1 to 25 of 77 Information Security Jobs in Berkshire

Information Security Analyst Hyrbrid Working Offered **Note Preference will be given to candidates from a financial services/banking environments** Salary: Up to £65,000 Purpose of the Role Supporting the organisation’s Information Security function by helping to develop, operate, and improve its Information Security Management System (ISMS). The role is responsible … for providing advice, assurance, and oversight to reduce risks that could compromise the confidentiality, integrity, and availability of business systems and data. Experience in designing and monitoring security controls is essential, supporting compliance with industry standards and regulation, and ensuring alignment with group-wide information security practices. Key Responsibilities Carry out assurance activities to measure compliance with … security policies and control objectives, identifying gaps and opportunities for improvement within the first line of defence. Record, track, and report on findings from security reviews, audits, and incidents, including the preparation of management information and risk reporting. Develop, update, and deliver information security awareness training to ensure all employees understand their obligations and responsibilities. More ❯

Job summary We are seeking a highly skilled and motivated Information Security Analyst to join our Digital Data & Technology (DDaT) team. This is a pivotal role supporting the Chief Information Security Officer (CISO) in delivering cyber security services across the Trust and wider health and care system. The role will support the CISO in delivering … digital safety, security and overall improvement, adhering to the Target Operating Model. The Information Security Analyst will manage the delivery of all cyber security related services. This will include cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber relatedassertions, policy and procedure lifecycle management, and ensuring theTrust's information compliance adheres to … the Cyber Assurance Framework (CAF) and ISO27001. Main duties of the job Provide expert guidance on the selection, design, justification,implementation and operation of Cyber Security strategies, technologies,processes, procedures and standards. Support the development of controlsand management approaches to maintain the safety, confidentiality,integrity, availability and security of the Trust's digital infrastructure andsystems; including the protection More ❯

holding 35% of the market. Our Mission is to be famous for excellence in delivery, embracing transformation with our people and our customers at its heart. As Cornerstone’s Information Security Manager, you will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS), ensuring alignment with ISO 27001:2022. You will … be responsible for safeguarding our digital infrastructure, managing cyber risk, and embedding a security-first culture across the organisation. This is a strategic and hands-on role, requiring collaboration across IT, legal, procurement, and operational teams. You will act as the primary point of contact for all matters related to information assurance, supplier security assurance, incident response … and regulatory compliance. Scope IT Security Operations Collaborate closely with IT SecOps team members to ensure security controls remain effective. Where gaps are identified, implement appropriate mitigation measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the More ❯

Job Title: Information Security Architect Location: London Hybrid Working: 50% Remote/50% Office Leading Financial Services/FinTech are seeking a highly technical and broad Information Security Architect to join their security architecture team. This is a key position responsible for ensuring that the design, delivery, and operation of systems and services meet the … highest security architecture and compliance standards. Information Security Architect will provide architectural leadership across multiple security domains — combining deep hands-on technical security expertise with strategic enterprise security architecture thinking. You will play a critical role in embedding security throughout the technology landscape, from solution-level security reviews to security solutions … and enterprise-wide security architecture standards. This role requires a balance of security solution architecture, technical review and assurance, and enterprise security architecture skills. You will define and validate security controls, assess new technologies, perform security design reviews, and ensure security-by-design principles are consistently applied across hybrid, on-premise, and cloud environments. More ❯

Job summary We are seeking an experienced and visionary Head of Security to lead the Trust's cyber, information security, resilience, and governance strategy. This senior leadership role sits within the Digital Data & Technology (DDaT) team and plays a critical part in safeguarding patient and organisational data, enabling secure digital transformation, and aligning local strategies with ICS … and national initiatives. The postholder will act as the Deputy Senior Information Risk Owner (SIRO) and provide strategic and operational leadership across architecture, infrastructure, live services, cyber security, and information governance. Main duties of the job Develop and implement a comprehensive cyber and information security strategy across the Trust and ICS. Lead risk management, resilience … cyber threats are integrated into resilience planning. Manage budgets, business cases, and funding proposals for cyber initiatives. Promote a culture of continuous improvement, training, and professional development across the security function. Deputise for the Associate Director of Digital Operations when required. About us Diversity makes us interesting... Inclusion is what will make us outstanding. Inequality exists and the journey More ❯

