UK HQ, 40 High Street, Street, Somerset, United Kingdom Req PURPOSE To work with multidisciplinary teams across Clarks Technology and business areas to identify, design, and build security controls to protect Clarks' applications, networks, and data from security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles … industry standards and frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks' overall security posture. DIMENSIONS Financial : No direct financial responsibilities, though the role may be required to assist ITLT and other Clarks Technology managers in strategic planning linked to budgeting linked to … security and related technologies Reports : No direct line reports currently Impact the job has on the business: The company's exposure to security risks has never been greater - with an ever-changing threat landscape, continually evolving privacy regulations, the growth in Software-as-a-Service (SaaS) and AI, and the centrality of data to meet our business objectives More ❯
Your new company - Financial Services Your new role - Permanent - ON SITE 5 Days per week. - UK OnlyWe are looking for a highly skilled Information technology Security Engineer to join the IT team. As the first line of defence in the IT department, the principal purpose of this job mainly focusses on informationsecurity, cybersecurity and data … security, including a wide scope, such as physical security of computer rooms, operating system level security of Windows and Linux, network security of firewall and other security devices, application security both development and testing phrase, terminal security, backup security, third party and supply chain security of IT service provider.Liaison with the … Head Office, Security Operation Centre of Data Centre for implementing security policies, projects and security controls. Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulations.The ideal candidate will be responsible for managing informationsecurityMore ❯
The team you'll be working with: The Security Architect will be responsible for the design, implementation and ongoing development of the security architecture of the client's IT systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to the design of secure client … end-to-end solutions Develop secure conceptual, logical and high level designs by identifying appropriate security controls to be embedded in solutions that meet business requirements whilst evidencing alignment to the target risk appetite. Own the design and be able to articulate and justify design recommendations at security architecture assurance gates Draft design documentation, options papers, risk assessments More ❯
60k per annum As a Cloud/Cyber Security Solutions Architect , you will design and implement advanced cloud and security architectures to protect an organisation's critical digital assets. You'll collaborate with key stakeholders, ensuring that security solutions align with business objectives and regulatory requirements. Your expertise in cybersecurity technologies will drive the development of secure … solutions, incorporating identity and access management, data protection, network security, and compliance strategies. You will also ensure seamless integration of these security measures within existing systems while staying ahead of industry trends and emerging threats. Key Responsibilities : Cloud Architecture Design : Develop cloud-based solutions, integrating security from the ground up. Security Assessment & Planning : Identify and mitigate … security risks, ensuring regulatory compliance. Identity & Access Management : Implement RBAC, MFA, and IAM solutions to safeguard sensitive data. Data Protection & Encryption : Protect data at rest, in transit, and in use through encryption and tokenization. Network Security : Design secure network architectures, implement IDS/IPS, firewalls, and VPNs. Security Monitoring & Incident Response : Build monitoring solutions, develop incident response More ❯
Southampton, Hampshire, United Kingdom Hybrid / WFH Options
NICE
InformationSecurity Analyst - Audit, Compliance & Cybersecurity United Kingdom - Southampton At NICE, we don't limit our challenges. We challenge our limits. Always. We're ambitious. We're game changers. And we play to win. We set the highest standards and execute beyond them. And if you're like us, we can offer you the ultimate career opportunity that … And if you're like us, we can offer you the ultimate career opportunity that will light a fire within you. So, what's the role all about? The InformationSecurity Analyst is primarily responsible for ensuring compliance with informationsecurity frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR … reports and present findings to management during status updates and closing meetings. External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence. Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection. Incident Response Support: Participate in incident response efforts, documenting More ❯
holder. Duties may be changed, after discussion, to suit the operational requirements of Olympus Tech. KNOWLEDGE, SKILLS AND EXPERIENCE Technical Educated to Degree Level, or equivalent, in Computer Science, Information Technology or related discipline. Proven experience in software support and technical/business/data analysis. Able to communicate effectively and clearly in writing and verbally, including drafting correspondence … PHP, etc). The ability to work with large datasets across multiple platforms with confidence. A systematic and analytical approach to problem solving with the ability to communicate technical information to both technical and non-technical audiences. Excellent skills with Microsoft Excel. Essential Self-motivated, with high energy and enthusiasm. Strict attention to detail. Highly intuitive and tech savvy. … data sets Experience with property management software MRI Qube, Yardi or similar. Experience with complex databases Experience in system support, monitoring & troubleshooting. Experience of working in environments with high informationsecurity standards to meet needs of ISO27001, SOC2 and GDPR etc Experience with AI and/or Machine Learning Project planning and management experience. Experience with finance systems More ❯
