Oxford, Oxfordshire, South East, United Kingdom Hybrid / WFH Options
Unipart
flexible benefits scheme About the Job As our Head of Cybersecurity Governance Risk and Compliance youll work closely with business and technology teams, helping to articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and improvements. As part of your key responsibilities youll: Manage the day to day of the function and team Support … as required, including potential interaction with the Security Operations team, Technology teams and business stakeholders Working with the Security Architect ensure alignment of bid requirements with existing InfoSec standards and liaise with relevant teams for resolution where non-standard requirements are identified About You Wed love you to have the following skills and experience, but please apply if … Cybersecurity Governance Lead, GRC Manager (Cybersecurity), InformationSecurity Risk Manager, Senior GRC Consultant (Cybersecurity), Cybersecurity Risk and Compliance Lead, InformationSecurity Compliance Manager, Head of InfoSec Governance, ISO 27001 Compliance Lead, ISO 27001 Lead Implementer/Auditor, NIST Cybersecurity Framework, Risk management (cyber/informationsecurity), InformationSecurity Management System (ISMS), Control More ❯
As the Business InformationSecurity Officer for Risk and Brokering (R&B) you will be a crucial asset to WTW’s cyber security efforts, ensuing robust cyber security practices are embedded across the business unit and are aligned with the organisation’s overall security strategy. This role is to serve as the global trusted informationsecurity partner to the business and technology teams, supporting them to ensure security items are appropriately managed. This role is part of the extended Information & Cyber Security Leadership Team and resides within Corporate IT, reporting to the Lead Business InformationSecurity Officer. The Role Primary responsibly is the BISO for Risk and Brokering … R&B): Serve as a leader within the Information & Cyber Security Team, as the trusted advisor to R&B leadership, providing strategic cybersecurity insights and recommendations to ensure a cohesive approach to cyber risk management. Ensure cybersecurity practices and security by design are integrated into business unit initiatives, motivating business units to adopt efficient security controls More ❯
Eastleigh, Hampshire, United Kingdom Hybrid / WFH Options
Ageas
Job Title : InformationSecurity Assurance & Architecture Specialist Contract Type: Permanent, Full Time Salary Range: £33,200 - £41,500 depending on experience Location: Eastleigh, hybrid InformationSecurity Assurance & Architecture Specialist: At Ageas, we are committed to protecting our customers, employees, and systems through robust informationsecurity practices. We are seeking a InformationSecurity Assurance and Architecture Specialist to join our growing team. This role is critical in ensuring our security architecture aligns with business goals and regulatory requirements, while also providing assurance over the effectiveness of our security controls. Reporting into the Assurance and Architecture Manager, you will be responsible for supporting and operating the day-to-day activities relating … to security, initiatives, controls and governance processes. This role is a combination of internal consultancy, change management and assurance activities to provide confidence to the business that we are meeting our security goals. You will act as the bridge between our technical teams and operational functions and are therefore required to have excellent communication skills, including the ability More ❯
help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it? Reporting to the Senior Governance, Risk & Compliance Officer, the InformationSecurity Officer will assist in strengthening the organisation's security posture within a large, complex, and fast-paced environment. This role supports the development and implementation of … GRC policies, risk management frameworks, and control processes to ensure the confidentiality, integrity, and availability of Keyloop's information assets. The InformationSecurity Officer will work cross-functionally with stakeholders across diverse teams and departments to embed strong informationsecurity practices throughout the business. The role also includes identifying and tracking risks within the supply … chain and supporting the organisation's broader informationsecurity governance, risk, and compliance efforts. A critical part of this role is helping to promote a strong risk-aware culture and embedding positive security behaviours across the organisation. Role & Responsibility : The job holder will be responsible for assisting and supporting in a range of activities across the Governance More ❯
have over 250k customers across the UK across 20 different sectors including construction, transport, retail, hospitality education, facility and property management, manufacturing, local and central government. Role Summary : The InformationSecurity Officer is responsible for implementing, maintaining, and overseeing informationsecurity andcybersecurity policies, procedures, and controls to protect the organization's digital assets. They work closely … with the CISO,Legal, Compliance, technical and business teams to ensure proactive protection against cyber threats, regulatory compliance,risk management and response to security incidents. The role will build relationships with departments to ensure identification and continuous progression of security threats in ourfast-paced SaaS technology business. This role blends operational security, threat intelligence, and user education … to support a robust security posture across the organisation. Job Responsibilities: • Develop, integrate, maintain, and establish informationsecurity policies, standards, and procedures or guidelines acrossthe organisation. • Development of new organizational processes within the organization. • Ensure the organization's internal regulatory compliance. • Monitor compliance with regulations such as ISO27001, NIST, NIS2, SOC2, ENS, or ANSSI. • Maintenance of InformationMore ❯
Guildford, Surrey, England, United Kingdom Hybrid / WFH Options
Sanderson
