18 of 18 Information Security Jobs in Berkshire

holding 35% of the market. Our Mission is to be famous for excellence in delivery, embracing transformation with our people and our customers at its heart. As Cornerstone’s Information Security Manager, you will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS), ensuring alignment with ISO 27001:2022. You will … be responsible for safeguarding our digital infrastructure, managing cyber risk, and embedding a security-first culture across the organisation. This is a strategic and hands-on role, requiring collaboration across IT, legal, procurement, and operational teams. You will act as the primary point of contact for all matters related to information assurance, supplier security assurance, incident response … and regulatory compliance. Scope IT Security Operations Collaborate closely with IT SecOps team members to ensure security controls remain effective. Where gaps are identified, implement appropriate mitigation measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the More ❯

Role Title: Financial Services Security Architect Location: Leeds (Hybrid - 4 days on-site per week) Day Rate: £467.50 Inside IR35 Duration: 6 months The Role We are seeking a highly experienced Security Architect with 15+ years of Information Security experience, including leadership in cloud security within the financial services sector. The role focuses on designing … secure, scalable, and compliant architectures aligned with regulatory and business requirements. Key Responsibilities Define and evolve cloud security architecture strategy, aligning with European regulations (GDPR, DORA, PSD2, NIS2) and industry standards. Act as a trusted advisor to senior leadership and engineering teams on cloud security. Lead security architecture reviews, risk assessments, and controls for enterprise applications and cloud …/CD pipelines and infrastructure-as-code templates. Ensure compliance with frameworks such as NIST CSF, ISO 27001, PCI DSS, and CSA CCM. Essential Skills & Experience 15+ years in Information Security, 7-8+ years in Security Architecture. Cloud security architecture experience (AWS, Azure, GCP), multi-cloud preferred. Deep financial services security knowledge and regulatory More ❯

Head of/Director of Information Security - PE Backed SaaS org. Incredible career development!!! A high-growth global SaaS business is entering a pivotal phase: unifying multiple products into a single, next-generation platform. Backed by a leading private equity firm, this is a rare opportunity to own and elevate the security function , shaping … strategy, operations, and culture across the company while gaining exposure to world-class PE-backed security expertise. We’re looking for a hands-on, technically credible Director of InfoSec who thrives at the intersection of strategy and execution. Working alongside the CIO and CISO, you'll focus on defining and delivering a robust security strategy across AWS and … Office 365 environments, with visibility and influence across the executive leadership team and key stakeholders. This broad role includes: Partnering with the CIO and the PE’s InfoSec team to design and deliver a global security strategy Building and managing a small (6 people) global security team, defining roles, responsibilities, and KPIs Building and maturing incident response, operational More ❯

As a Control Testing Lead, you will play a key role within the Information Security team, supporting the Control Test and Assurance Manager in the delivery of a robust and forward-looking Cybersecurity Control Testing & Assurance Programme. This role requires strong cybersecurity expertise combined with hands-on experience in control testing, particularly in evaluating the effectiveness of security … Manager, with whom you will work to deliver the goals of the company to have a stable and fit-for-purpose control testing environment that supports the organisation's security and compliance objectives. What you'll be doing as a Control Testing Lead - Cyber Security Support the implementation and continuous improvement of the Cybersecurity Control Testing Framework. Execute … programme. To thrive in this role, the essential criteria you'll need are Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, cyber risk management, and control frameworks. Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls. Clear and professional verbal and written communication More ❯