Cardiff, Wales, United Kingdom Hybrid / WFH Options
Creditsafe
Join our dynamic team as a Security Operations Manager, where you'll lead and enhance our security strategies to protect critical assets and ensure operational resilience. WHO ARE WE? Privately owned and independently minded, Creditsafe operates with the singular vision of powering business decisions. We do this by delivering valuable intelligence on customers, suppliers and potential buyers to … corporates, public sector organisations and SMEs globally. Our journey began in 1997 in Oslo, Norway in 1997, with a revolutionary dream to make business information accessible to all. Twenty-five years later, we’ve not only realised this dream, changed the market for the better, made data intelligence accessible to all businesses big and small but most importantly, opened … identification, our industry-leading solutions, power decisions for companies by turning their data into actionable insights that help them become stronger, grow faster and thrive. THE TEAM Creditsafe’s InformationSecurity and Compliance team are motivated by protecting company reputation, safeguarding existing revenue, and supporting the generation of future revenue. We realise that security can often be More ❯
MCS Group is seeking a Cyber Security Third Party Risk Management Lead to join their client, a thriving and well-established organisation with headquarters in Dublin. This position is a 12 month Fixed Term Contract into permanency as is standard in the organisation. With multiple projects in the pipeline and a growing team, this is a fantastic opportunity for … be responsible for designing, implementing, and overseeing a robust third-party risk management programme. This role ensures that all external vendors, suppliers, and partners align with the organisation's security, compliance, and operational risk standards. Working closely with teams across procurement, legal, IT, the cyber team, and other business units, the TPRM Lead will assess, monitor, and mitigate third … management function, playing a key role in safeguarding the organisation against external threats. The successful candidate will be afforded public sector benefits - increased holidays, fantastic pension and unmatched job security in an organisation which truly reflects work-life balance! This is a hybrid role with with city-centre offices. The Role Enhance the third-party risk management framework that More ❯
FTSE 100 company that is building a people first culture and is based in one of the best cities to live in the UK? If so, read on. The InformationSecurity & Resilience Team at Unite Students are looking for an experienced, enthusiastic SecOps Engineer. We are supporting the business in all its objectives - from building new interfaces with … digital assets (and its people) but you ll get plenty of support and guidance, and your knowledge and experience will be invaluable to help shape the direction of our InfoSec capability. What You ll Be Doing Network Security: Design, implement, and manage secure network architectures. Monitor network traffic for suspicious activity and respond to security incidents. Conduct regular … network security assessments and audits to ensure compliance with security policies and standards. Vulnerability Analysis: Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. Develop and implement strategies to address vulnerabilities. Track and report on the status of vulnerabilities and remediation efforts. Forensic Analysis: Perform forensic analysis of security incidents to determine More ❯
Winchester, Hampshire, United Kingdom Hybrid / WFH Options
Arqiva
Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment … travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our InformationSecurity Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other standards … Help identify and assess informationsecurity risks, working closely with the Cyber Risk Manager Provide guidance to colleagues on basic security best practices and requirements Contribute to reporting on the ISMS performance and improvement plans Support continual improvement initiatives and track progress Keep up to date with key trends and changes in informationsecurity and More ❯
St. Albans, Hertfordshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security solutions design and implementation. Work with the Cyber Defense group and the Security Operations … Center to evaluate the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security solutions design and implementation. Work with the Cyber Defense group and the Security Operations … Center to evaluate the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Deloitte LLP
practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security solutions design and implementation. Work with the Cyber Defense group and the Security Operations … Center to evaluate the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA More ❯
advocate for necessary product enhancements. Mentor and support junior pre-sales engineers in technical methodologies and best practices. Assist in responding to Requests for Proposals (RFPs) and Requests for Information (RFIs) with technical documentation and specifications. Participate in trade shows, webinars, and customer events to promote our solutions and expand our presence in the market. Build strong relationships with … customers, acting as a trusted advisor throughout the sales cycle. Deep understanding all our technical capabilities across the sales cycle, including but not limited to, informationsecurity The knowledge and skill to answer technical queries for customers across the Sales Cycle, including informationsecurity, risk, architecture, and platform performance. Individuals will have access to our content … sales methodologies. Strong analytical and problem-solving capabilities. Willingness to travel as needed for client meetings, events, and training sessions. Preferred Qualifications: Bachelor's degree in Engineering, Computer Science, Information Technology, or a related field preferred; Master's degree a plus Relevant certifications (e.g., AWS Certified Solutions Architect, Microsoft Certified: Azure Solutions Architect, etc.) are a plus. Familiarity with More ❯
