London, England, United Kingdom Hybrid / WFH Options
Onyx-Conseil
meet the companys information protection requirements. • Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standardsand regulations. • Provides internal customer support via assigned tickets for security-related issues, while … Systems, Computer Science, or similar discipline. • Provides a documented work history that includes a minimum of 5-years experience in Information Security. • Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS … Ability to manage and continuously improve upon vulnerability management program. • Ability to propose solutions for closing identified vulnerabilities in the infrastructure. Desired Qualifications: • Certified Information System Security Professional (CISSP), NIST Cybersecurity Framework (NCSF), Certified Cloud Security Professional (CCSP) andor Certified Ethical Hacker (CEH) • Knowledge and experience with Microsoft Office and Visio. • Knowledge of WAN technologies including MPLS, SD WAN. • Knowledge More ❯
and regulatory frameworks exposure and awareness • Industry best practices such as OWASP, Cyber security framework and NCSC guidance • Information Security Management System (Infrastructure Security Operations and Incident Management). • NIST Cyber Security Framework • ISO 27001 - Information Security Management System (ISMS) • CIS - Center of Internet Security (Cyber security best Practices) Required Qualifications Bachelor's degree in computer science, Information Security, or More ❯
re seeking someone with a strong foundation in cybersecurity and IT infrastructure. Ideally, you’ll bring experience or knowledge in the following areas: Familiarity with key security frameworks like NIST 800-53, ISO 27001, CIS Controls, and MITRE ATT&CK. Understanding of information risk management and how to align security controls with business needs. Hands-on experience with network infrastructure More ❯
security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standardsand frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks' overall security posture. DIMENSIONS Financial : No direct financial … project and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening, host … and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies/experience: Experience with More ❯
security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standardsand frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks’ overall security posture. DIMENSIONS Financial : No direct financial … project and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening, host … and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies/experience: Experience with More ❯
London, England, United Kingdom Hybrid / WFH Options
Onyx-Conseil
implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls as needed. Contribute to cybersecurity strategic planning and budgeting. Follow change management … policies. Qualifications Bachelor's degree required; advanced degree highly desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are … highly desirable. Ability to analyze and recommend security improvements. Desired Qualifications Certifications like CISSP, NIST CSF, CCSP, CEH. Knowledge of cloud security (AWS, GCP, Azure). Experience managing Cisco ELA products, Splunk, SolarWinds, Varonis, Darktrace. Experience in HIPAA/FDA regulated environments. Competencies Motivation, initiative, administrative skills, interpersonal skills, self-management, thinking skills, customer orientation, adaptability, problem-solving, and effective More ❯
London, England, United Kingdom Hybrid / WFH Options
In Technology Group
SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks andstandards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem–solving, and communication skills. Desirable: Experience in the finance or fintech More ❯
Milton Keynes, Buckinghamshire, South East, United Kingdom Hybrid / WFH Options
In Technology Group Limited
SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks andstandards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech More ❯
response workflows, timelines, and action items for continuous improvement. 8. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key skills/knowledge/experience More ❯
automation and security tool development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response More ❯
architecture Experience conducting vulnerability assessments, incident response, and forensics using tools such as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like an attacker and find creative security solutions Experience of working in a hands-on role More ❯
automation and security tool development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response More ❯
automation and security tool development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response More ❯
evolving cybersecurity trends, regulations, and best practices. Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security incidents in a large organization. More ❯
you will help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns andstandards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat-based … information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance reporting More ❯
analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation. What More ❯
platforms. Perform regular audits and security assessments across cloud (AWS, Azure) and SaaS platforms to identify risks and ensure compliance with internal policies and industry standards (ISO 27001, CIS, NIST). Manage and enforce Identity and Access Management (IAM) controls, including conditional access, MFA policies, role-based access control (RBAC), and least-privilege enforcement across Microsoft Entra and AWS IAM. … Intune, and AWS IAM/Security Services. Strong background in cloud security (AWS/Azure), including the shared responsibility model. Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST). Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms. Basic scripting for automation and reporting using PowerShell or Python. Working knowledge of network More ❯
analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation. What More ❯
win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What … and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. More ❯
UK public sector experience, preferably within Emergency Services. Deep understanding of UK public sector security policies, compliance/assurance requirements, and audit practices. Understanding of industry-recognised cybersecurity frameworks (NIST, ISO 27001, CIS), global privacy regulations, and emerging threats. Current holder of (or able to be cleared to) SC and ideally DV security clearance. Experience of working in multi-provider More ❯
win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What … and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. More ❯
London, England, United Kingdom Hybrid / WFH Options
Thomas Miller
captures (Wireshark, TCPDump). Familiarity with scripting languages such as Python, Bash, or PowerShell. Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of incident management frameworks like NIST, MITRE ATT&CK. Preferred Qualifications: Certification such as CompTIA Security+ Bachelor's degree in Computer Science, Information Security, or related field Seniority level Seniority level Associate Employment type Employment type More ❯
/IPS), and endpoint security Hands-on experience with log analysis and alert triage, vulnerability scanning and patching and incident response Working knowledge of cyber security and compliance frameworks (NIST, ISO 27001, MITRE ATT&CK). Experience or strong interest in using scripting and automation for security operations Soft Skills: Excellent written and verbal communication skills, with the ability to More ❯
DUO MFA Firewall & Network Security : Cisco, Palo Alto, NAC DLP tools: Microsoft Purview, Tessian Strong scripting abilities (PowerShell, Python, Perl) Familiarity with vulnerability management , penetration testing, and security frameworks (NIST, ISO 27001, OWASP, GDPR) Proficient in managing compliance and infrastructure hardening against CIS benchmarks Qualifications: Degree in Computer Science, Information Security or related field Certifications such as CISSP, CEH, OSCP More ❯
support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable data protection laws (e.g., GDPR, CCPA, GLBA). Guide Data Protection Impact Assessments (DPIAs) for high-risk financial data processing activities. … Science, or a related field 5-7+ years of experience in information security, preferably in financial services. In-depth understanding of security frameworks (e.g., ISO/IEC 27001, NIST CSF, CIS Controls) and cybersecurity principles, practices, and regulatory requirements in the finance sector. Experience in security technologies such as firewalls, IDS/IPS, SIEM, encryption, and identity management. Experience More ❯