Security Consultant (Governance, Risk, Compliance) Reading, UK (Hybrid with some travel) £30.00–£40.00 per hour (Inside IR35) 6-month contract. Potential to extend up to 2 years We are seeking an experienced Cyber Security Consultant (GRC) to join a leading global technology organization as part of their expanding Cyber Security practice. The successful candidate will deliver a … full project lifecycle from scoping to delivery and reporting. You’ll work closely with senior stakeholders, from technical teams through to directors, providing expert advisory support to strengthen cyber security frameworks and ensure compliance with global standards. Key Responsibilities Deliver end-to-end Cyber GRC consulting projects for enterprise clients. Conduct risk assessments, develop compliance frameworks, and provide actionable … recommendations. Apply industry standards such as ISO27001, NIST CSF, CIS Top 18, and COBIT. Support clients with Cloud Security, Business Continuity, Disaster Recovery, and emerging technology risk management. Collaborate with internal and client teams to enhance cyber resilience and compliance maturity. About You Minimum of 4+ years’ experience in IT Security, Information Security Governance, Technology Risk More ❯

Security Consultant – GRC (Governance, Risk & Compliance) Location: Reading (Remote role with once or twice per month on-site) Rate: Negotiable (DOE) Contract: Until May 2026An excellent opportunity has arisen for an experienced Security Consultant (GRC) to join a global technology organisation that’s expanding its EMEA cyber security consulting practice and investing heavily in a new Centre … of Excellence.This is a hands-on consulting position delivering Governance, Risk and Compliance (GRC) projects for major enterprise clients — including risk management, cloud security governance, and compliance frameworks such as ISO27001, NIST CSF, CIS Top 18 and COBIT .You’ll play a key role in engaging with senior stakeholders, assessing cyber maturity, and driving best-practice improvements across a … of industries. Key Responsibilities Deliver Cyber GRC consulting engagements end-to-end — from scoping and planning through to delivery and close-out. Provide advisory services covering areas such as Information Security Governance, Risk Management, Compliance, Business Continuity, and Cloud Security. Translate complex security and compliance requirements into actionable business solutions. Build trusted relationships with clients at both More ❯

The Policy Support Lead will be responsible for developing, implementing, and maintaining security policies, standards, and procedures to ensure the protection of our information assets. This role requires a good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security. The role will report directly to the … Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit-for-purpose security standards framework. This is a role that requires the individual to be able to work independently, finds fulfilment in a challenging and fast-paced environment and take accountability to meet and drive the needs … of the programme. What you'll do as a Policy Support Lead Security Standards Management: Develop and maintain comprehensive security policies, standards and procedures across the organisation. Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R). Review and update standards regularly in response to emerging threats and regulatory changes. Governance & Compliance More ❯

larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. More ❯

larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. If you are available and interested, please apply today More ❯

larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. More ❯

larger companies (eg FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. The successful applicant should be able to commit to starting ASAP. The role will hybrid, with up to two days per week in the nearest office (Reading or Havant) The role will be umbrella based working. Direct applicants only please. More ❯

Audit & Risk Recruitment are working on a fantastic Technology Risk and Assurance opportunity for a large Technology business. This role focuses on managing and enhancing the IT and Information Security risk landscape. Reporting directly to the Head of Risk and Assurance, you will play a key role in embedding effective risk management practices across the company's technology … and cybersecurity domains. As a Risk & Assurance Manager, you'll be responsible for and have ownership for: Partnering with senior IT, Security, and business leaders to embed risk management practices into operational processes and strategic initiatives. Owning and maintaining IT Risk and Control Matrices (RCMs) , ensuring they remain current, comprehensive, and aligned with industry standards and audit expectations. Reviewing … testing and validation of key IT controls (e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes More ❯

thrive. Job Title: Business Analyst Location: Wokingham Contract Type: 6 - month contractor position (with potential for extension) Are you ready to make a significant impact in the world of security asset management? Our client is on the lookout for a dynamic Business Analyst to support the successful delivery of the Security Asset Refresh Programme! If you're passionate … and business stakeholders, we want to hear from you! About the Role: As a Business Analyst, you will play a crucial role in ensuring that our new or upgraded security assets not only meet operational needs but also align with compliance and risk management standards. Your analytical skills will be essential in capturing requirements and assessing business impacts. Key … document, and validate business, functional, and non-functional requirements. Translate technical requirements into clear, business-friendly language. Maintain traceability of requirements throughout the delivery process. Stakeholder Engagement: Collaborate with security, IT infrastructure, and operational teams to identify challenges and future needs. Facilitate workshops and focus groups to gather insights from both technical and non-technical stakeholders. Manage stakeholder expectations More ❯