Oxfam is a global movement of people working together to end the injustice of poverty. Are you a visionary leader with a passion for safeguarding sensitive information on a global scale? Do you have the technical expertise to develop and implement leading informationsecurity and data protection strategies that ensure compliance and security? Can you inspire … teams to prioritise informationsecurity in an ever-evolving digital landscape? The Role: Oxfam GB is seeking a Head of InformationSecurity and Data Protection to lead the Cybersecurity, Data Protection, and Information Governance teams. This role involves managing risks across these areas, ensuring compliance with relevant regulations and control frameworks, and coordinating informationsecurity efforts across the wider Oxfam confederation to protect its reputation and systems. Reports to: Chief Transformation Officer Direct reports: InformationSecurity Manager, Data Protection Manager, Data Protection Officer, Information Governance Lead What we are looking for: We seek a candidate who is committed to Oxfam's mission to end poverty and aligns with our More ❯
Experience Years: 3-5 Years of Experience Employee Type: Regular Remote Type: Onsite About the Opportunity The role of InformationSecurity Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. As an InformationSecurity Engineer, you will be responsible for security operations, using and managing security systems, identifying and … managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of InformationSecurity Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. … As an InformationSecurity Engineer, you will be responsible for security operations, using and managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities More ❯
Job Title: Cyber Security ManagerLocation:Wiltshire, United Kingdom (with some travel required)Salary:£62,000 - £73,000 (depending on experience) + Bonus + Excellent BenefitsClearance:Must be a British National and SC Cleared or EligibleAbout the Role:We are seeking a highly skilled and motivated Cyber Security Manager to lead and enhance our cyber security posture. This … security framework aligned with industry best practices.Key Responsibilities:* Lead and manage cyber security incidents, ensuring timely resolution and root cause analysis.* Oversee the implementation and maintenance of InfoSec and Cyber Security compliance and assurance programs.* Ensure alignment with ISO 27001, NIST, and other relevant security frameworks.* Collaborate with the Security Operations team to monitor, detect … CV will be treated in the strictest confidence and we would always speak to you before discussing your CV with any potential employer.Keywords:Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, SecurityMore ❯
Job Title: Cyber Security Manager Location: Wiltshire, United Kingdom (with some travel required) Salary: £62,000 - £73,000 (depending on experience) + Bonus + Excellent Benefits Clearance: Must be a British National and SC Cleared or Eligible About the Role: We are seeking a highly skilled and motivated Cyber Security Manager to lead and enhance our cyber security … framework aligned with industry best practices. Key Responsibilities: * Lead and manage cyber security incidents, ensuring timely resolution and root cause analysis. * Oversee the implementation and maintenance of InfoSec and Cyber Security compliance and assurance programs. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the Security Operations team to monitor, detect … will be treated in the strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, SecurityMore ❯
Wokingham, Berkshire, United Kingdom Hybrid / WFH Options
National Grid plc
build on this momentum, advancing the National Energy System Operator's (NESO) plan for zero carbon operability of the electricity system by 2025. We are seeking an experienced Senior Security Architect to work across all programme workstreams, reporting to the Enterprise Security Architect. This role involves designing secure solutions fit for the future, ensuring NESO's long-term … success. The Senior Security Architect will not only be hands-on when designing architectures, reviewing proposals, designs, and preparing documentation but will also support the Enterprise Security Architect by ensuring that the overall security strategy and policies are considered throughout the design and build process. The Senior Security Architect will play a crucial role in promoting … collaboration among various teams, eliminating siloed workflows, and integrating secure design principles along with other critical security protocols across different stages of the delivery lifecycle. In this role, you will regularly attend the Security Architecture Group meetings, contributing to the development of essential architecture strategies and patterns for NESO. Building and managing relationships with the business is key More ❯
Basingstoke, Hampshire, United Kingdom Hybrid / WFH Options
InstaVolt
self-service capabilities for common support tasks to improve efficiency and user experience. Collaborate with the CTO and technology leaders to align IT strategies with business goals, supporting scalability, security, and regulatory compliance. Manage and optimise hybrid cloud environments (e.g., Azure, AWS, Google Cloud) in support of internal services and business operations. Deliver demonstrable progress in the company's … support team, including recruiting, coaching, performance management, and professional development. Manage relationships with external vendors, MSPs, and technology partners to ensure cost-effective and reliable service delivery. Collaborate with InfoSec and Legal teams to ensure compliance with relevant regulations (e.g., ISO 27001, GDPR). Lead incident response and disaster recovery planning/testing for internal platforms and operational IT. Requirements … Needed: Bachelor's degree in information technology, Computer Science, or related experience. 10+ years of experience in IT operations and support services, with at least 5 years in a leadership role. Proven experience managing enterprise IT systems, cloud platforms, and service desk operations in a 24 7 environment. Strong knowledge of ITSM frameworks and modern collaboration tools (e.g., M365 More ❯
