1 to 25 of 45 Information Security Jobs in the Thames Valley

Job summary We are seeking a highly skilled and motivated Information Security Analyst to join our Digital Data & Technology (DDaT) team. This is a pivotal role supporting the Chief Information Security Officer (CISO) in delivering cyber security services across the Trust and wider health and care system. The role will support the CISO in delivering … digital safety, security and overall improvement, adhering to the Target Operating Model. The Information Security Analyst will manage the delivery of all cyber security related services. This will include cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber relatedassertions, policy and procedure lifecycle management, and ensuring theTrust's information compliance adheres to … the Cyber Assurance Framework (CAF) and ISO27001. Main duties of the job Provide expert guidance on the selection, design, justification,implementation and operation of Cyber Security strategies, technologies,processes, procedures and standards. Support the development of controlsand management approaches to maintain the safety, confidentiality,integrity, availability and security of the Trust's digital infrastructure andsystems; including the protection More ❯

Information Security Operations Manager - Milton Keynes About MIB At MIB our people are passionate about making roads safer by getting uninsured and hit-and-run drivers off our roads. Working in partnership with the Police, Insurers and Government our collective aim is to make it a thing of the past but, until that’s accomplished, we’re here … and-run drivers and paid over £400 million in compensation to support victims rebuild their lives. About the role Are you ready to take the helm of a dynamic security team and shape the future of our cyber resilience? We’re looking for a strategic and hands-on Security Operations Manager to fortify our defences, drive compliance, and … lead proactive risk mitigation across the organisation. You’ll oversee Security Operations and Engineering, manage incident response, and collaborate with IT, legal, and compliance teams to embed a culture of security awareness. If you're passionate about protecting assets and reputation while leading with purpose—this is your opportunity to make a lasting impact. Key responsibilities Security More ❯

Information Security Officer - Lead Enterprise Security & Risk Management Location: Hybrid (UK-based) | Salary: Competitive + Bonus + Flexible Benefits My client, a forward-thinking technology organisation, is seeking an experienced Information Security Officer (ISO) to lead their enterprise-wide information security and IT risk management programme. This is a fantastic opportunity for a … security professional who wants to take ownership of strategy, governance, and delivery across a growing and innovative business. In this hands-on role, you'll design and implement a comprehensive information security framework , ensuring compliance with industry standards and supporting business objectives. You'll collaborate with senior stakeholders, oversee incident response, and drive continuous improvement in policies … controls, and awareness initiatives. Key Responsibilities Develop and execute an information security strategy and roadmap aligned with business goals. Lead on governance, compliance, and audit processes across the organisation. Manage incident response, penetration testing, and risk assessments. Support secure software development and supplier risk management. Promote security awareness and report regularly to senior leadership on risk posture. More ❯

Role: Information Security Officer Location: Milton Keynes Salary: £50k - £60k Work Pattern: Hybrid Summary: A new position has opened at an exciting software company for an Information Security Officer to lead the organisation's security strategy, operations, and compliance efforts. This hands-on role blends strategic security architecture with day-to-day operational management … and regulatory compliance oversight. The ideal candidate will establish and maintain security standards across the product portfolio, oversee secure system environments, and act as the primary contact for ISO 27001, PCI DSS, and GDPR compliance. Additionally, this role will support our commercial teams by contributing to tender responses and ensuring client security assurance. The Company: They are a … experience and a broad global client base, they develop solutions that simplify complexity and drive smarter, more efficient ways of working. Core Responsibilities: Strategic (30%) Define and maintain robust security architecture and standards across multi-cloud SaaS platforms. Integrate security best practices into product design, development, and roadmap planning. Conduct threat modelling and risk assessments for new features More ❯

Information Security Officer – Permanent, Hybrid, Milton Keynes Salary £50k-£60k plus benefits We are looking for an experienced Information Security Officer to lead security strategy, operations, and compliance. This is a hands-on role combining strategic security architecture with operational security management and regulatory compliance oversight. The successful candidate will define security standards across the business product portfolio, manage security environments, and serve as central point for ISO27001, PCI/DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Key responsibilities: Define technical security architecture and standards across multi-cloud SaaS platforms Embed security into product development lifecycle and roadmap planning … Conduct threat modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Manage security environments across Azure and AWS infrastructure Coordinate security incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Maintain ISO27001 More ❯

