1 to 25 of 36 Permanent Information Security Jobs in the Thames Valley

more sustainable than single-use packaging. To strengthen our IT department, we are currently looking for a Cybersecurity & Compliance Manager. This is a key role focused on ensuring the security and regulatory compliance of our systems and processes. The position offers flexibility and can be fulfilled either remotely (within the Greater London area) or in a hybrid setup from … Dudley. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT … knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role, with travel up to 30% of the time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST More ❯

different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and manufacturing site teams. You will review, manage and … where required prepare responses to internal and external customer enquiries in relation to information and cyber security arrangements. You will support IT, procurement, legal, data protection and digital security and business stakeholder in relation to supplier information and cyber security due diligence and requirements. As the successful candidate you will also lead risk-based party … security assurance, management, and continuous improvement activities. In addition, facilitate and coordinate IT risk management risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T More ❯

just to name a few! Job Description Your Career As a Senior Consultant in Unit 42 you will have the opportunity to work across a number of proactive cyber security domains including Cloud Security, Security Operations, Cyber Risk Management and Artificial Intelligence in cyber security. We are seeking an individual who is passionate about cyber security … consulting outcomes for clients, as they work to address the challenges associated with today’s cyber threat landscape. Your Impact SOC Advisory 4+ years of consulting experience in SOC, security engineering, SIEM administration, and incident management and demonstrated success with serving large, multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities … Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) Experience in security operations design, engineering and/or analysis and investigations More ❯

Job Description We are seeking a Senior Security GRC Manager to join our Group Technology team in Milton Keynes . You will play a pivotal role in shaping and advancing our security governance, risk, and compliance practices across the Group Technology function. You will have a hands-on role to monitor, report on and lead initiatives to strengthen … our security posture, ensuring regulatory alignment. This is an exciting opportunity to make a tangible impact, working with a diverse range of stakeholders and supporting the strategic direction of the business. Key Responsibilities: Governance & Compliance : Lead the development, implementation, and continuous improvement of security and technology control frameworks; maintain and update security policies and standards; support governance … forums, including Information Security, Business Continuity, and Audit & Risk Committees. Risk Management : Conduct operational risk assessments and provide expert consultancy on security risks, incidents, and investigations; identify and address gaps in controls, providing clear reporting and recommendations. Stakeholder Engagement: Collaborate with internal teams and external partners to manage security and technology risks; support external and internal More ❯

IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company £70–80k base + 10% bonus Hybrid in London Join a growing InfoSec team at a pivotal time for a global financial institution. This is an IT Security Manager role with governance oversight, guiding InfoSec operations, mentoring analysts, and translating security frameworks into practical, actionable … steps. You’ll influence policy, architecture, and data governance, all while supporting the secure rollout of new banking operations. What you’ll bring: 5+ years’ experience in InfoSec, IT Security, or operational security in a regulated environment Certifications: CISSP or SSCP (or equivalent) required Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not … just theory Experience mentoring staff or junior analysts (no direct line management required) Adaptability to a medium-sized, SME environment What you’ll be doing: Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation Data governance: Drive data protection, labelling, and retention projects using Microsoft Purview Third-party risk: Support supplier security More ❯

a culture of learning within the team, enhancing the professional capabilities of team members. Who We Look For Bachelor’s degree or higher, with 5+ years of experience in security assessment, IT audit, or consulting at a leading professional consulting firm or legal firm, in-house experience working in multinational company is a bonus Strong understanding of global compliance … marketing) and experience in compliance/product workflow design; experience in the internet/gaming industry is a plus. Expertise in global privacy regulations, including privacy principles, operational legal security frameworks, and compliance solutions. Proficient in IT audit, information security management, and IT/technology risk management, with the ability to resolve compliance risks effectively. Knowledge of … security control frameworks (e.g., ISO27001, ISO20000, ITIL, COBIT) and experience collaborating with information security teams to implement compliance requirements. Strong problem-solving skills, proactive work ethic, flexible thinking, and the ability to thrive under pressure. Able to use English and Chinese as working language to interact with stakeholders across the global Location: This role can be based More ❯

