City of London, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate … experience building and scaling a GRC function in a complex environment. Deep knowledge of information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. More ❯
Central London, London, England, United Kingdom Hybrid / WFH Options
Bupa UK
Claire, and OpenSCAP). Extensive experience with Red Teaming, Purple Teaming and Attack Automation. Familiarity with industry regulations and compliance standards related to cybersecurity, such as NIST CSF, SOC2, PCIDSS, and ISO 27001. A relevant professional qualification in Cyber and Information Security (e.g., OCSP, CISM, CISSP, CEH) Experience of vulnerability management and security testing in cloud environments More ❯
City of London, London, United Kingdom Hybrid / WFH Options
FirstBank UK Limited
degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCIDSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯
City of London, London, United Kingdom Hybrid / WFH Options
The Curve Group
degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCIDSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯
City of London, London, United Kingdom Hybrid / WFH Options
The Curve Group
degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCIDSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯
City of London, London, United Kingdom Hybrid / WFH Options
The Curve Group
degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCIDSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯
City of London, London, United Kingdom Hybrid / WFH Options
The Curve Group
degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCIDSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯
security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. More ❯
Centers, we offer a complete end-to-end security services covering our clients’ security from every angle. Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk & Assurance services. What sets Integrity360 apart is our excellent team of people that drive the business forward. The company was founded with a focus on More ❯
Central London, London, England, United Kingdom Hybrid / WFH Options
GreatFind Recruitment
implement a comprehensive GRC framework across the group Conduct regular risk assessments and support vulnerability management Maintain and evolve security controls, policies, and standards Ensure compliance with GDPR, CIS18, PCIDSS, and ISO27001 Lead on third-party audits and provide documentation and evidence Support cybersecurity programmes and incident response planning Provide GRC advisory to senior leadership and cross More ❯
City of London, England, United Kingdom Hybrid / WFH Options
VE3
to work independently. Preferred Qualifications AWS Certified SysOps Administrator/DevOps Engineer – Professional. Experience with hybrid cloud/on-prem environments. Exposure to compliance frameworks (e.g., ISO 27001, GDPR, PCI-DSS). Benefits Work on cutting-edge technologies and impactful projects. Opportunities for career growth and development. Collaborative and inclusive work environment. Competitive salary and benefits package. Seniority More ❯
Azumi collection has 41 venues worldwide across five unique brands—including Zuma, ROKA, Oblix, Inko Nito and Etaru. What you will do: Lead our global cybersecurity strategy , aligning with PCIDSS, GDPR, ISO27001, and evolving regulatory requirements. Own incident response and risk mitigation , overseeing system security across POS, Azure, networks, and customer data platforms. Collaborate cross-functionally with … Champion a security-first culture , driving awareness, training, and the adoption of modern threat detection and prevention tools. What we look for: Strong understanding of compliance standards such as PCIDSS, GDPR, SOC2, ISO27001, Cyber Essentials Impressive verbal and written communication skills Experience with Azure CSSIP/CSIM/CompTIA+ or equivalent qualification 2 years’ experience in cyber More ❯
Antom, WorldFirst and ANEXT Bank. Role Overview: As a Lead Cyber Security Specialist, you will ensure alignment with European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCIDSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What … Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience Act) , ensuring alignment in areas such as incident reporting and data protection. Translate requirements from PSD2 SCA , PCIDSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third … with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: 5+ years in GRC roles ; financial services or banking. Understanding of GDPR , DORA , PCIDSS, and outsourcing/third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools . Proficiency in IAM (Identity and Access Management More ❯
businesses: Alipay+, Antom, WorldFirst and ANEXT Bank. Role Overview: As a GRC Lead, you will ensure alignment with European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCIDSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk, outsourcing compliance, and identity governance to safeguard operational resilience. What … Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience Act), ensuring alignment in areas such as incident reporting and data protection. Translate requirements from PSD2 SCA, PCIDSS, and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures Third … requirements. Security awareness management experience. What we are looking for: Experience: 5+ years in GRC roles; financial services or banking experience is a strong plus. Understanding of GDPR, DORA, PCIDSS, and outsourcing/third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools. Proficiency in IAM (Identity and Access Management) solutions More ❯
City of London, England, United Kingdom Hybrid / WFH Options
Parser
multi-product, Agile/DevOps environments. Perform hands-on threat and risk assessments across cloud, network, and infrastructure stacks; specify mitigating controls where needed. Align security practices with NIST, PCIDSS, GDPR, NIS, and NCSC guidance. Influence senior delivery colleagues and third-party partners, driving security decisions without direct authority. Implement security-by-design frameworks at the portfolio … in regulated, multi-product environments, with a focus on Agile/DevOps. Expertise in threat and risk assessments across cloud, network, and infrastructure stacks. Strong working knowledge of NIST, PCIDSS, GDPR, NIS, and NCSC guidance. Relevant certifications such as CISSP, ISO 27001 Lead Implementer, or SANS GIAC (or equivalent). Proven track record of influencing senior colleagues More ❯
City of London, London, United Kingdom Hybrid / WFH Options
83data
stakeholders, translating complex data needs into actionable plans. Mentor and lead data engineers, fostering continuous learning and technical excellence. Ensure compliance with datasecurity , privacy, and regulatory standards (e.g., PCI-DSS , GDPR ). Essential: 7+ years in Data Engineering, with 2+ years in a Principal or Lead role. Proven experience designing and delivering enterprise data strategies . Exceptional More ❯
Experience leading cross-functional teams in high-demand environments, demonstrating the ability to collaborate with product, marketing, operations and customer experience departments. Knowledge of security and compliance standards (e.g., PCI-DSS, GDPR) relevant to commerce systems and transactional platforms. Interview Process: 1-2 stage Panel Interview Our recruitment process typically takes around 4-5weeks, but we’re More ❯
desirable). Advanced knowledge of LAN’s, WAN’s & VPN technology including implementation and management. Significant knowledge of PowerShell scripting. Significant knowledge of Intranet & Internet technologies. Significant knowledge of PCI compliance and regulations for cloud and hybrid cloud transactional systems. Working knowledge of ITIL framework and IT Service lifecycle. Working knowledge of DPA and GDPR. Qualifications: Educated to Degree More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Stott and May
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Stott and May
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Stott and May
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯
internal and external resources, while holding team accountable for performance• Demonstrated experience in delivering strategic IT transformation projects. • Experience delivering SaaS based telephony platforms.• Familiarity with call centre operations, PCI-DSS, and telephony requirements in a regulated environment.• Experience managing stakeholder engagement across technical, compliance, and business functions.• Extensive experience of Change Management/Project Management/Risk More ❯
environment in the financial services or fintech industry Experience in other cloud platforms (Azure, Google) Experience in other programming languages Experience with financial regulations and compliance requirements (e.g. GDPR, PCI-DSS) For more info, please reach out. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have More ❯
testing methodologies and forensic analysis techniques. Experience in writing content/polices for monitoring in line with MITRE ATT&CK framework Familiarity with regulatory requirements such as GDPR, HIPAA, PCIDSS, and industry standards like NIST Cybersecurity Framework. More ❯