1 to 25 of 40 Permanent Security Posture Jobs in London

Information Security Officer Key Responsibilities: - Perform security assessments for vendors and projects, identifying risks and recommending mitigation strategies. - Ensure compliance with security policies and standards in all vendor and project activities. - Develop and maintain frameworks for security assessments. - Stay updated on emerging security threats and … industry trends. - Participate in incident response and investigations. - Collaborate with procurement to evaluate and manage vendor security. - Review vendor documentation to assess security posture. - Apply risk management principles to prioritize and mitigate security risks. - Support the development and enforcement of security policies and procedures. - Conduct security awareness training for staff. Skills and Experience: - Over 5 years of information security experience. - Preferred certifications: CISA, CISM, or CISSP. - Strong knowledge of security principles, standards (e.g., ISO 27001, NIST), and best practices. - Experience in security assessments and risk management. - Familiarity with regulatory requirements (e.g., GDPR more »

tax planning, offering home finance and annuities propositions, and providing collective fund solutions to third party customers. Job Summary We are seeking a Lead Security Cloud Engineer with strong DevSecOps skills to join our team. The successful candidate will be a part of the product team responsible for ensuring … will be involved in every stage of product lifecycle of the platform from conception, design, implementation, testing and through to operational support - applying a security focus at all points. Moreover, you will be looking at security across all products in our cloud estate. With automation at the heart … everything we are doing, you should have a strong hands-on understanding of CI/CD tools, IaC, and the best ways to integrate Security into the product lifecycle. We are looking for Azure experience, though strong experience in any cloud is welcome. CLUK are looking to move to more »

We are hiring for Lead Security Analyst for London, UK location with remote working flexibility. Job Title: Lead Security Analyst Job Type: Permanent Location: London, UK(Remote) Job details: Purpose of the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident … post-incident to understand the root cause and to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating potential threats and vulnerabilities to ensure that the organization is prepared to defend against … them. Strategic Defense Implementation: Putting in place robust security measures to protect the organization's information assets. Cross-Team Coordination: Collaborating with various teams and entities to ensure a unified security strategy. This role demands a proactive mindset, deep technical expertise, and strong leadership skills to navigate the more »

+ Bonus + Benefits Locke & McCloud are looking for an experienced Senior DevSecOps Engineer to join our client who’re currently building out their Security Engineering team within their established Cyber Security function. In this role, you will be part of a growing team that will enable you … to lead the growth and development of various DevSecOps and Security Architecture projects, influence and implement change, with various opportunities to lead and grow a team. Main responsibilities: Collaborate with cross-functional teams to implement security practices throughout the SDLC, emphasising DevSecOps principles. Design, implement, and manage security controls and automation tools to enhance the security posture of cloud-based applications and infrastructure. Conduct thorough security assessments and risk analyses, identifying vulnerabilities and recommending remediation strategies. Develop and maintain security policies, standards, and procedures in alignment with industry best practices and compliance requirements. more »

Job Post: Principal Security Platform Engineer - Infrastructure Location: London, Hybrid (1 day per week) Type: Full-Time Salary: Up to £90,000 Our client, a highly respected and well-established household name, is seeking a talented Principal Security Platform Engineer - Infrastructure to join their dynamic team. This is … an excellent opportunity to make a significant impact on the security posture of a leading organization. Key Responsibilities: Manage and improve the security posture of our client's on-premise estate, including endpoints and mobile devices Ensure compliance with security standards and drive remediation processes … Optimize security controls and configurations within infrastructure technologies Contribute to the development and implementation of security policies and procedures Define security standards and guardrails, supporting their implementation and ongoing support Essential Qualifications: Minimum 5 years of relevant experience in infrastructure security related to endpoints and mobile more »

Lead Security Engineer - Azure, Zscaler - £80,000 - £95,000 + bonus - FinTech A groundbreaking FinTech startup, backed by industry titans who are revolutionizing digital asset security for institutional investors, are looking for a Lead Security Engineer to look after their Azure infrastructure from a security perspective. … As the Lead Security Engineer, you will be have a substantial effect on the organization as they are building the future of secure crypto trading, so as you can imagine, security is at the heart of everything they do! This is a new role within the company as … they are currently going through a large digital transformation and are rapidly growing, so you will be building the security engineering function from the ground up and potentially building a team around you in the future. What will the Lead Security Engineer be doing? You will be the more »