Role: InformationSecurity Analyst Location: Guildford (Hybrid options available) Salary: Circa £45,000 (plus comprehensive benefits package) Start date: ASAP My client, a leading financial services organisation, is looking for an InformationSecurity Analyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture … by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing security controls and managing informationsecurity risks Interpret and apply requirements from the Group InformationSecurity Framework Conduct gap assessments, identify … risks, and support maturity uplift across security functions Develop and maintain an informationsecurity controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group InformationSecurity Framework Facilitate reviews and updates More ❯
Hampshire, England, United Kingdom Hybrid / WFH Options
Proactive Appointments
InformationSecurity Assurance Specialist - HYBRID - 1 day a week in the office We are currently working with one of our biggest customers for are in the Financial Services sector. We are looking for someone who can join their growing team as an InformationSecurity Assurance Specialist. Reporting into the Assurance and Architecture Manager, you will be … responsible for supporting and operating the day-to-day activities relating to security, initiatives, controls and governance processes. This role is a combination of internal consultancy, change management and assurance activities to provide confidence to the business that we are meeting our security goals. You will act as the bridge between our technical teams and operational functions and … are therefore required to have excellent communication skills, including the ability to explain complex IT concepts to all levels. Skills and experience you need as InformationSecurity & Assurance Specialist: Strong understanding of all security principles and underlying technologies and how they apply to technological and business solutions Demonstrable ability to design security controls, procedures, policies and More ❯
InformationSecurity Manager £70,000- £75,000 PA Central London Well-established construction engineering business is seeking an experienced InformationSecurity Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming … years. The InformationSecurity Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider informationsecurity management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors … and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements. Responsibilities: Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving More ❯
Experience Years: 3-5 Years of Experience Employee Type: Regular Remote Type: Onsite About the Opportunity The role of InformationSecurity Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. As an InformationSecurity Engineer, you will be responsible for security operations, using and managing security systems, identifying and … managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of InformationSecurity Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. … As an InformationSecurity Engineer, you will be responsible for security operations, using and managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities More ❯
Software Security Engineer Department: Tech - Security Employment Type: Permanent - Full Time Location: Oxford, UK Reporting To: Head of InformationSecurity Description Are you ready to raise the bar on cyber security and contribute to making our flagship products cyber resilient? We are looking for a Security Engineer to join our InformationSecurity team at our Oxford headquarters. You will be working across software engineering, modelling, and data science bringing your full self, including your security knowledge and expertise to the business. As a Security Engineer at Aurora Energy Research, you will enable our colleagues to improve our secure software development lifecycle, ensure secure operational practices, and support compliance. You … on getting smart ideas into the hands of your colleagues. You enjoy working simultaneously on various initiatives and moving between teams. You will become part of a top-notch informationsecurity team who love solving difficult problems. By joining our InformationSecurity team, you will be part of something big and meaningful: help protect our brand More ❯
Slough, Berkshire, England, United Kingdom Hybrid / WFH Options
Michael Page Technology
The InformationSecurity Accreditation Manager will oversee and manage the accreditation processes, ensuring compliance and excellence in standards. This role requires a professional with expertise in technology-related accreditation to lead initiatives and maintain quality benchmarks. Client Details An international Cyber Security certification body focusing on advancing standards and certifications. It plays a pivotal role in fostering … trust and quality within its field, offering a collaborative and mission-driven environment. Description Lead the development, improvement and execution of Cyber and InformationSecurity accreditation strategy and process Lead a team of InformationSecurity Accreditors Collaborate with internal teams and external stakeholders to maintain high-quality standards. Oversee the evaluation and approval of accreditation applications. … accreditation criteria accordingly. Produce detailed reports and recommendations to support strategic decision-making. Represent the organisation at relevant industry events and meetings. Profile Proven experience in managing Cyber and InformationSecurity assessment and auditing processes. With team leading experience Strong understanding of ISO27001. Exceptional organisational and analytical skills. Ability to communicate effectively with diverse stakeholders. Experience in creating More ❯
Rickmansworth, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Senior plc
Overview of the role: At Senior, we are passionate about information security. With colleagues, customers, suppliers across 26 unique business across 12 different countries, you will have the opportunity to design and work on new innovative security projects and make a real difference to our overall InformationSecurity strategy. Right from the start you will become … part of our continual informationsecurity strategy, joining us on our journey and developing yourself along the way. Why Join Us? Work with a talented team of security professionals in a threat-driven environment. Ability to help shape the future of our cyber defence capabilities across a wide and diverse range of businesses. Competitive compensation and benefits … package. Flexible work environment with opportunities for remote work and professional development. Key responsibilities: Reporting to the Director of InformationSecurity & Information Technology, you will be responsible for: - Build and own Seniors threat intelligence strategy. Develop and own the threat management program with regular assessments, threat modelling, risk prioritisation and remediation activities. The individual will serve as More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards … Policies & Standards team, using newer technologies such as Artificial Intelligence and Machine Learning. Connect to your skills and professional experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the informationsecurity/cybersecurity domain, with a focus on policies and … standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common informationsecurity management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to More ❯