Information Security Officer 📍 London (Hybrid) | 💼 Permanent, Full-time Salary - £60,000 - £70,000 p/a + Benefits About the Role A leading digital bank is seeking a talented and ambitious Information Security Officer to join its growing Cybersecurity Department. This is a key role acting as the bridge between the bank’s London operations and … the Group’s Cyber and Information Security team. You will play a pivotal part in ensuring that cybersecurity controls are effectively implemented, risks are well-managed, and the bank’s information assets remain secure. The ideal candidate will combine strong technical understanding with strategic insight — ensuring the integrity, confidentiality, and availability of critical information while supporting … the business in achieving its goals securely. Key Responsibilities Ensure compliance with Group Cyber and Information Security requirements. Act as the first point of contact for all cybersecurity-related requests in the London office. Perform compliance reviews and oversee remediation of cybersecurity weaknesses. Coordinate security testing, incident management, and reporting of key cybersecurity metrics (KPIs/KCIs More ❯

Information Security Compliance Analyst Location: Central London (Hybrid, 2 days in office per week) An exciting opportunity for an analytical and detail-oriented Information Security Compliance Analyst to join a growing, dynamic team supporting clients in the legal sector. This role offers broad exposure to information security frameworks, compliance standards, and client advisory work. … Key Responsibilities Develop and maintain security documentation, policies, and onboarding materials aligned with ISO 27001 and related frameworks. Support implementation of compliance frameworks and assist clients in developing their own controls and policies. Manage and respond to security questionnaires, due diligence requests, and vendor assessments. Provide guidance to clients on information security and compliance requirements. Maintain … About the Candidate Ideal for a motivated individual early in their career, possibly from a technical support, legal, or professional services background. Candidates should have: A foundational understanding of information security frameworks (ISO 27001, SOC 2, Cyber Essentials). Strong written communication and organisational skills. Interest in risk, compliance, and information security. A relevant certification (or willingness More ❯

Information Security Officer – International Law Firm (London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the … firm’s long-term security strategy, drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm’s information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and More ❯

Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Identity Engineer. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program. Responsibilities will include: Strong experience with authentication systems such as LDAP, MS Active Directory, Kubernetes, and Microsoft Entra … solutions like SailPoint, IBM, Oracle, etc. Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing … to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on information security controls. Continually improve team documentation, including solution run books, architecture, knowledge base articles, FAQs, SharePoint. Provide evidentiary support for Audit and Compliance teams. Manage the remediation process including tracking and resolutions of findings from More ❯

New Opportunity: Information Security Manager (Permanent) Sector: Telecoms Infrastructure Location: Reading area - 3 days per week in office Are you ready to take the lead in shaping the future of cyber security within one of the UK's most dynamic digital infrastructure organisations? We're looking for an Information Security Manager to own and evolve … our Information Security Management System (ISMS) and drive alignment with ISO 27001:2022 . This is your chance to combine strategic influence with hands on impact - protecting critical assets, leading transformation, and championing a security first culture across the business. You'll collaborate closely with teams across IT, Legal, Procurement, and Operations , acting as the go to … expert for information assurance, incident management, and regulatory compliance . What You'll Be Doing Lead and continuously improve our ISMS Manage ISO 27001 certification, surveillance audits, and compliance activities Oversee cyber risk management and report key metrics to senior leadership Coordinate incident response, forensic investigations, and remediation efforts Drive supplier assurance and manage third party risk Maintain security More ❯