Job Post: Principal Security Platform Engineer - Cloud Location: London, Hybrid (1 day per week) Type: Full-Time Salary: Up to £90,000 Our client, a highly respected and well-established household name, is seeking a talented Principal Security Platform Engineer - Cloud to join their dynamic team. This is … an excellent opportunity to make a significant impact on the security posture of a leading organization. Key Responsibilities: Manage and improve the security posture of our client's cloud environments hosted by strategic providers Ensure compliance with security standards and drive remediation processes Optimize security controls and configurations within cloud technologies Contribute to the development and implementation of security policies and procedures Define security standards and guardrails, supporting their implementation and ongoing support Essential Qualifications: Minimum 5 years of relevant experience in security engineering Extensive hands-on experience implementing and configuring more »

Job Post: Principal Security Architect Location: London, Hybrid (1 day per week) Type: Full-Time Salary: Up to £110,000 Our client, a highly respected and well-established household name, is seeking an experienced Principal Security Architect to join their dynamic team. This is an excellent opportunity to … make a significant impact on the security posture of a leading organization by identifying capabilities needed for InfoSec success and driving secure-by-design principles into business and technology change activities. Key Responsibilities: Clearly articulate needed capabilities, identify gaps, and assess improvement opportunities Map required InfoSec capabilities using … personal, organizational, and industry knowledge Communicate with stakeholders and sponsors to understand ambitions, issues, limitations, and constraints related to Security Architecture Create and maintain architecture artifacts and collateral Support InfoSec leadership in developing and implementing the InfoSec strategy Actively participate in Enterprise Architecture & Design community and governance processes Ensure more »

Information Security Officer Key Responsibilities: - Perform security assessments for vendors and projects, identifying risks and recommending mitigation strategies. - Ensure compliance with security policies and standards in all vendor and project activities. - Develop and maintain frameworks for security assessments. - Stay updated on emerging security threats and … industry trends. - Participate in incident response and investigations. - Collaborate with procurement to evaluate and manage vendor security. - Review vendor documentation to assess security posture. - Apply risk management principles to prioritize and mitigate security risks. - Support the development and enforcement of security policies and procedures. - Conduct security awareness training for staff. Skills and Experience: - Over 5 years of information security experience. - Preferred certifications: CISA, CISM, or CISSP. - Strong knowledge of security principles, standards (e.g., ISO 27001, NIST), and best practices. - Experience in security assessments and risk management. - Familiarity with regulatory requirements (e.g., GDPR more »

We’re looking for an experienced Cyber Essentials Sales Consultant to join our growing Cybersecurity Company. CyberLab is a fast-growing cyber security consultancy business delivering Cyber Security as a Service (CSaaS) to our clients, as well as offering a range of consultancy services such as compliance and … work, a great place to be a customer” The Role: Our CSaaS portal delivers an innovative web app for organisations to manage their cyber security posture and understand their cyber risks giving them a competitive advantage. You will have the opportunity to sell a truly unique technology within … as part of a small team, you will have current experience in sales, in either a direct or channel capacity. Additionally, experience of cyber security would prove useful, but is by no means a prerequisite. This is a great opportunity for someone wanting to further their sales career in more »

London, UK(Hybrid) Job Type: Fixed Term Contract(6 Months + Possible extensions) Job Description: Overview The Capability Maturity Assessment Consultant collaborates with the Security Advisory team to assess organizational security maturity. The ideal candidate has significant experience in BIG4 companies and in-depth knowledge of frameworks like … NIST and ISF. Requirements Experience working at a BIG4 firm, focusing on security assessments, consulting, or risk advisory services. Comprehensive understanding of the NIST cybersecurity framework and its practical application in assessments. Familiarity with the Information Security Forum (ISF) and its methodologies for measuring security maturity. Ability … to assess an organization's security posture, identifying strengths and areas for improvement. Experience in measuring and benchmarking security maturity across different domains within an enterprise. Ability to work on project-based engagements with a focus on security advisory services, for up to 6 months. more »

Job summary The North Middlesex Digital team are looking to recruit a Cyber Security Analyst to protect North Mid's computer systems, networks, and sensitive data from security breaches, cyber attacks, and other digital threats. You will be responsible for analysing the security measures in place, identify … vulnerabilities, implement security solutions, and respond to incidents to ensure the integrity, confidentiality, and availability of information. Main duties of the job The core purpose of this role is to provide specialist advice to the Trust on cyber security risk and recommend actions to address the risks and … required to develop the required training so that all staff are able to protect themselves and others from fraud and cyber crime. The Cyber Security Analyst will monitor and triage vulnerabilities from various sources and based on relevance and criticality, identify mitigations for the vulnerabilities, and provide guidance on more »

We are looking for a Security Consultant with extensive experience in providing end-to-end security assurance for business projects. The ideal candidate will have a strong background in threat assessments, architectural design reviews, third-party risk assessments, RFP security requirements, network security, IDAM projects, ransomware … remediation, pen test scoping, and HLD/LLD reviews. Responsibilities: Perform threat modelling to identify potential security vulnerabilities and risks. Assess high and low-level architectural designs to identify security risks and provide recommendations for mitigation. Provide security requirements for RFPs and score RFPs based on security criteria. Conduct assessments of third-party security posture to ensure compliance with security standards. Create scopes for penetration testing, organize pen tests, review results, and oversee remediation efforts. Collaborate with project teams to agree on specific security controls and gather evidence of implementation. Identify and more »

