17 of 17 Information Security Jobs in Berkshire

holding 35% of the market. Our Mission is to be famous for excellence in delivery, embracing transformation with our people and our customers at its heart. As Cornerstone’s Information Security Manager, you will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS), ensuring alignment with ISO 27001:2022. You will … be responsible for safeguarding our digital infrastructure, managing cyber risk, and embedding a security-first culture across the organisation. This is a strategic and hands-on role, requiring collaboration across IT, legal, procurement, and operational teams. You will act as the primary point of contact for all matters related to information assurance, supplier security assurance, incident response … and regulatory compliance. Scope IT Security Operations Collaborate closely with IT SecOps team members to ensure security controls remain effective. Where gaps are identified, implement appropriate mitigation measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the More ❯

As a Control Testing Lead, you will play a key role within the Information Security team, supporting the Control Test and Assurance Manager in the delivery of a robust and forward-looking Cybersecurity Control Testing & Assurance Programme. This role requires strong cybersecurity expertise combined with hands-on experience in control testing, particularly in evaluating the effectiveness of security … Manager, with whom you will work to deliver the goals of the company to have a stable and fit-for-purpose control testing environment that supports the organisation's security and compliance objectives. What you'll be doing as a Control Testing Lead - Cyber Security Support the implementation and continuous improvement of the Cybersecurity Control Testing Framework. Execute … programme. To thrive in this role, the essential criteria you'll need are Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, cyber risk management, and control frameworks. Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls. Clear and professional verbal and written communication More ❯

Security Consultant (Governance, Risk, Compliance) Reading, UK (Hybrid with some travel) £30.00–£40.00 per hour (Inside IR35) 6-month contract. Potential to extend up to 2 years We are seeking an experienced Cyber Security Consultant (GRC) to join a leading global technology organization as part of their expanding Cyber Security practice. The successful candidate will deliver a … full project lifecycle from scoping to delivery and reporting. You’ll work closely with senior stakeholders, from technical teams through to directors, providing expert advisory support to strengthen cyber security frameworks and ensure compliance with global standards. Key Responsibilities Deliver end-to-end Cyber GRC consulting projects for enterprise clients. Conduct risk assessments, develop compliance frameworks, and provide actionable … recommendations. Apply industry standards such as ISO27001, NIST CSF, CIS Top 18, and COBIT. Support clients with Cloud Security, Business Continuity, Disaster Recovery, and emerging technology risk management. Collaborate with internal and client teams to enhance cyber resilience and compliance maturity. About You Minimum of 4+ years’ experience in IT Security, Information Security Governance, Technology Risk More ❯

Security Consultant – GRC (Governance, Risk & Compliance) Location: Reading (Remote role with once or twice per month on-site) Rate: Negotiable (DOE) Contract: Until May 2026An excellent opportunity has arisen for an experienced Security Consultant (GRC) to join a global technology organisation that’s expanding its EMEA cyber security consulting practice and investing heavily in a new Centre … of Excellence.This is a hands-on consulting position delivering Governance, Risk and Compliance (GRC) projects for major enterprise clients — including risk management, cloud security governance, and compliance frameworks such as ISO27001, NIST CSF, CIS Top 18 and COBIT .You’ll play a key role in engaging with senior stakeholders, assessing cyber maturity, and driving best-practice improvements across a … of industries. Key Responsibilities Deliver Cyber GRC consulting engagements end-to-end — from scoping and planning through to delivery and close-out. Provide advisory services covering areas such as Information Security Governance, Risk Management, Compliance, Business Continuity, and Cloud Security. Translate complex security and compliance requirements into actionable business solutions. Build trusted relationships with clients at both More ❯

The Policy Support Lead will be responsible for developing, implementing, and maintaining security policies, standards, and procedures to ensure the protection of our information assets. This role requires a good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security. The role will report directly to the … Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit-for-purpose security standards framework. This is a role that requires the individual to be able to work independently, finds fulfilment in a challenging and fast-paced environment and take accountability to meet and drive the needs … of the programme. What you'll do as a Policy Support Lead Security Standards Management: Develop and maintain comprehensive security policies, standards and procedures across the organisation. Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R). Review and update standards regularly in response to emerging threats and regulatory changes. Governance & Compliance More ❯

larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. If you are available and interested, please apply today More ❯

larger companies (eg FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. The successful applicant should be able to commit to starting ASAP. The role will hybrid, with up to two days per week in the nearest office (Reading or Havant) The role will be umbrella based working. Direct applicants only please. More ❯

Audit & Risk Recruitment are working on a fantastic Technology Risk and Assurance opportunity for a large Technology business. This role focuses on managing and enhancing the IT and Information Security risk landscape. Reporting directly to the Head of Risk and Assurance, you will play a key role in embedding effective risk management practices across the company's technology … and cybersecurity domains. As a Risk & Assurance Manager, you'll be responsible for and have ownership for: Partnering with senior IT, Security, and business leaders to embed risk management practices into operational processes and strategic initiatives. Owning and maintaining IT Risk and Control Matrices (RCMs) , ensuring they remain current, comprehensive, and aligned with industry standards and audit expectations. Reviewing … testing and validation of key IT controls (e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes More ❯

thrive. Job Title: Business Analyst Location: Wokingham Contract Type: 6 - month contractor position (with potential for extension) Are you ready to make a significant impact in the world of security asset management? Our client is on the lookout for a dynamic Business Analyst to support the successful delivery of the Security Asset Refresh Programme! If you're passionate … and business stakeholders, we want to hear from you! About the Role: As a Business Analyst, you will play a crucial role in ensuring that our new or upgraded security assets not only meet operational needs but also align with compliance and risk management standards. Your analytical skills will be essential in capturing requirements and assessing business impacts. Key … document, and validate business, functional, and non-functional requirements. Translate technical requirements into clear, business-friendly language. Maintain traceability of requirements throughout the delivery process. Stakeholder Engagement: Collaborate with security, IT infrastructure, and operational teams to identify challenges and future needs. Facilitate workshops and focus groups to gather insights from both technical and non-technical stakeholders. Manage stakeholder expectations More ❯