skilled Information Security Analyst to pro-actively support the business in all aspects of data and information security. The position will form part of a new Infosec team. What you'll be doing Monitoring and Detection: Continuously monitor network traffic, system logs and security alerts for suspicious activity and potential security breaches. Incident Response: Act … as a first responder to security incidents, investigating breaches, containing threats and helping to restore systems. Vulnerability Management: Conduct regular vulnerability assessments and penetration tests to identify weaknesses in systems and implement necessary improvements. Security Implementation: Improve Security measures. Data Protection & Compliance: Ensure that the organisation complies with relevant data protection laws and industry regulations by implementing … best practices for securing sensitive data. Reporting: Provide detailed reports on security incidents, vulnerabilities and the effectiveness of implemented security measures to stakeholders and IT teams. Threat Research: Stay informed about the latest cyber threats, vulnerabilities and emerging security technologies to proactively defend against them. Disaster Recovery: Develop and test contingency and disaster recovery plans to ensure More ❯

Lead Information Security Analyst We’re partnering with a leading digital business that takes cyber risk seriously. Their InfoSec team is award-winning, collaborative, and one of the most gender-diverse in the industry. They’re looking for a Lead Information Security Analyst to strengthen their security governance, risk, and compliance functions — ensuring customer data … and company systems remain secure while leading a small, capable team of analysts. What you’ll be doing: • Leading and supporting all aspects of security governance activities – from policy and exception management to risk and vendor assessments • Managing compliance and audit activities (ISO 27001, NIST, PCI DSS, NYDFS, etc.) and working closely with tech, legal, and audit teams • Overseeing … major projects to ensure security is baked in from inception to implementation • Coaching and developing a team of Information Security Analysts, fostering a proactive and high-performing culture • Acting as a hands-on leader who can balance strategy, delivery, and stakeholder engagement What you’ll bring: • Strong background in GRC (Governance, Risk, and Compliance) within cybersecurity • Practical More ❯

just to name a few! Job Description Your Career As a Senior Consultant in Unit 42 you will have the opportunity to work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security. We are seeking an individual who is passionate about cyber security … consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory: 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities … Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and/or analysis and investigations More ❯

The work we do matters We protect and defend our customers and communities by providing the most comprehensive range of cyber security professional services in the region. With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education. If you’re ready to work with teammates that get you, a leader that supports you and customers that need you, then you’re ready for CyberCX. How you will make an impact The Senior Consultant will be responsible for engaging with customers to solve their most challenging cyber security problems, protect their future, and empower them to thrive in an uncertain world. This role requires an experienced cyber security professional capable of leading client meetings and producing high-quality deliverables with minimal supervision while also using their business acumen to identify new opportunities and support business development activities including proposals and presentations. ISO specialism is required. Day More ❯

Location: London/Leicester/Essex Hybrid: 2-3 days in office Our client is financial service company. They are looking for a passionate and detail-oriented Information & Cyber Security Executive to join the teams. The role encompasses all aspects of information security including organisational security and governance, people security, physical (site) security and technical security controls. The role will assess evolving technologies and threats and communicate the risks. They offer salary up to £80k base + £5k car allowance and other benefits. What You'll Do Assess compliance with internal security policies and industry standards (eg, ISO/IEC 27001/2, PCI-DSS). Conduct supplier risk assessments … and third-party due diligence. Support vulnerability assessments, incident investigations, and operational resilience activities. Monitor the effectiveness of security controls to ensure confidentiality, integrity, and availability (CIA). Assist with security certifications and regulatory frameworks including GDPR. Translate technical risks into clear, business-friendly advice. Stay on-call during scheduled weeks for incident support and response. Requirements Essential More ❯

