cryptography practices (e.g. PKI) Cloud environments (Azure, AWS) Fundamental understanding of privacy and dataprotection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside More ❯
annual external audits required to support certification. Ensure data security and compliance with relevant legal, regulatory, contractual and policy requirements. Ensure process and requirements are met to support GDPR compliance and protection of personal data. Maintain and improve level of compliance with ISO 27001:2022 and Cyber Essentials Plus requirements. Work in partnership with development staff to embed More ❯
Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable dataprotection laws (e.g., GDPR, CCPA, GLBA). Guide DataProtection Impact Assessments (DPIAs) for high-risk financial data … with data analytics platforms and financial data governance tooling. Strong working knowledge of financial compliance frameworks (e.g., GLBA, SOX, FFIEC CAT, NYDFS). Familiarity with privacy regulations (GDPR, CCPA) and best practices in data governance. Certifications such as CISSP, CISM, CISA, CRISC, or Certified DataProtection Officer (CDPO) are highly desirable. We offer a collaborative More ❯
Wandsworth, Greater London, UK Hybrid / WFH Options
Sonata One
Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable dataprotection laws (e.g., GDPR, CCPA, GLBA). Guide DataProtection Impact Assessments (DPIAs) for high-risk financial data … with data analytics platforms and financial data governance tooling. Strong working knowledge of financial compliance frameworks (e.g., GLBA, SOX, FFIEC CAT, NYDFS). Familiarity with privacy regulations (GDPR, CCPA) and best practices in data governance. Certifications such as CISSP, CISM, CISA, CRISC, or Certified DataProtection Officer (CDPO) are highly desirable. We offer a collaborative More ❯
transformation across services, enhancing efficiency, customer experience, and digital capability. Oversee the management of IT infrastructure, cloud services, enterprise applications, and cybersecurity frameworks. Ensure compliance with regulatory standards (e.g., GDPR, ISO 27001, Cyber Essentials+) and proactively manage cyber risks. Lead digital programmes including automation, data analytics, self-service, and agile delivery models. Build and develop a high-performing, collaborative … vendor relationships, contracts, and service levels. Cybersecurity and Risk Management Lead the development and implementation of the Information Governance Framework, policies, and procedures. Ensure compliance with regulatory requirements e.g., GDPR, ISO 27001, Cyber Essentials. Proactively manage cyber risks and incident response plans Digital Transformation Drive digital programs including automation, data analytics, self-service platforms, and customer-facing technologies. Promote More ❯
consumption. Data Management and Governance: Strong knowledge of data management principles and best practices, including data governance frameworks. Experience with data security and compliance regulations (GDPR, CCPA, HIPAA, etc.) Leadership and Communication: Exceptional leadership skills to manage and guide a team of architects and technical experts. Excellent communication and interpersonal skills, with a proven ability to More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all … Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response More ❯
procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls as needed. Contribute to cybersecurity strategic planning and budgeting. Follow change management policies. Qualifications Bachelor More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management: Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
and lifecycle management of IT assets. Security, Compliance & Risk Management: Embed security and compliance into operational workflows with automated security controls. Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, and cloud security best practices. Collaborate with cybersecurity teams to integrate zero-trust security models. Drive resiliency planning, disaster recovery, and business continuity initiatives. Financial & Vendor Management: Optimize IT operational More ❯
or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high information security standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and / or Machine Learning Project planning and management experience. Experience with finance systems i.e. Sage, Qube, IRIS or similar. Experience with CRMs such as HubSpot More ❯
or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high information security standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and / or Machine Learning Project planning and management experience. Experience with finance systems i.e. Sage, Qube, IRIS or similar. Experience with CRMs such as HubSpot More ❯
or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high information security standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and / or Machine Learning Project planning and management experience. Experience with finance systems i.e. Sage, Qube, IRIS or similar. Experience with CRMs such as HubSpot More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
foster a strong security-first culture Compliance & Governance Work in partnership with the Compliance Manager and DPO to ensure security measures support dataprotection obligations (e.g. UK GDPR). Maintain up-to-date records of security incidents, policies, and audit logs - ensuring documentation is meaningful and accessible. Support leadership with security input into market entry, overseas operations, and More ❯
Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit, and eDiscovery capabilities Track Secure Score and … on with PowerShell and Microsoft Graph API for security automation Familiarity with M365 security, Zero Trust models, and Microsoft Information Protection Knowledge of compliance tools and frameworks (e.g. GDPR, ISO 27001, NIS2) Experience with Azure Firewall, NSGs, ASGs, and endpoint management Certifications (Required) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) or More ❯
plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We … Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem More ❯
IT certifications such as CompTIA A+, Network+ * Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+ * Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR). * Experience in scripting or programming languages including PowerShell for automating security tasks. Person Specification: * Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by More ❯
Chelsea and Westminster Hospital NHS Foundation Trust
, engineering and or other technical disciplines or equivalent experience Experience working in cloud-based data environments (e.g., AWS, Azure, GCP) Familiarity with data privacy regulations (e.g., GDPR, HIPAA) and compliance considerations and a track record of working at a similar level in this specialist area Experience Essential Track record of delivering data and analytics projects on More ❯