Job summary We are seeking an experienced and visionary Head of Security to lead the Trust's cyber, information security, resilience, and governance strategy. This senior leadership role sits within the Digital Data & Technology (DDaT) team and plays a critical part in safeguarding patient and organisational data, enabling secure digital transformation, and aligning local strategies with ICS … and national initiatives. The postholder will act as the Deputy Senior Information Risk Owner (SIRO) and provide strategic and operational leadership across architecture, infrastructure, live services, cyber security, and information governance. Main duties of the job Develop and implement a comprehensive cyber and information security strategy across the Trust and ICS. Lead risk management, resilience … cyber threats are integrated into resilience planning. Manage budgets, business cases, and funding proposals for cyber initiatives. Promote a culture of continuous improvement, training, and professional development across the security function. Deputise for the Associate Director of Digital Operations when required. About us Diversity makes us interesting... Inclusion is what will make us outstanding. Inequality exists and the journey More ❯

Permanent Based in Milton Keynes £50,000 pa - £60,000 pa Information Security Officer Hybrid Our client are a leading provider of software solutions for student accommodation, event management, catering, and residential services, they help institutions streamline operations, elevate customer experiences, and unlock their full potential.With over 25 years of experience and trusted by more than 350 institutions … and your impact is real. If you're ready to help shape the future of operational technology in education and events, we'd love to meet you. An experienced Information Security Officer to lead security strategy, operations, and compliance. This is a hands-on role combining strategic security architecture with operational security management and regulatory … compliance oversight. The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI/DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security architecture and standards across multi-cloud SaaS platforms More ❯

Permanent Based in Milton Keynes £50,000 pa - £60,000 pa Information Security Officer Hybrid Our client are a leading provider of software solutions for student accommodation, event management, catering, and residential services, they help institutions streamline operations, elevate customer experiences, and unlock their full potential. With over 25 years of experience and trusted by more than … and your impact is real. If you're ready to help shape the future of operational technology in education and events, we'd love to meet you. An experienced Information Security Officer to lead security strategy, operations, and compliance. This is a hands-on role combining strategic security architecture with operational security management and regulatory … compliance oversight. The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI/DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security architecture and standards across multi-cloud SaaS platforms More ❯

Your New Opportunity: A leading independent research organisation is seeking an Information Security Manager to join its cross-functional IT team. This is a unique chance to shape the security landscape of an organisation whose work supports scientific discovery and environmental insight across the UK and beyond. Your Role: In this hands-on leadership position, you'll … report to the Head of IT and take ownership of both strategic governance and technical delivery. You'll lead a small, dedicated team, including mentoring an Information Security Analyst currently undertaking day-release studies. Your ability to coach, guide, and inspire will be key to embedding a culture of security across the organisation.You'll collaborate with scientists … technologists, and operational teams to ensure security is not just a technical requirement, but a shared responsibility. Your structured approach to incident response and clear communication will strengthen resilience and build trust across departments. Key Responsibilities: Lead the organisation's Information Security programme, ensuring it is responsive, innovative, and cost-effective Manage a small team and oversee More ❯

New Opportunity: Information Security Manager (Permanent) Sector: Telecoms Infrastructure Location: Reading area - 3 days per week in office Are you ready to take the lead in shaping the future of cyber security within one of the UK's most dynamic digital infrastructure organisations? We're looking for an Information Security Manager to own and evolve … our Information Security Management System (ISMS) and drive alignment with ISO 27001:2022 . This is your chance to combine strategic influence with hands on impact - protecting critical assets, leading transformation, and championing a security first culture across the business. You'll collaborate closely with teams across IT, Legal, Procurement, and Operations , acting as the go to … expert for information assurance, incident management, and regulatory compliance . What You'll Be Doing Lead and continuously improve our ISMS Manage ISO 27001 certification, surveillance audits, and compliance activities Oversee cyber risk management and report key metrics to senior leadership Coordinate incident response, forensic investigations, and remediation efforts Drive supplier assurance and manage third party risk Maintain security More ❯

Title: Information Security Analyst Role: Full Time, Permanent Sector: SpaceTech Location: Oxfordshire (Hybrid, 2 days a week in office) Salary: £35,000-£55,000 Start: ASAP F5 are delighted to be working with a global leader in SpaceTech, who after some recent hires are looking to further expand their Cyber Security team. The ideal candidate will be … responsible for tracking vulnerabilities, managing threats and coordinating responses to emerging threats, supporting ISO 27001 implementation and ongoing ISMS activities, leading company-wide Information Security training, as well as designing and overseeing phishing simulations. Required Skills 2+ years' experience in an information security role Strong understanding of information security and cyber threat defence Hands … on experience with vulnerability scanning Ability to explain threats, vulnerabilities, and risks in a business context Experience delivering security training and running phishing simulations Experience with Microsoft Defender and/or third-party SOC Cybersecurity certifications (e.g. CompTIA Security+, CSA CCSK, ISC2 SSCP) Familiarity with ISO 27001 ISMS or Cyber Essentials+ Experience in risk assessment and management Eligible and More ❯