Data Protection Officer An exciting opportunity for a proactive and detail-focused Subject Access Request Officer/Data Protection Officer to support data protection compliance, managing requests and safeguarding information across the organisation. If youve also worked in the following roles, wed also like to hear from you: Information Governance Assistant, Data Compliance Officer, Records Officer, Information … WORKING HOURS: 37 Hours per Week JOB OVERVIEW We have a fantastic new job opportunity for a Subject Access Request Officer/Data Protection Officer to join the organisations Information Governance team. As a Subject Access Request Officer/Data Protection Officer you will handle data access requests from residents and service users, ensuring the process complies with GDPR … and the Data Protection Act. The Subject Access Request Officer/Data Protection Officer will work collaboratively across departments, identifying, reviewing and redacting information with professionalism and care. You will ensure that sensitive and third-party data is protected and that responses are issued clearly and within statutory deadlines. This is a great role for someone passionate about information More ❯

the strategic direction and operational excellence of our IT function with a regional focus on the EMEA market. This role will be pivotal in ensuring the resilience, scalability, and security of our technology landscape, while aligning regional IT initiatives with global business goals. The ideal candidate will bring deep technical expertise, strong leadership, and a collaborative mindset to lead … systems. Oversee cloud infrastructure (preferably Azure), including IaaS, PaaS, storage, compute, and identity management. Champion ISO 20000 and ISO 27001 standards, ensuring compliance and audit readiness. Collaborate with the Information Security team to implement and maintain robust cybersecurity measures including firewalls, antivirus, and intrusion detection systems. Ensure compliance with UK and EU data protection regulations (e.g., GDPR), and More ❯

SC clearance required ABOUT THE CLIENT: Our client is a well-established technology-driven organisation with a strong focus on advancing its cybersecurity capabilities. You will join a dedicated security team working to enhance threat detection and response across complex environments. This is a crucial role for an experienced SIEM Engineer to make a measurable impact by improving resilience … and operational security. THE BENEFITS: Up to £500 per day (Inside IR35) Hybrid working arrangement Collaborative and innovative security culture Opportunity to work with leading SIEM and EDR technologies THE SIEM ENGINEER ROLE: As a SIEM Engineer, you will design, deploy, and maintain SIEM and EDR solutions that strengthen the organisation’s security posture. You will work closely … with IT and security teams to manage log ingestion, implement integrations, and monitor system activity for potential threats. SIEM ENGINEER ESSENTIAL SKILLS: Proven experience with SIEM deployment and management (Sentinel, Elastic, or similar) Strong knowledge of EDR tools (Tanium, Trellix, FireEye, Defender, Elastic EDR) Experience with syslog servers and log feed configuration Ability to create and deploy integrations for More ❯

role within afast-paced and dynamic environment, focused on the support, troubleshooting, and continuous improvement. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance and DV. Location: Reading The successful candidate will join a highly skilled team of support engineers providing technical infrastructure support. The role will require a flexible working ethic … the development of technical solutions. Participates as part of a team and maintains good relationships with team members, internal DXC Teams and customers. Uses knowledge tools and re- uses information for the benefit of projects, and of professional development. Education and Experience required: Bachelors degree in Computer Science, Engineering, or related field or equivalent work experience. professional-level certification … Identity and Access Management service support Active Directory Active Directory Federation Services (ADFS) Lightweight Directory Access Protocol (LDAP) Privileged Access Management principles knowledge and experience Multi Factor Authentication principles Information Security principles Windows Server 2003 to 2022 Group Policy Windows PKI DFS Microsoft Clustering Great customer service Good understanding of networks and Domain Structure What We Will Do More ❯

and facilitate monthly reviews with stakeholders. Oversee and govern IT project submissions across platforms such as Agresso, Remedy, SharePoint , and others. Promote compliance with health & safety, business continuity , and information security standards. Prepare and deliver project reports for management and business review meetings . About You: You'll be a confident and capable PMO professional who brings: Proven More ❯

and facilitate monthly reviews with stakeholders. Oversee and govern IT project submissions across platforms such as Agresso, Remedy, SharePoint , and others. Promote compliance with health & safety, business continuity , and information security standards. Prepare and deliver project reports for management and business review meetings . About You: You'll be a confident and capable PMO professional who brings: Proven More ❯

allocated in line with the available resource in the specific area. To produce regular reports/slide decks on progress and chair meetings with teams across the business. Compliance & Security: To support and contribute actively to health and safety, environmental, business continuity and information security arrangements that meets our obligations to our customers. Business & Management Reporting: Prepare More ❯

stakeholders. Lead internal PMO initiatives from scoping to execution. Govern IT work submissions across platforms like Agresso, Remedy, SharePoint, and more. Champion compliance in health & safety, business continuity, and information security. Prepare and present reports for management and business review meetings. The successful PMO Lead will have: Proven experience in PMO leadership and project governance. Strong analytical and reporting More ❯