Winchester, Hampshire, United Kingdom Hybrid / WFH Options
Arqiva
Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment … travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our InformationSecurity Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other standards … Help identify and assess informationsecurity risks, working closely with the Cyber Risk Manager Provide guidance to colleagues on basic security best practices and requirements Contribute to reporting on the ISMS performance and improvement plans Support continual improvement initiatives and track progress Keep up to date with key trends and changes in informationsecurity and More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Cognibox
InformationSecurity Lead Auditor Department: Audit Employment Type: Permanent Location: Reading, UK Reporting To: Regional Operations Manager Description Please note, that a full driving licence is required as this is a field-based role. Join our growing Lead Auditor teams across the UK! At ISOQAR, we draw on our experience, knowledge, and ambition to empower organisations to achieve … solutions, the Alcumus Group helps organisations increase resilience and manage risk, protecting its customers, workforce, stakeholders, and the environment. Due to our continued growth, we are seeking professionals within informationsecurity to join our expanding Lead Auditor teams who support a breadth of clients across the UK . With onsite practical experience and deep knowledge of industry processes … embark on a 12-week training programme, including classroom and onsite learning with a Senior Lead Auditor to achieve your Lead Auditor qualifications within Quality Management Systems (9001) and InformationSecurity Management Systems (27001). What that means day to day The life of a Lead Auditor is both fun and varied, and no two days are the More ❯
Snelshall West, Milton Keynes, Buckinghamshire, England, United Kingdom
DS Smith
About the role Here at DS Smith, a multi-national sustainable packaging provider, we are looking for a Security Assurance Analyst to join our growing Security Team. The mission of the I&T Digital Security organisation is to deliver an efficient and effective service that has scalability and flexibility to support the demands of a FTSE … business.Supporting Head of InformationSecurity Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and relevant security policies and best … practices.In this position you will provide assurance and guidance that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policies.Visibility and the ability to build close working relationships with Information & Technology (I&T) team members, business stakeholders as well as external partners is essential. This will require some More ❯
issues within the day-to-day role to management. How You'll Do It Analyze, design, code, test, and deploy new user stories and product features with high quality (security, reliability, operations) to production. Understands the software development lifecycle and leverages critical thinking skills to properly evaluate features and functionality. Guides early-career engineers by providing learning tasks as … other engineers, architects, product owners and data scientists. Contributes to and leads technology communities of practice at Discover in areas of design-thinking, tools/technology, agile software development, security, architecture and/or data. Creates and enforces IT standards within the system/application infrastructure and compatibility with the architecture of the platform. Minium Qualifications At a minimum … here's what we need from you: Bachelors Computer Science, Engineering, Informatics, InformationSecurity, Information Technology or related Experience in Information Technology, (Software) Engineering, or related For roles requiring Dreyfus Rating - Internal applicants only: technical proficiency of competent on the Dreyfus engineering scale. Physical and Cognitive Requirements The physical requirements described here are representative of those More ❯
everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 The role of Cyber Security Consultant sits within the Cyber Security team in Three UK, which is responsible for providing subject matter expertise and guidance to business units across Three's Network and … policy and standards. In this role you will have a broad and challenging remit, you will therefore need to be flexible and agile in your approach, switching between different security disciplines within the team as necessary. You will be engaging in the delivery of multiple business initiatives by introducing baseline and enhanced security requirements and supporting their implementation … through guidance and advice. You will also be recommending security solutions and then providing design input and technical approvals, assurances, and governance of deliveries that the project carries out with our colleagues and partners. Within the Security team itself you will be expected to collaborate with the wider team and security colleagues providing technical support and guidance More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
DMS Computer Recruitment
The Role: We are looking for a Cloud Security Engineer with experience on AWS, to join our growing team. The successful candidate will have an essential role in ensuring the informationsecurity of our business. You will be working in a team that is designing and building resilient and secure Cloud environments that proactively prevent security threats. You will typically have industry accreditations like AWS Certified Security - Specialty The main responsibilities of the position include: Design and build resilient Cloud infrastructures that are protected against security threats Develop and assess Cloud security solutions to secure systems, databases and networks Conduct assessment and make recommendations to ensure that appropriate controls are in place … Gain insight into security incidents and threats by monitoring/analyzing logs and performing vulnerability assessments Participate in efforts that shape the company’s security policies, procedures and standards for use in Cloud environments Create technical and managerial level security reports for Cloud-based applications and infrastructure Implement and tests network and security Disaster Recovery procedures More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Thames Water Utilities Limited