Information Security Manager - Contract (Inside IR35) 6 Months Initially Milton … Keynes/Hybrid We’re looking for an experienced Information Security Manager to take ownership of a key security improvement programme and help mature an existing InfoSec function. This role needs a trusted pair of hands – someone who can quickly assess what’s in place, bring clarity and structure, and deliver real change. You’ll lead the … hands-on, and confident operating independently We need someone who can roll up their sleeves, bring visibility to a “black box,” and make things happen. If you’re an InfoSec leader who thrives on turning complexity into clarity, let’s talk. More ❯

different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and manufacturing site teams. You will review, manage and … where required prepare responses to internal and external customer enquiries in relation to information and cyber security arrangements. You will support IT, procurement, legal, data protection and digital security and business stakeholder in relation to supplier information and cyber security due diligence and requirements. As the successful candidate you will also lead risk-based party … security assurance, management, and continuous improvement activities. In addition, facilitate and coordinate IT risk management risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T More ❯

About the role Here at DS Smith, a multi-national sustainable packaging provider, we are looking for a Security Assurance Analyst to join our growing Security Team. The mission of the I&T Digital Security organisation is to deliver an efficient and effective service that has scalability and flexibility to support the demands of a FTSE … business.Supporting Head of Information Security Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and relevant security policies and best … practices.In this position you will provide assurance and guidance that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policies.Visibility and the ability to build close working relationships with Information & Technology (I&T) team members, business stakeholders as well as external partners is essential. This will require some More ❯

Information Security Consultant - Virtual CISO (vCISO) 💷 Up to £60,000 | 🌍 Hybrid My client is seeking an experienced cyber security professional to step into an Information Security Officer role, acting as a trusted advisor to a diverse portfolio of organisations. This is an opportunity to directly influence and shape cyber security strategies at board level … while embedding yourself as a valued extension of your clients’ security teams. Key Responsibilities Serve as a strategic security partner, helping clients to define, develop, and mature their cyber security roadmap. Take ownership of internal Security Improvement Plans, ensuring risks are reduced and resilience is increased. Lead governance and oversight activities, including risk reviews, board-level … reporting, and mentoring client teams. Carry out security reviews across cloud, hybrid, and on-premises environments, identifying vulnerabilities and improvement areas. Provide guidance on compliance and frameworks such as ISO 27001, Cyber Assessment Framework (CAF), and Cyber Essentials. Contribute to incident readiness and response as part of the Cyber Security Incident Response Team (CSIRT). Actively contribute to More ❯

We’re seeking an experienced Information Security Manager to lead, develop, and continuously improve our Information Security Management System (ISMS) , ensuring compliance with ISO 27001:2022 and protecting the digital infrastructure. In this strategic yet hands-on role, you’ll manage cyber risk , drive security governance , and embed a security-first culture across the … organisation. You’ll also act as the key contact for information assurance, incident response, supplier security , and regulatory compliance . What you’ll do: Own and maintain the ISMS in line with ISO 27001 standards. Lead audits, risk assessments, and incident response. Oversee supplier assurance and security governance. Promote cyber awareness and staff training. Support ongoing compliance … with GDPR and regulatory frameworks. What we’re looking for: Proven experience managing an enterprise ISMS and ISO 27001 audits. Strong knowledge of cyber threats, cloud security (Azure, M365), and GDPR. Hands-on experience in vulnerability management, supplier assurance, and incident response. Excellent communication and stakeholder management skills. Benefits: Competitive salary with bonus scheme Very generous holiday allowance Hybrid More ❯

Our investment advisory client is seeking an experienced Director of Information Security to lead the cybersecurity program of a prestigious, globally recognised portfolio company, ensuring the protection of sensitive intellectual property, critical resources, and global operations. This role combines technical expertise with strategic business engagement, ensuring that security is seamlessly integrated across all commercial activities. This role … will oversee the organization’s security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the Group CISO. Responsibilities Strategic Leadership & Business Partnership Act as a trusted advisor to leadership across operations, engineering, and corporate functions. Translate … cybersecurity risks into business terms, enabling executives to make informed decisions. Partner with various areas within the business to embed security into projects & daily operations. Define and drive the overall security roadmap, ensuring it evolves with the business. Lead security benchmarking and strategic planning Continuous assessment of risk across the organization paired with the ability to implement More ❯

As a Control Testing Lead, you will play a key role within the Information Security team, supporting the Control Test and Assurance Manager in the delivery of a robust and forward-looking Cybersecurity Control Testing & Assurance Programme. This role requires strong cybersecurity expertise combined with hands-on experience in control testing, particularly in evaluating the effectiveness of security … Manager, with whom you will work to deliver the goals of the company to have a stable and fit-for-purpose control testing environment that supports the organisation's security and compliance objectives. What you'll be doing as a Control Testing Lead - Cyber Security Support the implementation and continuous improvement of the Cybersecurity Control Testing Framework. Execute … programme. To thrive in this role, the essential criteria you'll need are Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, cyber risk management, and control frameworks. Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls. Clear and professional verbal and written communication More ❯