We present an exciting opportunity to join a prominent organization in the financial services sector. They actively seek an experienced Cyber Security Engineer to ensure the company's adherence to security standards. Responsibilities: Collaborate with technology and business teams to implement security processes, technologies, and controls, serving … as the authority for security-related inquiries. Define, design, implement, and maintain security solutions tailored to the business's requirements. Support the definition, execution, and continuous improvement of key cybersecurity processes, including vulnerability and patch management, security incident response, monitoring, endpoint security, identity and access management … network security, and cryptography. Assist in developing and maintaining security policies, processes, incident response management plans, and playbooks. Create and document standard operating procedures and protocols. Provide expertise on security requirements for core technology processes, such as asset management, change management, third-party management, technology development and more »

Senior Application Security Engineer We are looking for an information security professional to lead my clients application security program. As a Senior Application Security Engineer, you’ll partner with product teams to help improve the security posture and design of both our enterprise and … consumer-facing products. You'll be part of a team developing a modern AppSec program with a highly automated approach to security coupled with a collaborative approach to working with Engineering partners. You’ll be operating in a fast paced, agile environment, with a goal of making security … will have a huge impact on the product roadmap, and in building a trusting relationship with the engineering community. What you'll do Provide security guidance to engineering teams on new products and technologies Taking ownership and driving the application security and privacy initiatives Perform threat modeling and more »

Role: Senior Security Operations Engineer Location: Central London - Hybrid (2-3 days in office per week) Salary: c.£150,000 Base, £200k+ Total Comp Our client is a pioneering quantitative investment manager, who are building an elite global security team. We're looking for an exceptional Senior Security Operations Engineer to play a vital role in shaping their future security posture and operations. In this pivotal position, you'll have the opportunity to design and implement cutting-edge security capabilities across a complex technology ecosystem. With teams distributed worldwide, you'll collaborate with experts … and ultra-low latency trading. Technologies span AWS, Azure, Linux, Windows, Docker, Kubernetes and more. What You'll Do Architect and automate sophisticated, scalable security systems, processes and controls Oversee and evolve comprehensive security monitoring, threat detection and intrusion prevention/response Proactively assess risks and threats to more »

Albany Beck are hiring for a Security Engineer to work on a long term programme of work with a global insurance firm. They are committed to delivering cutting-edge solutions in the rapidly evolving insurance landscape. As a Security Engineer with expertise in Microsoft Azure, you will play … in fortifying our clients digital defences. This position offers an exciting opportunity to collaborate with industry experts and make a significant impact on the security posture of a global insurance leader. Responsibilities: Design, implement, and maintain security solutions within the Microsoft Azure environment, leveraging Azure Defender capabilities. … Deploy and configure DAST & SAST tools to conduct comprehensive security assessments of applications and systems. Implement EASM strategies to ensure the secure development and deployment of enterprise applications. Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle (SDLC). Monitor security more »

Freelance Third Party IT Security Manager contractor needed Belgium based or UK based. long term contract Rate per day ASAP start Key responsibilities: Third-Party Assurance Lifecycle & Support the transformation of the activity Execute Third Party Due Diligence, risk profiling, onboarding, re-certification; Make an opinion on Third Party … Security Posture ; Define Remediation where applicable Support Contract Management - ensure that the security expectations included in the contract are proportionate to the risk profiling Contribute to the DORA regulation implementation – translate DORA requirements into actionable processes & materials (contract, assessment templates, …) to be used by the team. Core … Skills Previous experience in Third Party Security Management (i.e. Due Diligence, etc.) Knowledge of control frameworks, e.g., ISO 27000, NIST, CIS-20, COBIT-5 Knowledge of relevant regulations, i.e. DORA, Outsourcing, ESMA, etc. Previous experience in supporting or delivering of large scare regulatory change initiative Experience with contract review more »

