tests, vulnerability scans, and assess organization cybersecurity maturity complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations. Provide internal customer support via assigned tickets for security-related issues, while ensuring assignments More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
Action For Humanity
analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define dataprotection, backup, and retention policies aligned with Microsoft 365 compliance More ❯
of sensitive information. Translate security requirements into architectural blueprints and patterns, balancing risk, budget, and operational challenges. Ensure compliance with regulatory standards such as GDPR and PCI DSS. Provide subject matter expertise and assess security measures, recommending improvements in collaboration with IT teams. Build and maintain relationships with technology vendors More ❯
cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities and software security. Strong knowledge of regulatory requirements (e.g. GDPR, ISO27001, PCI-DSS) and experience in regulatory reporting. 3-5 years of experience in GRC, risk management, or compliance. A bachelor's degree in computer More ❯
familiarity with financial, e-commerce, and payment security regulations, including PCI DSS and ISO 27001. Experience working within highly regulated industries, ensuring compliance with GDPR, NIST, and SOC 2. In-depth understanding of cyber threat intelligence, MITRE ATT&CK framework, and cyber kill chain methodologies. Exceptional ability to communicate technical More ❯
adoption of Gen AI for business, IT and / or security functions in alignment with the evolving regulatory landscape (e.g. EU AI Act, GDPR, DPA 2018, etc.). Security Architecture - Improving the security posture of the Enterprise and / or applications through the assessment, design or implementation of effective More ❯
and maintain security controls and configurations across various systems and platforms. Oversight of compliance for regulatory compliance requirements, such as SOC2, HIPAA, ISO 27001, GDPR etc., and ensure our systems adhere to these standards. Stay updated with the latest industry trends, emerging threats, and security technologies to proactively identify and More ❯
the effectiveness of security controls such as RBAC (Role-Based Access Control), MFA (Multi-Factor Authentication), and API security mechanisms . Ensure compliance with GDPR, ISO 27001, and NCSC Cyber Essentials security standards. 3. Vulnerability Management & Defect Tracking Identify, document, and track security defects, working closely with development teams to More ❯
pipelines . Implement CI / CD pipelines for infrastructure deployment and application modernization. Security & Compliance: Ensure compliance with Azure Security Standards (Zero Trust, NIST, GDPR, ISO 27001, HIPAA, PCI DSS) . Implement Azure Policy, Security Center, Defender for Cloud, and Sentinel for security monitoring and governance. Networking & Connectivity: Design and More ❯
10+ years of information security experience. Financial / Fintech services / payments desirable Deep knowledge of security frameworks (PCI, ISO 27001, NIST) and regulations (GDPR, CCPA) Experience with PCI DSS compliance and implementation Proven success in managing external auditors to achieve positive outcomes Expert in information security with strong communication More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Sycurio
10+ years of information security experience. Financial / Fintech services / payments desirable. Deep knowledge of security frameworks (PCI, ISO 27001, NIST) and regulations (GDPR, CCPA). Experience with PCI DSS compliance and implementation. Proven success in managing external auditors to achieve positive outcomes. Expert in information security with strong More ❯
CAP, OWASP, PCI DSS Security Cleared with potential to gain enhanced clearances Experience implementing privacy solutions based on the requirements of the EUGDPR and UK DataProtection Act 2018 Good awareness of threats trends and issues across the cyber security industry Proven self-management skills, including More ❯
CAP, OWASP, PCI DSS Security Cleared with potential to gain enhanced clearances Experience implementing privacy solutions based on the requirements of the EUGDPR and UK DataProtection Act 2018 Good awareness of threats trends and issues across the cyber security industry Proven self-management skills, including More ❯
SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service performance to stakeholders. Coordinate with other Tosca functions for effective implementation. More ❯
Management, Disaster Recovery, Business Continuity, IT Security Architecture, and IT Regulatory Compliance. Experience with Cybersecurity frameworks and regulations such as HIPAA, Data Privacy, GDPR, etc. Experience with architectural and design patterns such as PubSub, Event Driven, SOA, Observer, Dependency Injection, Repository, Decorator, MVC, etc. Proven expertise in working in More ❯
Dundee, Angus, United Kingdom Hybrid / WFH Options
DC Thomson
event management (SIEM) tools, and data loss prevention (DLP) solutions Adhere to relevant security standards and compliance requirements (e.g., ISO 27001, PCI DSS, GDPR) Work with our SecOps team to develop and implement vulnerability management programs, including regular security assessments, penetration testing, and remediation planning Maintain expertise in cloud More ❯
root cause analysis and recommend mitigation strategies. Collaborate on incident handling, reporting, and documentation. Enforce security policies in line with industry standards and regulations (GDPR, ISO, Cyber Essentials+, NIST 800-171). Assist with audits and compliance reporting. Manage and configure network devices with a focus on security. Design and More ❯
Hands-on expertise with troubleshooting hardware, software, and SaaS issues. Security Knowledge: Familiarity with security frameworks and standards such as SOC 2, ISO 27001, GDPR, or NIST. Experience with incident response and risk management. Knowledge of Zero Trust architectures and security-first IT practices. Soft Skills: Excellent problem-solving and More ❯
Cheltenham, Gloucestershire, United Kingdom Hybrid / WFH Options
Accenture
AWS Solution Architect Associate / Professional. Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing such as GDPR, ISO 27001, Cloud Security Alliance, NIST 800-53, PCI DSS, ISA / IEC 62443, NERC CIP, HIPAA, etc. Knowledge of public cloud environments Azure, AWS More ❯
explain technical risks and solutions to technical and non-technical stakeholders. Desired skills Familiarity with UK regulatory frameworks (NIS / NIS2, Ofgem CAF, ECAF, GDPR/ DPA18, ISO 27001, or Cyber Essentials Plus). Understanding secure architecture principles, including zero trust, defence-in-depth, and secure-by-design approaches. Exposure More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available. In accordance with GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found More ❯
Employment Type: Contract, Work From Home
Rate: From £500 to £700 per day (direct contract with the client)
Vulnerability Assessments: Conduct regular vulnerability assessments and collaborate with IT teams to ensure timely remediation. Regulatory Compliance: Support compliance with regulatory requirements (FCA, PRA, GDPR) and internal security standards. Risk Assessments: Perform cyber risk assessments for third-party vendors and internal systems. Awareness Initiatives: Contribute to awareness initiatives and provide More ❯
Nottingham, Nottinghamshire, United Kingdom Hybrid / WFH Options
The Nottingham
Vulnerability Assessments: Conduct regular vulnerability assessments and collaborate with IT teams to ensure timely remediation. Regulatory Compliance: Support compliance with regulatory requirements (FCA, PRA, GDPR) and internal security standards. Risk Assessments: Perform cyber risk assessments for third-party vendors and internal systems. Awareness Initiatives: Contribute to awareness initiatives and provide More ❯
regulations that apply to financial institutions or its outsourcing partners. In-depth knowledge of relevant regulatory requirements and industry standards (ISO 27001, SOC 2, GDPR, DORA, etc.). Experience with cloud security (AWS, Google etc.), application security, and DevSecOps practices is a significant plus. Proven experience in developing and implementing More ❯
programmes, projects of both a GRC and technical nature alongside frameworks such as ISO27001 / 2:2005 / 13, DORA, NIS 2, PCI-DSS, GDPR-DPO, NIST CSF SP800-53, PSD-2, FCA / PRA, and MS Azure. Ownership of Strategic, Operational, and Tactical IT Security and Risk Management, technical More ❯