20 of 20 Information Security Jobs in the City of London

Head of Information Security Location: London Rate: Up to £1,000/day outside IR35 Hybrid: 50% of time onsite Sector: Strong regulated industries Contract Type: 6-9 months contract Job Summary: Our client, a leading legal firm, is seeking an experienced Head of Information Security to lead their security function and drive enterprise-wide … strategy. This senior leadership role requires someone with a strong legal sector background who can quickly assess their current security posture, identify improvement opportunities, and establish strategic roadmaps. The ideal candidate will bring substantial exposure to data processing, enterprise applications, and outsourced systems, with proven experience in systems design, project management, and crisis management. You will be a highly … oversight roles. The ideal candidate will demonstrate collaborative skills, cultural fit, and flexibility to integrate quickly into their established team environment. Key responsibilities: Develop, implement, and manage enterprise-wide security strategy in partnership with senior stakeholders Assess current information security maturity and develop a strategic roadmap to achieve the target state Take ownership of ongoing audit projects More ❯

the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team. This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head … of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk … Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support More ❯

Information Security Officer Hybrid – Home & London | Permanent | £68,000 | 35 hrs/week (flexible) A rare and brilliant opportunity to join this international development children’s charity, as their new Information Security Officer . You'll be the expert, working closely with the Chief Information Officer and other senior leaders to embed security practices … team where the culture is collaborative and down-to-earth. You’ll have the autonomy to get stuck in, alongside the backing to develop professionally, whether that’s through security qualifications or broader leadership skills. What you will be doing As Information Security Officer , you’ll lead the implementation of the organisation’s cyber security plans. … Act as subject matter expert on information security across the organisation Ensure compliance with standards like Cyber Essentials Plus and CIS . Oversee third-party security providers and outsourced ICT services. Manage incident response planning, investigations, and reporting. Deliver engaging training to build a strong security culture. Collaborate with Legal and Data Protection teams to ensure More ❯

The Security Operations Manager will oversee and enhance security processes, ensuring the protection of systems and data within the technology department. This role is fully remote and involves managing teams that implement and maintain security controls and those that respond. The Security Operations Manager will support the Head of Cyber Security in the delivery of … the organisations Security Strategy Client Details This is a well-established organisation within the not-for-profit industry, committed to making a positive impact on the communities it serves. Operating as a medium-sized organisation, it is known for its focus on innovation within the technology space to achieve its mission. Description Oversight of security operations teams, procedures … and documentation, ensuring adherence and effectiveness, including cloud security practices and automated threat responses. Review of actual or potential security breaches and vulnerabilities and oversight of prompt and thorough investigations, including recommending actions and appropriate control improvements. Line management of the assigned team members, ensuring their skills and capabilities meet the current and future needs of the Society. More ❯

with teams across the business. Youll develop hands-on experience with key IAM tools and grow your technical and strategic knowledge, contributing to a wide range of identity and security projects. Key Responsibilities: Support the development and day-to-day operation of identity and access services, including: o Access Management o Identity Governance o Role-Based Access Control (RBAC … suppliers and internal teams to ensure IAM tools and processes are functioning as expected. Skills and Experience (Essential): Up to 5 years experience in an Identity and Access Management, Information Security, or IT Security role. A basic understanding of IAM principles such as RBAC, Conditional Access, and Zero Trust. Familiarity with IAM tools or platforms (e.g., Entra … solving and learning. Organisational and time management skills, with the ability to prioritise work effectively. Desirable Qualifications and Experience: Identity and Access Management experience Certifications or training in cyber security (e.g., CompTIA Security+, SSCP, Microsoft Security certifications). Exposure to cloud platforms and how identity works in cloud environments (e.g., Azure AD/Entra ID). Previous experience More ❯

Job Title: Security Governance Lead – NIST & Archer Expertise Location: London About the Role: Albany Beck is seeking a highly skilled Security Governance Lead to support a key financial services client in advancing its information security governance capabilities. This role requires deep expertise in NIST frameworks and Archer GRC, as well as strong leadership in centralising security policy management, controls, and compliance operations. Key Responsibilities: Collaborate with the Executive Director of Security Governance to maintain and evolve the client’s information security policies, standards, and procedures in alignment with the organization’s master policy. Lead the centralisation, documentation, and continuous improvement of a unified controls inventory, including clear assignment of control ownership and … alignment of roles and responsibilities. Maintain the service catalogue and ensure organizational alignment across business units and technology teams. Develop and deliver consolidated reports on agreed security metrics, such as training completion rates and awareness initiatives. Coordinate the collection of evidence to support internal and external regulatory attestations and compliance reviews. Drive continuous governance improvements through structured policy lifecycle More ❯