Director in Unit 42 is a senior-level consulting position. The individual will be responsible for the day to day delivery of our threat-led and technology driven cyber security consulting services through leading and directly overseeing a team of Consultants. This person will have experience in developing teams and working with sales and domain leaders. The Consulting Director … and Customer Success Manager (CSM) to deliver pitches and prepare proposals to win new business and manage client relationships. We are seeking an individual who is passionate about cyber security and making a difference. You will be a continuous learner and have a sound knowledge of emerging cybersecurity trends and technologies. The individual serves as a trusted advisor to … cross-sector clients. Your Impact Oversee the delivery of our proactive consulting services, ensuring their consistency, quality and highest level of customer service Provide hands-on, expert-level proactive Security Operations Center (SOC) assessment and transformation services to clients and deliver findings to CxO and/or Board of Directors Work with the BDM and CSM to perform pipeline More ❯

larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with non-technical audiences You will have awareness of common Information Security management frameworks such as ISO … COBIT, Information Security Forum and NIST. More ❯

that all documents, trackers, and related materials are kept up to date and stored appropriately in the correct drives Assist with any additional tasks or responsibilities as needed Maintain information security by complying with the company's Information Security Management System (ISMS) and all relevant policies About you: Experience: Project scheduling and coordination experience is an … be advantageous Personal Attributes: Possesses good written and verbal communication skills and the ability to communicate complex technical issues to non-technical clients. Keen to research new products and information around technical solutions that could provide answers and solve problems that benefit the whole team. Feel that every day is a day of learning and knowledge. Harnesses pressure to More ❯

Expertise in creation of solutions for risk and compliance advisory services (preferable candidates from Big4 organizations) • Capabilities of executing atleast 3-4 advisory/consulting engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL … MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term More ❯

Lead Cyber Security Engineer I’m working with a leading law firm that’s building out a brand-new Security Operations (SecOps) function and they’re looking for a Lead Cyber Security Engineer to help shape it from the ground up. This is a fantastic opportunity for someone who enjoys being both hands-on and strategic. You … ll not only be the technical lead on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role … Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email/web security, MFA, SSO, PAM, MDM/MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation efforts. Collaborating with external penetration testers and ensuring compliance with frameworks such as ISO More ❯

EC-Council is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of various world-famous cyber security programs. We are proud to have trained and certified over 400,000 information security professionals globally that have influenced the cyber security mindset of … assigned territory/accounts. Identify and develop new business opportunities with enterprise customers across industries. Engage with CXOs, CISOs, CIOs, and IT decision-makers to understand business needs and security challenges. Position company’s cybersecurity offerings (SOC, IAM, DLP, EDR/XDR, Cloud Security, Managed Services, etc.) as enterprise solutions. Lead end-to-end enterprise sales cycle – prospecting … Bachelor’s degree in business, IT, or related field (MBA preferred). 6–10 years of enterprise sales experience, with at least 3–5 years in cybersecurity/IT security solutions. Proven track record of achieving or exceeding sales quotas. Strong knowledge of enterprise cybersecurity landscape, threats, and technologies. Ability to build relationships with senior stakeholders and close complex More ❯

Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations Ability to perform travel requirements as needed to meet business demands (on average 20%) Mentorship of team members in incident … response and forensics best practices Qualifications Your Experience 8+ years of incident response or digital forensics consulting experience with a passion for cyber security Strong leadership skills including experience managing a team or individuals Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front Proficient with host-based forensics and data … and an excellent understanding of PANW products be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required Qualification Please note that this role requires eligibility for UK Security More ❯

Information Governance Specialist – Global Law Firm 📍 London (Hybrid – 2 days WFH) 💼 Global Law Firm | Strategic Impact | Cross-Functional Exposure The Opportunity We’re partnering with a prestigious international law firm to appoint a Specialist in Information Governance (IG) to join their London team. Operating across jurisdictions, this firm is known for its commercial acumen, high-stakes advisory work … and deep client partnerships — and information governance sits at the heart of it all. You’ll play a pivotal role in shaping and executing IG strategy across the global firm, helping ensure compliance with privacy, confidentiality, and security-related regulations, client requirements, and evolving data governance standards. Why This Role? ✅ Global Scope – Be a key contributor to the … international IG programme, collaborating with senior stakeholders across legal risk, IT, information security and business services. ✅ High-Impact Work – Lead strategic initiatives including data remediation, migration, retention and governance transformation. ✅ Autonomy & Influence – Act as a subject matter expert, shape policies, and educate legal professionals on best practice. ✅ Cutting-Edge Tools – Work with platforms like iManage, LegalKEY, Microsoft More ❯