Are you currently working for an IT provider but ready to step into the world of dedicated Cyber Security? We have an exciting opportunity for an InformationSecurity Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance … Team's service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security programs Contribute to significant projects that support clients' compliance and risk management goals If you're ready to make an impact in Cyber Security, this role is for you! Responsibilities: Ensure … protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team with scoping engagements and delivering valuable services More ❯
InformationSecurity and Assurance Advisor Leek Wootton Permanent opportunity JOB PURPOSE: To provide expert guidance and specialist advice on all aspects of information assurance, security, and risk management. The role ensures the development and implementation of relevant policies, procedures, and processes necessary for compliance with national standards and codes of connection for information systems. This … role includes maintaining the InformationSecurity Incident Register, coordinating investigations into reported incidents, and recommending corrective measures to prevent recurrence. The postholder will also undertake onsite audits of facilities and assessments of third-party suppliers to ensure compliance with expected security and assurance standards. Additionally, the role supports departments with completing Data Protection Impact Assessments and offers … professional advice on information assurance and security-related matters. MAIN RESPONSIBILITIES: Support the InformationSecurity and Assurance programme to ensure assurance and compliance processes meet national standards and reporting requirements (e.g. SyAP). Develop, review, and implement policies and best practices for managing information and cyber security, in alignment with organisational needs. Establish and More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Sanderson
InformationSecurity/Information Privacy SME (Contract) Location: Central London (Hybrid - 2 days onsite per week) Contract: Inside IR35 or Umbrella Engagement Duration: 6-12 months (with potential extension) Industry: Private Banking/Wealth Management Role Overview: We are seeking a highly experienced InformationSecurity/Information Privacy Subject Matter Expert (SME) to support … a leading private bank in London. This role is focused on providing strategic and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank's information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to informationsecurity and privacy. Advise on the development and maintenance of security policies, procedures, and frameworks. Review and strengthen current informationsecurity architecture and controls. Conduct risk assessments, gap analyses, and privacy impact assessments (DPIAs). Provide expert input on GDPR, UK Data Protection Act, and other relevant regulations. Partner with internal stakeholders across legal, compliance More ❯
Liverpool, Lancashire, United Kingdom Hybrid / WFH Options
B&M Retail Limited
Join one of the UK's fastest-growing retailers and help shape the future of security, resilience, and business continuity at B&M Retail. We're on the lookout for an experienced and proactive InformationSecurity Business Partner (ISBP) to act as a key liaison between our central InformationSecurity function and business units across … offers the opportunity to make a real impact by embedding best practices, reducing risk, and fostering a culture of operational resilience. About the role: Reporting to the Head of InformationSecurity Risk & Assurance, the ISBP plays a central role in embedding informationsecurity, business continuity, and risk management across our organisation.You'll support a broad range … Supply Chain & Logistics -Support Centre. Your responsibilities will include: Business continuity & incident response Leading crisis simulations and scenario-based exercises with stakeholders Supporting disaster recovery planning and testing Delivering security incident response training and playbooks Coordinating business continuity planning and improvement tracking Acting as a liaison during major incidents and assisting with post-incident reviews InformationsecurityMore ❯
As a Lead Security Control Assessor, you will be responsible for leading the assessment and evaluation of security controls across systems and processes both on-premise and in the cloud, to ensure they effectively mitigate risks and comply with regulatory and industry standards. You will oversee and conduct security control testing, to verify the design, implementation, and … operational effectiveness of controls. In this role, you will work in an agile environment, ensuring the quality of security assessments through thorough testing, automation, and collaboration with cross-functional teams and various stakeholders. Summary of Primary Responsibilities Design and deliver repeatable testing methodologies to support control assurance testing, including automated testing steps for cloud environments. Ensure control tests are … well-planned, including risk identification, sampling, selection of controls, testing methods, and reporting criteria. Lead control testing teams to perform design and operating effectiveness testing of informationsecurity controls, including fieldwork, testing, and reporting activities. Provide quality assurance for control testing documentation produced during testing, ensuring accurate and timely completion of all required control testing documentation. Identify and More ❯