Cloud Security Engineer – Contract (Inside IR35) Hybrid 2/3 days from the London office We are seeking an experienced Cloud Security Engineer with a strong emphasis on AWS. The successful candidate will be responsible for designing, implementing, and maintaining secure cloud infrastructure, ensuring a robust security posture and supporting continuous delivery of our applications. Key Responsibilities … Design and implement secure AWS cloud infrastructure, focusing on system architecture, Identity and Access Management (IAM), encryption, data protection, and network security. Collaborate with the Information Security and application teams to drive cloud security initiatives and align with the broader security strategy. Enhance and secure CI/CD pipelines across multiple applications by embedding secure coding … and DevSecOps best practices. Develop automation tools and scripts to streamline security processes, monitor key security metrics, and support operational demands. Stay up to date with emerging threats, industry trends, and mitigation techniques to continually improve cloud security controls. Required Skills and Experience: Minimum 3 years in a DevSecOps capacity and 5+ years in cloud security More ❯

Trainee Recruitment Consultant Cyber Security Market - International Talent Agency Founded in 2016, the business are a well-established agency within the Cyber Security market. They have very quickly grown from a small family firm into a bustling Cyber and Information Security recruitment specialist business covering UK, Europe & US . They are currently looking for a hard … offered full training and development from their experienced management team . In this role you will be responsible for identifying and contacting new clients that have requirements for Cyber & Information Security staff within the UK & Europe. Then sourcing the ideal candidates through a mixture of advertising, head hunting and using their highly developed candidate database. Trainee Recruitment Consultant More ❯

internal controls are regularly reviewed, updated and accessible. Prepare and present relevant compliance materials, including legal registers and policies during audits, with coverage in all relevant areas such as information security, data privacy, environmental law, and health and safety Support post-audit activities, including the development and implementation of corrective action plans where findings are identified by internal … and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO 37301 (compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation More ❯

all supporting facilities and online devices Propose implementation procedures to Management according to Head Office’s policies and IT Centre’s requirements Assess systems, IT rooms and IT devices security risk, proposing security risk control solutions and being responsible for execution. Responsible for the design and maintenance of contingency plans of the above systems, carrying out annual disaster … and products, carrying out technical solution design for the continuing development of IT Centre Mandarin Speaking IT Infrastructure Manager - The Skills You'll Need to Succeed: Degree educated in Information Technology, Computer Science, Software Engineering or other equivalent Certificate in SSCP, MCSA, RHCE, CCNP is preferred Experience in system administration (e.g. Windows Server, Linux) Experience in virtual technology products … e.g. VMware, Hyper-V) Experience in IT room and device administration Experience in project management Knowledge of principles of Information Technology Knowledge of database operations and management Knowledge of Information Security, Cyber Security and GDPR Good problem solving skills Team player Excellent English and Mandarin communication skills Please view all our Team China jobs at people More ❯

to identify flexible, pragmatic architecture solutions. Participate in vendor evaluations and influence technology roadmaps where necessary. Develop and demonstrate new concepts or technologies through PoCs. Partner with infrastructure and information security teams to ensure secure, reliable solutions. Lead architecture design for new initiatives focused on process automation and index management capabilities. Mentor technical leads and consultants to build … and NoSQL databases. Strong understanding of Agile and SAFe methodologies. Experience designing solutions in distributed, resilient environments and integrating enterprise applications. Cloud architecture expertise (AWS preferred). Familiarity with information security best practices. Experience with BPM implementation (advantageous). Proven ability to handle design dependencies within matrix organizations. Business & Sector Expertise (Desirable): Understanding of asset management, including fixed More ❯

Cloud Security Engineer - London - £480/pd Outside IR35 Please note - this role will require you to work from the London based office 1-2 days per week. You must have the unrestricted right to work in the UK to be eligible for this role. About the Role A digitally driven reinsurance broker is seeking a Cloud Security Engineer to play a key role in strengthening its cloud security posture across multi-cloud environments. This is a hands-on contract role focused on designing, implementing, and maintaining secure cloud environments, with a strong emphasis on leveraging the latest Google Cloud Platform (GCP) technologies. You'll work closely with engineering, operations, and compliance teams to embed security best practices across platforms including GCP, Azure, and M365. Key Responsibilities Design, implement, and manage cloud security policies and solutions for GCP and Azure. Configure and maintain security tools such as Cloud IAM, Security Command Center, VPC Service Controls, Azure Security Center, Azure AD, and Microsoft Defender for Cloud. Conduct security assessments, vulnerability scans More ❯

each covering their own space: Infrastructure : They own the platform architecture and makes sure our tech ecosystem is running at its best. They work closely with Service Delivery and InfoSec to spot improvements, tackle risks, and ensure the TIG’s software infrastructure is solid. Information Security : They ensure our security measures are up to date and effective … overseeing things like ISO audits and security policies. They work with all tech teams to make sure systems are well-protected. Service Delivery : Runs the Service Desk and leads the support engineers, handling all IT support issues. They’re the go-to team for tech support, working with all of tech to make sure everyone’s knowledgeable about the More ❯

assessment, and treatment activities across the enterprise. The ideal candidate will have expertise in risk and control environments, strong analytical acumen, and a solid understanding of technology and cyber security frameworks. You will work closely with global stakeholders to ensure that risk data is accurately captured, analyzed, and reported to support informed decision-making and effective risk management. This … reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk … data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Ability to interpret complex technical data and translate it into actionable business insights. Excellent communication and stakeholder engagement skills. Strong organizational skills and attention to detail. Ability to assess and manage information security risks effectively. Detail More ❯

