ❯
Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent• Familiarity with industry standards and frameworks e.g., NIST 800-53, ISO 27001/27002, CIS Controls, COBIT• Experience with risk assessments, and familiarity with IT systems, cybersecurity practices and domain • Strong analytical, problem solving and critical thinking skills with meticulous attention to detail• Excellent verbal and written More ❯
Skills & Experience Essential 10+ years of experience in IT audit, change audit, or technology risk, ideally within financial services. Strong knowledge of IT governance, risk, andcontrol frameworks (e.g., COBIT, COSO, NIST, ITIL). Solid understanding of application controls, SDLC, project governance, and change assurance. Proven experience managing complex audit portfolios and leading multi-disciplinary teams. Exceptional communication, reporting, andMore ❯
party regulations across UK and EU such as ECB's EBA, DORA andrelated standards Informationand Cyber Security Frameworks and industry Standards (e.g., NIST/ISO 27001/COBIT/ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management posture reports) Excellent inter-personal communication skills, able to liaise with More ❯
Required 10+ years of experience in IT Risk, Internal/External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA/FCA, BMA, CBI). Strong analytical, verbal, andMore ❯
london (city of london), south east england, united kingdom
Arthur Recruitment
Required 10+ years of experience in IT Risk, Internal/External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA/FCA, BMA, CBI). Strong analytical, verbal, andMore ❯
Surrey, England, United Kingdom Hybrid / WFH Options
Sanderson
regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of control frameworks (NIST CSF, COBIT). Ability to run threat intelligence and vulnerability assessments. Experience collaborating with 2nd and 3rd line governance teams (e.g., audit, compliance). Strong stakeholder engagement and influencing skills. Reasonable Adjustments More ❯
Senior Control Assurance Assessor Location: Remote, UK Length: Asap – 31/03/2026 Rate: £450 per day (Inside IR35) Hours: 37.5 per week Role Overview: As a Senior Control Assurance Assessor, you will be part of a team responsible More ❯
Information Security Regulatory Support Lead Location: Remote, UK Length: 6 Months Rate: £550 per day (Umbrella) Inside IR35 Hours: Normal Business hours Overview: You will oversee and coordinate regulatory readiness and strategic focus area support efforts across the EMAP region. More ❯