Are you a highly skilled and experienced security architect looking for a new opportunity with a global company? We are currently working with a well-known global company who are seeking a talented individual to join their team as a Security Architect. As a Security Architect, you … will be responsible for designing, building, and implementing security solutions for our global network. Key technologies that you will be working with include Rapid 7 and OKTA, so experience with these platforms is essential. In this role, you will collaborate with cross-functional teams to ensure that our security infrastructure is up-to-date and effective in protecting the company's assets. You will also be responsible for identifying and mitigating security risks, as well as developing strategies to improve overall security posture. The ideal candidate will have a strong background in security architecture, as more »

assets. As the Head of IAM, the individual will lead a team of IAM professionals, collaborate with key stakeholders, and drive initiatives to enhance security posture and streamline access management processes. Key Responsibilities: Develops and executes IAM strategies aligned with business objectives and regulatory requirements. Leads the design … access controls. Oversees the operation of IAM technologies, ensuring system reliability, scalability, and performance. Establishes and enforces IAM policies, standards, and procedures to mitigate security risks and ensure compliance with industry regulations. Leads the evaluation and selection of IAM solutions, vendors, and technologies. Collaborates with internal teams and external … team members, fostering a culture of continuous learning and professional development. Monitors emerging trends and best practices in IAM, recommending innovative solutions to enhance security posture and operational efficiency. Serves as a subject matter expert on IAM matters, providing guidance and support to clients and internal stakeholders. Qualifications more »

Information Security Risk Analyst Location: Hybrid - London Package: Negotiable + Benefits The Information Security Risk Analyst III at Brown & Brown is responsible for analysing information security controls both within our organisation and with third-party entities. This analysis aims to identify and assess associated information security risks, and effectively communicate these findings to the business stakeholders. This role requires a thorough understanding of information security principles and practices, as well as the ability to evaluate complex systems and processes. The Information Security Risk Analyst III plays a crucial role in safeguarding our organisation … s information assets and maintaining a strong security posture. The day to day: research and analysis to handle inbound cybersecurity inquiries from company’s third parties. research and analysis related to vetting new or potentially new third parties. recommendations for communicating identified security risks of new or potentially more »

Senior Cloud Security Engineer What you’ll be working on: Configuring cloud security applications and security policies. Tuning alerts with the L3 Ops teams to ensure the right alerts are being alerted. Roll out a security solution across cloud accounts within all regions including Kubernetes & containers. … Objectives: To work closely with the Cloud Engineering teams to ensure the cloud platforms are complying to security standards and there is a remediation process. To work with the SOC team & automation team to ensure alerting is correct for any detections or incidents that Op's will need to … investigate. To improve the security posture of cloud devices in AWS, GCP & Azure. What you’ll bring: Sound knowledge from a Cloud security perspective & how to create, update and improve polices for prevention, compliance, and sensor standpoint. Experience engineering and securing AWS, GCP and Azure Cloud platforms more »

Job Title: Security Engineer Salary: £80,000 to £100,000 We are seeking a Security Engineer, for a fast-growing FinTech firm, specialising in Wealth Management and Financial Advisory. As the first dedicated cybersecurity professional you'll play a pivotal role in establishing and fortifying the firm's … and collaborating closely with key stakeholders, including Engineering, Head of Platforms, and Head of Compliance, you'll be the go-to expert for all security matters. Responsibilities: Lead the implementation of cybersecurity measures, serving as the primary point of contact for all security-related matters. Collaborate closely with … engineering teams to embed security-by-design principles into development processes. Conduct thorough reviews of existing tools and processes, identifying gaps and implementing enhancements to strengthen our security posture. Perform security scanning and vulnerability management, taking proactive measures to reduce operational risks. Monitor security alerts and more »

Senior AWS Platform Engineer - Appvia - Security Clearance eligibility required. Location: London, UK About Us At Appvia, we're committed to helping our customers navigate their journey to Cloud and DevOps maturity. As a leading provider in the industry, we offer cutting-edge technologies and services to support our clients … to architect their applications to be cloud native, or helping them transform existing applications to cloud native where possible. Implementing monitoring and alerting Improving security posture of applications being migrated Creating secure deployment patterns and templates/modules for application development teams to reuse. Gathering requirements for building … desirable, e.g.: AWS Certified: Solutions Architect Associate AWS Certified: Solutions Architect Professional Certification in Kubernetes administration is desirable: Certified Kubernetes Administrator (CKA) Certified Kubernetes Security Specialist (CKSS) Benefits Why join Appvia? We are a self-funded, London based startup; providing businesses with a fast and secure way to deploy more »

Senior IT Security Engineer Remote with 1-2 days in London per quarter as needed. 6-12 months, £500 per day Outside IR35 Experienced IT Security Engineer required to bolster the Info Sec team, specifically to translate risks and threats into clear guidance of what that means to … required action, with a practical and hands on approach to the delivery of the same. This role will make a big impact on improved security posture and maturing the security skills of the team and technical environment. Must be a willing coach, able to share knowledge and … expertise and influence and guide teams, with a desire to get hands dirty to deliver and drive security initiatives. Key responsibility areas: Network Security: Network Access Control (NAC) Implementation: Design, implement, and maintain a NAC solution to prevent unauthorized devices from accessing the corporate network. Firewall Rule Review more »