Who we are: ALTEN, an engineering and technology consultancy, We are a leading Engineering and IT consultancy operating across 30 countries, making waves in all sectors: Aeronautics, Space, Defence, Security and Naval, Automotive, Rail and Mobility, Energy and environment, Life Sciences and Health, Industrial Equipment and electronics, Telecoms, Banking, Finance & Insurance, Retail, Services & Medias, Public Services & Government. With a … UK entities, working closely with the Group Legal Corporate Department. Manage delegations of authority, signatures, and contracts for key personnel, ensuring governance standards are upheld. Support the Quality and Information Security teams with review of governing policies and procedures. Support Finance team with legal and compliance queries, including for audit purposes. Insurance & Compliance: Work with the Group Insurance … ALTEN’s insurance policies across the UK entities. Support the Group Compliance Department in the deployment of the anti-corruption program, data protection program, international trade sanctions, and national security programs. M&A Legal Support: Collaborate with the Group M&A team to provide legal support during mergers and acquisitions. Participate in legal due diligence for targets and manage More ❯

Security Consultant – London, United Kingdom 🚀 Be the Defender of Tomorrow’s Digital World with Kyndryl Are you ready to step into a role where your decisions protect organizations, empower innovation, and define the future of cybersecurity? At Kyndryl , our Security Consultants aren’t just experts—they’re strategic advisors, problem-solvers, and the first line of defense in … a fast-evolving threat landscape. Here’s what the role looks like: 🔍 What You’ll Do Analyze, assess, and implement end-to-end security controls and policies Lead risk assessments , security audits, and design secure architectures Collaborate with clients to develop and enforce robust, real-world security frameworks Get hands-on with firewalls, IDS/IPS, encryption … and access control tech Stay ahead of threats and apply cutting-edge security practices —Zero Trust, Cloud Security, IoT, AI, and more Influence system design to be secure by default , not by patch. 🧠 You Should Have: ✔️ 8+ years in security consulting or implementation ✔️ Expertise in frameworks like NIST, RMF, Common Criteria ✔️ Strong grasp of risk management , compliance More ❯

Overview With existing certifications in ISO 27001:2022 and ISO 9001, and a roadmap to achieve ISO 45001 and ISO 14001, we are committed to maintaining high standards of security, quality, health & safety, and environmental performance. To support our continued growth and reduce the administrative burden on senior staff managing multiple compliance programmes, we are now recruiting a Compliance … strategy, helping us embed compliance into our culture while preparing the group for scalable, audit-ready operations. across all standards. Key Responsibilities Gain and maintain compliance with ISO 27001 (Information Security), ISO 9001 (Quality), ISO 45001 (Occupational Health & Safety), and ISO 14001 (Environmental) and any future compliance programs the business may choose to implement. Act as the primary More ❯

delivery and post-contract disputes. Dealing with complex transactions, including negotiating and drafting agreements related to outsourcing, managed services, telecommunications, cloud computing, data hosting, IT infrastructure, software licensing, and information security. Advising on regulatory compliance, including privacy laws, data protection (e.g., GDPR), and cybersecurity regulations You’ll have the freedom to challenge thinking, influence key decisions, and bring innovative More ❯

of data and support decision-making?You will develop your own solutions and be expected to be innovative, but ensure compliance with the appropriate requirements for data protection and information security. As part of this role, you'll actively promote the use of M365 applications, helping the department make the most of the M365 applications that are available. Responsibilities … needs Collaborate with designers and analysts to create and test prototypes with users Turn prototypes into detailed technical designs and use these to build digital services Ensure technical performance, security, and scalability, using toolkits and APIs Participate in testing and validation of solution designs, using automation where possible Align designs with strategic and architectural principles, working closely with enterprise More ❯

they are. We are seeking a highly skilled DevSecOps Engineer to join our dynamic team. You will play a pivotal role in designing, implementing, and managing infrastructure, ensuring scalability, security, and compliance with industry standards. This position is ideal for someone who thrives in a collaborative environment and is passionate about optimising cloud infrastructure and automation processes. Requirements Infrastructure … Design, implement, and manage infrastructure using Terraform for scalable and secure provisioning. Compliance & Security: Ensure platform provisioning aligns with ISO and SOC compliance standards while collaborating with the InfoSec team to maintain security best practices. Containerisation & Orchestration: Deploy and manage containerised applications using Docker and other orchestration tools. Observability & Monitoring: Provision and maintain observability platforms such as DataDog More ❯