NATIONAL MUST BE PAYE THROUGH UMBRELLA Role Description: A penetration tester plays a vital role within the UK's cybersecurity industry, particularly when assisting organisations with managing and mitigating security risks. The core responsibilities of a penetration tester are to identify vulnerabilities that are present in an organisation's IT infrastructure, applications and networks through rigorous testing. Employing both … manual and automated techniques to simulate real world attacks, this will assess a company's security posture against any potential threats. Testers should also be responsible for maintaining an up-to-date knowledge of the ever-evolving threat landscape, adhering to ethical guidelines especially when handling sensitive data. In addition to strong technical skills, a penetration tester also needs … policies and procedures Conduct the full range of effective and comprehensive technical assessments and consultancy services to the highest standards Maintain an accurate and up to date knowledge of information security issues, keeping abreast of new technologies, methodologies, techniques, vulnerabilities and market trends and communicate this throughout the team Produce concise and accurate technical reports and executive summaries More ❯

the strategic direction and operational excellence of our IT function with a regional focus on the EMEA market. This role will be pivotal in ensuring the resilience, scalability, and security of our technology landscape, while aligning regional IT initiatives with global business goals. The ideal candidate will bring deep technical expertise, strong leadership, and a collaborative mindset to lead … systems. Oversee cloud infrastructure (preferably Azure), including IaaS, PaaS, storage, compute, and identity management. Champion ISO 20000 and ISO 27001 standards, ensuring compliance and audit readiness. Collaborate with the Information Security team to implement and maintain robust cybersecurity measures including firewalls, antivirus, and intrusion detection systems. Ensure compliance with UK and EU data protection regulations (e.g., GDPR), and More ❯

SC clearance required ABOUT THE CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience … and operational security. THE BENEFITS: Up to £500 per day (Inside IR35) Hybrid working arrangement Collaborative and innovative security culture Opportunity to work with leading SIEM and EDR technologies THE SIEM ENGINEER ROLE: As a SIEM Engineer, you will design, deploy, and maintain SIEM and EDR solutions that strengthen the organisation’s security posture. You will work closely … with IT and security teams to manage log ingestion, implement integrations, and monitor system activity for potential threats. SIEM ENGINEER ESSENTIAL SKILLS: Proven experience with SIEM deployment and management (Sentinel, Elastic, or similar) Strong knowledge of EDR tools (Tanium, Trellix, FireEye, Defender, Elastic EDR) Experience with syslog servers and log feed configuration Ability to create and deploy integrations for More ❯

role within afast-paced and dynamic environment, focused on the support, troubleshooting, and continuous improvement. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance and DV. Location: Reading The successful candidate will join a highly skilled team of support engineers providing technical infrastructure support. The role will require a flexible working ethic … the development of technical solutions. Participates as part of a team and maintains good relationships with team members, internal DXC Teams and customers. Uses knowledge tools and re- uses information for the benefit of projects, and of professional development. Education and Experience required: Bachelors degree in Computer Science, Engineering, or related field or equivalent work experience. professional-level certification … Identity and Access Management service support Active Directory Active Directory Federation Services (ADFS) Lightweight Directory Access Protocol (LDAP) Privileged Access Management principles knowledge and experience Multi Factor Authentication principles Information Security principles Windows Server 2003 to 2022 Group Policy Windows PKI DFS Microsoft Clustering Great customer service Good understanding of networks and Domain Structure What We Will Do More ❯

allocated in line with the available resource in the specific area. To produce regular reports/slide decks on progress and chair meetings with teams across the business. Compliance & Security: To support and contribute actively to health and safety, environmental, business continuity and information security arrangements that meets our obligations to our customers. Business & Management Reporting: Prepare More ❯