Lead Information Security Engineer Location: London (Hybrid – 3 days office/2 days remote) Type: Permanent An international law firm is seeking a Lead Information Security Engineer to join its global IT function in London. You’ll play a key role in developing secure architectures, managing risk, and driving security strategy across cloud and on … premise environments. Key Responsibilities Design and maintain secure authentication and authorization frameworks. Manage security risks, incidents, and DLP (Data Loss Prevention) processes. Implement and enhance cloud security (Azure, Microsoft 365, iManage). Lead incident response, risk assessments, and compliance reviews. Collaborate globally to embed security best practices. Support policy development, security awareness, and business continuity. Skills … Experience 5+ years’ experience in Information Security. Strong technical knowledge of networking, authentication, and cloud (Azure/O365). Experience with DLP, incident response, and ISO 27002 standards. Familiarity with tools such as Microsoft Defender, CrowdStrike, CyberArk, Rapid7, or Palo Alto. CISSP or CEH certification preferred. Excellent communication, problem-solving, and stakeholder management skills. Additional Details Standard hours More ❯

IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company £70–80k base + 10% bonus Hybrid in London Join a growing InfoSec team at a pivotal time for a global financial institution. This is an IT Security Manager role with governance oversight, guiding InfoSec operations, mentoring analysts, and translating security frameworks into practical, actionable … steps. You’ll influence policy, architecture, and data governance, all while supporting the secure rollout of new banking operations. What you’ll bring: 5+ years’ experience in InfoSec, IT Security, or operational security in a regulated environment Certifications: CISSP or SSCP (or equivalent) required Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not … just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data governance: Drive data protection, labelling, and retention projects using Microsoft Purview Third-party risk: Support supplier security More ❯

We’re seeking an experienced Information Security Manager to lead, develop, and continuously improve our Information Security Management System (ISMS) , ensuring compliance with ISO 27001:2022 and protecting the digital infrastructure. In this strategic yet hands-on role, you’ll manage cyber risk , drive security governance , and embed a security-first culture across the … organisation. You’ll also act as the key contact for information assurance, incident response, supplier security , and regulatory compliance . What you’ll do: Own and maintain the ISMS in line with ISO 27001 standards. Lead audits, risk assessments, and incident response. Oversee supplier assurance and security governance. Promote cyber awareness and staff training. Support ongoing compliance … with GDPR and regulatory frameworks. What we’re looking for: Proven experience managing an enterprise ISMS and ISO 27001 audits. Strong knowledge of cyber threats, cloud security (Azure, M365), and GDPR. Hands-on experience in vulnerability management, supplier assurance, and incident response. Excellent communication and stakeholder management skills. Benefits: Competitive salary with bonus scheme Very generous holiday allowance Hybrid More ❯

We’re seeking an experienced Information Security Manager to lead, develop, and continuously improve our Information Security Management System (ISMS) , ensuring compliance with ISO 27001:2022 and protecting the digital infrastructure. In this strategic yet hands-on role, you’ll manage cyber risk , drive security governance , and embed a security-first culture across the … organisation. You’ll also act as the key contact for information assurance, incident response, supplier security , and regulatory compliance . What you’ll do: Own and maintain the ISMS in line with ISO 27001 standards. Lead audits, risk assessments, and incident response. Oversee supplier assurance and security governance. Promote cyber awareness and staff training. Support ongoing compliance … with GDPR and regulatory frameworks. What we’re looking for: Proven experience managing an enterprise ISMS and ISO 27001 audits. Strong knowledge of cyber threats, cloud security (Azure, M365), and GDPR. Hands-on experience in vulnerability management, supplier assurance, and incident response. Excellent communication and stakeholder management skills. Benefits: Competitive salary with bonus scheme Very generous holiday allowance Hybrid More ❯

Role: Head of Information and Cyber Security Location: Hybrid 1 day per week in London (flexible) Salary : £80,000 - £84,000 + benefits Overview This is a pivotal leadership role in shaping and strengthening the cybersecurity landscape of a values-driven, non-profit organisation. The organisation is recognised as a top 100 Employer, historically named as one of … the most inclusive employers in the UK. The Head of Information and Cyber Security will design, develop, and coordinate all aspects of the Information Security strategy, encompassing governance and risk management, incident response, and disaster recovery. The Head of Information and Cyber Security will manage a multitude of third-party partnerships from the SOC … to vulnerability management, to patching, and network and firewall operations. The organisation has made significant strides in recent years, establishing its first dedicated security function and partnering with a managed SOC provider. The next phase is about refinement: enhancing capability, strengthening partnerships, and driving strategy. The Role Reporting to the Director of Technology, the Head of Information and More ❯