Security Consultant (Governance, Risk, Compliance) Reading, UK (Hybrid with some travel) £30.00–£40.00 per hour (Inside IR35) 6-month contract. Potential to extend up to 2 years We are seeking an experienced Cyber Security Consultant (GRC) to join a leading global technology organization as part of their expanding Cyber Security practice. The successful candidate will deliver a … full project lifecycle from scoping to delivery and reporting. You’ll work closely with senior stakeholders, from technical teams through to directors, providing expert advisory support to strengthen cyber security frameworks and ensure compliance with global standards. Key Responsibilities Deliver end-to-end Cyber GRC consulting projects for enterprise clients. Conduct risk assessments, develop compliance frameworks, and provide actionable … recommendations. Apply industry standards such as ISO27001, NIST CSF, CIS Top 18, and COBIT. Support clients with Cloud Security, Business Continuity, Disaster Recovery, and emerging technology risk management. Collaborate with internal and client teams to enhance cyber resilience and compliance maturity. About You Minimum of 4+ years’ experience in IT Security, Information Security Governance, Technology Risk More ❯

Security Consultant – GRC (Governance, Risk & Compliance) Location: Reading (Remote role with once or twice per month on-site) Rate: Negotiable (DOE) Contract: Until May 2026An excellent opportunity has arisen for an experienced Security Consultant (GRC) to join a global technology organisation that’s expanding its EMEA cyber security consulting practice and investing heavily in a new Centre … of Excellence.This is a hands-on consulting position delivering Governance, Risk and Compliance (GRC) projects for major enterprise clients — including risk management, cloud security governance, and compliance frameworks such as ISO27001, NIST CSF, CIS Top 18 and COBIT .You’ll play a key role in engaging with senior stakeholders, assessing cyber maturity, and driving best-practice improvements across a … of industries. Key Responsibilities Deliver Cyber GRC consulting engagements end-to-end — from scoping and planning through to delivery and close-out. Provide advisory services covering areas such as Information Security Governance, Risk Management, Compliance, Business Continuity, and Cloud Security. Translate complex security and compliance requirements into actionable business solutions. Build trusted relationships with clients at both More ❯

The Policy Support Lead will be responsible for developing, implementing, and maintaining security policies, standards, and procedures to ensure the protection of our information assets. This role requires a good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security. The role will report directly to the … Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit-for-purpose security standards framework. This is a role that requires the individual to be able to work independently, finds fulfilment in a challenging and fast-paced environment and take accountability to meet and drive the needs … of the programme. What you'll do as a Policy Support Lead Security Standards Management: Develop and maintain comprehensive security policies, standards and procedures across the organisation. Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R). Review and update standards regularly in response to emerging threats and regulatory changes. Governance & Compliance More ❯

Help secure the sensitive data that underpins the success of one of the Formula 1's teams. As the Director of Information Security, you'll lead the cybersecurity program, safeguarding everything from race strategies and car designs to simulations and global operations. This is a hands-on strategic role, ideal for someone who can dive deep into the … technical tooling and set strategic direction for a small but high-performing team. The remit cover end-to-end defence, covering security strategy, incident response, vulnerability management, cloud security and insider risk protection, all within one of the most data-driven, high speed environments. You'll partner closely with engineering, IT and senior leadership to embed security More ❯

larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks … such as ISO 27001, COBIT, Information Security Forum and NIST. If you are available and interested, please apply today More ❯

that all documents, trackers, and related materials are kept up to date and stored appropriately in the correct drives Assist with any additional tasks or responsibilities as needed Maintain information security by complying with the company's Information Security Management System (ISMS) and all relevant policies About you: Experience: Project scheduling and coordination experience is an … be advantageous Personal Attributes: Possesses good written and verbal communication skills and the ability to communicate complex technical issues to non-technical clients. Keen to research new products and information around technical solutions that could provide answers and solve problems that benefit the whole team. Feel that every day is a day of learning and knowledge. Harnesses pressure to More ❯

24th November 2025 There is an expectations to travel to different Chiltern sites outside of your base location to support wider colleagues and attend meetings. Job Purpose The IT Security Operations Engineer is responsible for protecting the digital services that support a safe and reliable journey for our passengers and a secure working environment for our staff. This is … a hands-on role focused on strengthening our security posture through technical expertise and cross-departmental collaboration. You will report into the IT Information Security Manager with expected collaboration with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to detect, prevent, and respond to cyber threats across our IT and operational networks. Implementing and reviewing Security Controls: Serve as the subject matter expert for implementing technical security controls on applications, networks, and infrastructure to mitigate risk. Fostering Collaboration: Work closely with a wide range of internal teams, from More ❯