cryptography practices (e.g. PKI) Cloud environments (Azure, AWS) Fundamental understanding of privacy and dataprotection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside More ❯
Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable dataprotection laws (e.g., GDPR, CCPA, GLBA). Guide DataProtection Impact Assessments (DPIAs) for high-risk financial data … with data analytics platforms and financial data governance tooling. Strong working knowledge of financial compliance frameworks (e.g., GLBA, SOX, FFIEC CAT, NYDFS). Familiarity with privacy regulations (GDPR, CCPA) and best practices in data governance. Certifications such as CISSP, CISM, CISA, CRISC, or Certified DataProtection Officer (CDPO) are highly desirable. We offer a collaborative More ❯
monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all … Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response More ❯
procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls as needed. Contribute to cybersecurity strategic planning and budgeting. Follow change management policies. Qualifications Bachelor More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
and lifecycle management of IT assets. Security, Compliance & Risk Management: Embed security and compliance into operational workflows with automated security controls. Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, and cloud security best practices. Collaborate with cybersecurity teams to integrate zero-trust security models. Drive resiliency planning, disaster recovery, and business continuity initiatives. Financial & Vendor Management: Optimize IT operational More ❯
or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high information security standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and / or Machine Learning Project planning and management experience. Experience with finance systems i.e. Sage, Qube, IRIS or similar. Experience with CRMs such as HubSpot More ❯
or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high information security standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and / or Machine Learning Project planning and management experience. Experience with finance systems i.e. Sage, Qube, IRIS or similar. Experience with CRMs such as HubSpot More ❯
or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high information security standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and / or Machine Learning Project planning and management experience. Experience with finance systems i.e. Sage, Qube, IRIS or similar. Experience with CRMs such as HubSpot More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and … on with PowerShell and Microsoft Graph API for security automation Familiarity with M365 security, Zero Trust models, and Microsoft Information Protection Knowledge of compliance tools and frameworks (e.g. GDPR, ISO 27001, NIS2) Experience with Azure Firewall, NSGs, ASGs, and endpoint management Certifications (Required) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) or More ❯
plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We … Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem More ❯
IT certifications such as CompTIA A+, Network+ * Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+ * Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR). * Experience in scripting or programming languages including PowerShell for automating security tasks. Person Specification: * Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by More ❯
Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for dataprotection compliance) Experience Requirements: 3-5+ years of experience in Information Security, Compliance, or IT Risk Management. Experience … with regulatory frameworks in UK & EU : GDPR (GeneralDataProtectionRegulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for third-party compliance. Handling incident response & reporting … e.g., Data Breach Notifications under GDPR). Key Skills & Technical Knowledge: Deep understanding of dataprotection laws (UK GDPR, EUGDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting More ❯
consumption. Data Management and Governance: Strong knowledge of data management principles and best practices, including data governance frameworks. Experience with data security and compliance regulations (GDPR, CCPA, HIPAA, etc.) Leadership and Communication: Exceptional leadership skills to manage and guide a team of architects and technical experts. Excellent communication and interpersonal skills, with a proven ability to More ❯
level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls and continuous More ❯
applicable laws, particularly within cybersecurity, dataprotection, and operational risk. What you will do: Lead and support the implementation of key compliance and cybersecurity frameworks (e.g. UK GDPR, ISO 27001, Cyber Essentials), while developing regulatory risk frameworks that track and operationalise emerging obligations. Conduct and coordinate risk assessments, internal reviews, audits, and control testing to ensure compliance with … compliance, risk management, information security, or cybersecurity governance - ideally within a regulated environment such as financial services or fintech. The ability to understand and apply regulatory frameworks (e.g. UK GDPR, ISO 27001) and translate them into business-friendly policies, controls, and processes. Confidence working with regulatory frameworks like UK GDPR, ISO 27001, and Cyber Essentials, and a willingness to navigate … of the following): Certifications or practical experience as / in CISMP, CompTIA Security+, ISO 27001 Lead Implementer, CISM, CISSP, or PCI DSS QSA. Awareness of key regulations, including UK GDPR, DataProtection Act 2018, and the NIS Regulations An understanding of security risk management, governance, and policy implementation Awareness of common security threats, vulnerabilities, and related controls Basic More ❯
monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security, cloud network and API security for robust protection across all … Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response More ❯
audits.- Strong knowledge of information security frameworks and standards.- Excellent analytical and problem-solving skills.- Strong communication and interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.- Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection. CISA / CISSP / CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert More ❯
internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing More ❯
internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing More ❯
and customer feedback. Infrastructure And Security Ensure robust system architecture and IT infrastructure that supports business operations. Oversee cybersecurity measures to protect company and customer data, complying to GDPR requirements. Ensure interworking between on prem, private cloud and public cloud infrastructure to support platforms and products Optimize private and public cloud infrastructure, usage and cost, DevOps pipelines, and technical More ❯