We are seeking an experienced Head of Custody Security to lead our efforts in ensuring robust security for digital asset custody and blockchain infrastructure. This role will focus on designing and implementing security controls, supporting client assurance, and ensuring compliance with regulatory standards. The ideal candidate is a strategic thinker with deep expertise in security assurance … audit, and cloud security, and a passion for advancing Web3 and blockchain technologies. Key Responsibilities Design, conduct, and implement testing of security controls for identity management, key management, and infrastructure (network and cloud) configurations. Support client assurance by preparing responses to Requests for Proposals (RFPs), Requests for Information (RFIs), and Due Diligence Questionnaires (DDQs). Analyze trends … in client inquiries and provide actionable feedback to internal teams to enhance documentation and control readiness. Perform security due diligence and ongoing monitoring of Web3/blockchain vendors, including assessing control maturity, reviewing SOC reports, and identifying residual risks. Facilitate external audit activities, coordinating walkthroughs, evidence collection, and response tracking. Identify and analyze gaps in current and new processes More ❯

McFall Recruitment are partnering with a Financial Services company seeking a pragmatic and experienced Security Governance, Risk & Compliance Manager to lead and evolve our global Information Security control framework. This pivotal role will shape the resilience, responsiveness, and maturity of our Information Security function across all regions and business units. Reporting directly to the Chief … Information Security Officer (CISO) , you’ll play a key leadership role in transforming Cyber Security —enhancing people, processes, and technology to protect the business and maintain operational resilience. What you’ll do Lead the global Cyber Security risk management programme , driving best-in-class governance and compliance. Develop and maintain cybersecurity policies, standards, and procedures aligned … oversee treatment planning. Embed cyber risk into enterprise risk frameworks through collaboration with global teams. Oversee vendor risk management and ensure third-party compliance. Chair and lead the Cyber Security Digital Resilience Forum . Support the NIST maturity uplift programme and alignment with ISO 27001:2022 . Ensure compliance with key regulatory standards (e.g. DORA, GDPR, MAS, CPS230, SOX More ❯

Logiq is a fast‐growing technology company delivering secure, modern platforms for high‐risk, mission‐critical environments across the private sector and UK Central Government. We are expanding our Security Architecture capability and seeking experienced Principal Security Architects who can shape, assure, and enable delivery of secure, cloud‐native services at scale. You will be comfortable working across … to live, serving as a trusted “customer friend”. You’ll partner with engineering, product, and senior leadership to embed Secure by Design, de‐risk complex change, and simplify security for decision‐makers. A strong grasp of how contemporary cloud‐native services (containers, Kubernetes, microservices/serverless, identity, secrets, and zero trust patterns) are designed and implemented is essential … to success in this role. Our consultants lead parallel workstreams spanning security engineering and assurance, maintain day‐to‐day client engagement, and contribute to presales and bid activity when needed. What you’ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct More ❯

IT Security Engineer Feltham (Hybrid) £50,000 Base + Benefits Overview The IT Security Engineer is responsible for designing, implementing, and maintaining the security controls that protect the organization’s systems, networks, and data. This role works closely with IT, DevOps, and business teams to ensure that security is embedded throughout technology operations and architecture. The … IT Security Engineer is key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support … secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run More ❯

eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! Job Description The Principal Consultant on the Offensive Security team is focused on assessing and challenging the security posture across a comprehensive portfolio of clients. The individual will utilize a variety of tools developed and act as … to automate and streamline internal processes and engagements Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing) Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of … Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach Ability to perform travel requirements More ❯