cryptography practices (e.g. PKI) Cloud environments (Azure, AWS) Fundamental understanding of privacy and dataprotection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside More ❯
annual external audits required to support certification. Ensure data security and compliance with relevant legal, regulatory, contractual and policy requirements. Ensure process and requirements are met to support GDPR compliance and protection of personal data. Maintain and improve level of compliance with ISO 27001:2022 and Cyber Essentials Plus requirements. Work in partnership with development staff to embed More ❯
CD pipelines and cloud deployments. Manage output from cloud-native security tools (e.g., AWS GuardDuty, Azure Defender). Ensure compliance with industry regulations and standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide security guidance on architecture, design reviews, and cloud migrations. Create and maintain cloud security documentation, training materials, and incident response playbooks. Stay current on emerging cloud security More ❯
improve the organization's defences. Policy and Compliance: Establish and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry frameworks (e.g., ISO 27001, NIST, GDPR). Conduct regular audits and assessments to identify gaps and ensure adherence to security policies. Reporting and Communication: Provide regular updates to senior leadership on the organization's security posture More ❯
recovery. Conduct post-incident analysis to identify root causes and implement corrective actions. Compliance and Governance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR). Develop and enforce security policies, procedures, and guidelines. Conduct regular security audits and assessments to ensure adherence to security policies and standards. Knowledge Sharing / Documentation Contribute to, produce More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management: Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
foster a strong security-first culture Compliance & Governance Work in partnership with the Compliance Manager and DPO to ensure security measures support dataprotection obligations (e.g. UK GDPR). Maintain up-to-date records of security incidents, policies, and audit logs - ensuring documentation is meaningful and accessible. Support leadership with security input into market entry, overseas operations, and More ❯
IT certifications such as CompTIA A+, Network+ * Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+ * Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR). * Experience in scripting or programming languages including PowerShell for automating security tasks. Person Specification: * Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by More ❯
consumption. Data Management and Governance: Strong knowledge of data management principles and best practices, including data governance frameworks. Experience with data security and compliance regulations (GDPR, CCPA, HIPAA, etc.). Leadership and Communication: Exceptional leadership skills to manage and guide a team of architects and technical experts. Excellent communication and interpersonal skills, with a proven ability More ❯
incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service performance to stakeholders. Coordinate with other Tosca functions for effective implementation. Other relevant responsibilities as required. More ❯
level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls and continuous More ❯
a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP / related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network More ❯
Ensure high availability, disaster recovery, and data integrity across platforms. Perform database modeling, normalization, and capacity planning. Establish data security policies, access controls, and compliance processes (e.g., GDPR, HIPAA). Mentor junior database developers and provide technical leadership on database solutions. Work with stakeholders to understand data needs and translate them into technical solutions. Required Skills & Qualifications More ❯
remediation measures. Monitor systems, networks, and logs then Investigate security breaches, incidents, and other cybersecurity events. Oversight of compliance for regulatory compliance requirements, such as SOC2, HIPAA, ISO 27001, GDPR etc, and ensure our systems adhere to these standards Conduct security awareness training sessions, enabling the business. Who you are Cloud security enthusiast - You're comfortable navigating AWS and GCP More ❯
internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing More ❯
internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing More ❯
and customer feedback. Infrastructure And Security Ensure robust system architecture and IT infrastructure that supports business operations. Oversee cybersecurity measures to protect company and customer data, complying to GDPR requirements. Ensure interworking between on prem, private cloud and public cloud infrastructure to support platforms and products Optimize private and public cloud infrastructure, usage and cost, DevOps pipelines, and technical More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
employment status. If you are utilising a work visa this must allow you to work in the UK unrestricted for at least the next 5 years. In accordance with GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com /More ❯