up to £72,600 per annum Job grade B Closing date 15/07/2025 As the Critical Asset and Classification Lead , you will be part of the InformationSecurity team, focused on identifying, managing, and protecting Thames Water's most critical data assets, often referred to as "crown jewels." This role will also lead the development … you'll be doing as the Critical Asset and Classification Lead: Critical Asset Framework Development: Lead the development and ongoing refresh of the framework for identifying and protecting critical information systems and data assets. Data Classification Methodology: Design and implement methodologies to classify data assets based on sensitivity, criticality, and business importance. Security Controls Monitoring: Assign and monitor … appropriate security controls aligned with system criticality and data classification standards. Asset Register Management: Maintain and periodically review registers for both critical information systems and information assets. Cross-functional Collaboration: Collaborate with business and digital teams to identify, score, and categorise critical assets and ensure alignment with strategic security objectives. Compliance & Best Practice: Ensure data classification More ❯
InformationSecurity Analyst We are looking for an InformationSecurity Analyst working as part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will involve vulnerability management, making sure security controls are functioning, mentorship of more junior members and working as part of a 24 x … remote support rota. If you have experience of working in Information or Cyber Securityand are keen to make a difference here is what we are looking for: Significant experience of working in a security related role, with demonstrable experience. A demonstrable passion and enthusiasm for security with a willingness to learn A strong understanding of Risk Assessment … frameworks and methodologies The ability to explain complex security issues in a fashion that could be understood by non-technical people. Knowledge of cloud security, with a knowledge of Azure/O365 Possess a knowledge of various technologies, how they can combine and how a system should be designed. More ❯
value everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Create & Maintain an informationsecurity management system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application … to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders, published, and communicated. Also, ensure that policies are managed throughout their lifecycle and updated through yearly … or ad-hoc reviews. Produce relevant security standards documentation in consultation with Technical teams. Lead on providing information to Three UK Customers (B2B) regarding Three UK's security practices. Support proactive and effective oversight of technology and security risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Assist in designing, building, and More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Pertemps
As a Control Testing Lead , you will play a key role within the InformationSecurity team, supporting the Control Test and Assurance Manager in the delivery of the Control Test and Assurance Programme. This role requires solid experience in control testing within InformationSecurity, with a focus on evaluating control effectiveness and ensuring compliance with internal … Manager, with whom you will work to deliver the goals of the company to have a stable and fit-for-purpose control testing environment that supports the organisation's security and compliance objectives. What you'll be doing as a Control Testing Lead Support the implementation of the Control Testing Framework. Execute control testing in line with defined procedures … the role To thrive in this role, the essential criteria you'll need are: Proven experience in performing control assessments, including evaluating design and operational effectiveness. Strong understanding of informationsecurity principles, risk management, and control frameworks. Experience in IT, OT and Cloud environments. Clear and professional verbal and written communication, including the ability to explain technical issues More ❯
InformationSecurity Assurance Specialist - Permanent Up to £41,500 Eastleigh (Hybrid - one day a week in office) Are you ready to take your security career to the next level? We're working with a leading organisation to recruit an InformationSecurity Assurance & Architecture Specialist for a permanent role based in Eastleigh , with just one day … a week in the office . This is a fantastic opportunity to join a forward-thinking team that's embedding security into every layer of business and technology. About the Role: This position plays a key role in delivering security assurance, architectural input, and governance processes. You'll collaborate across technical and operational teams to ensure robust security controls and compliance with industry standards. Key Responsibilities: Conducting assurance reviews and risk assessments Embedding security into solution designs Supporting incident response and post-incident analysis Ensuring compliance with GDPR, ISO27001, NIST, and other frameworks Advising on threat modelling and mitigation strategies What We're Looking For: Strong understanding of security principles and frameworks Experience designing and More ❯
Jam Management Consultancy Limited T/A JAM RECRUITMENT
InformationSecurity Specialist (ISO Certified) About the Role Our client, a leading organisation in Berkshire, is seeking an experienced InformationSecurity Specialist with in-depth knowledge of ISO 9001, ISO 14001, ISO 22301, ISO 27001, and PCI-DSS compliance. This role will be central to designing, implementing, and maintaining best-in-class security and compliance … frameworks, ensuring that all information assets and operational processes are safeguarded to the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. Collaborate with internal stakeholders and external auditors to achieve … and maintain certifications. Deliver organisation-wide security and compliance awareness training. Monitor and report on security performance, providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools More ❯