Oxford or Glasgow, if preferred. Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow … professionally. Dionach by Nomios holds impressive certifications, including CREST, CHECK, PCI QSA, and ISO 27001. With our focus on enhancing customers' security and fostering team development, be joining a company that prioritizes both your growth and the safety of our clients. We're in an exciting phase of expansion and are looking for self-motivated individuals ready to thrive … Lead on-site customer engagements. Lead on developing and providing training courses. Oversee and issue detailed reports outlining findings, risks, and recommendations for remediation. Stay updated with the latest security trends, tools, and techniques. Participate in research and development projects. Focus on your development by attaining industry recognised certifications. Be available for occasional on-call duties and on-site More ❯

Oxford or Glasgow, if preferred. Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow … professionally. Dionach by Nomios holds impressive certifications, including CREST, CHECK, PCI QSA, and ISO 27001. With our focus on enhancing customers' security and fostering team development, you'll be joining a company that prioritizes both your growth and the safety of our clients. We're in an exciting phase of expansion and are looking for self-motivated individuals ready … Issue detailed reports outlining findings, risks, and recommendations for remediation. • Translate complex technical findings into actionable insights for both technical and non-technical audiences. • Stay updated with the latest security trends, tools, and techniques. • Participate in research and development projects. • Focus on your development by attaining industry recognised certifications. • Be available for occasional on-call duties and on-site More ❯

EC-Council is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of various world-famous cyber security programs. We are proud to have trained and certified over 400,000 information security professionals globally that have influenced the cyber security mindset of … quota and closing six and seven-figure enterprise deals. Expertise in managing long, complex sales cycles with multiple stakeholders - directly and with partners. Experience engaging technical (CISO, SecOps, IT Security) and business (HR, L&D, Procurement) buyers. Strong negotiation, presentation, and consultative selling skills. Excellent written and spoken English. Ability to travel across the UK, EU and internationally as … Opportunity to represent a globally recognized cybersecurity brand at a transformational time. Professional development benefits, including EC-Council Learning and Certification access. Growth environment with career progression opportunities. Additional Information: We are an equal opportunity workplace and an affirmative action employer. We are always committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual More ❯

an exciting opportunity for a seasoned leader to shape and embed its cyber and operational resilience capability at enterprise scale. About the Role Reporting directly to the Group Chief Information Security Officer and acting as their deputy, you will provide vision and direction across both cyber security and operational resilience, ensuring the organisation can withstand, adapt to … deliver a unified cyber and operational resilience strategy that aligns technology, business operations, and regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incident response, run crisis simulations, and strengthen supplier-risk management so critical … BCP is not required, but partnership experience is essential). Exceptional communication skills and board-level gravitas, with a track record of influencing senior stakeholders and shaping long-term security and resilience initiatives. Demonstrable success in building and motivating diverse, high-performing teams across technical and non-technical disciplines. This is a high-visibility appointment with direct exposure to More ❯

Architects, or Enterprise Architects, particularly in cloud-based or distributed systems. You will become an expert in our Gen AI platform, understanding both its capabilities and the governance and security requirements of our clients. You will independently manage complex challenges while maintaining a collaborative approach, working closely with internal teams to deliver comprehensive, secure, and innovative solutions. Key Responsibilities … Lead the design and architecture of AI-focused technical solutions, factoring in security, scalability, network requirements, and resource optimization. Act as a primary technical advisor to clients, providing expert guidance on the architecture and secure deployment of our Gen AI solutions. Influence the development of our product roadmap, aligning it with compliance needs and emerging trends in AI, cloud … and security technologies. Produce detailed architectural documentation, visual diagrams, and technical specifications to support deployment and client understanding. Provide mentorship and technical direction to deployment teams during client projects to ensure efficient and secure execution. Key Traits: In-depth knowledge of public cloud platforms (e.g., AWS, Azure, GCP) and their application in AI and machine learning environments. Experience with More ❯

training and guidance to client teams Help clients improve their DDoS and WAAP readiness Stay up to date on the latest cyber threats and technologies Requirements: Essential: Experience in information security or networking Understanding of network protocols (e.g. TCP/IP, DNS) Strong communication and client-facing skills A proactive, problem-solving mindset Fluent in written and spoken … evenings/weekends for planned exercises (not a 24/7 role) Desirable: Degree or equivalent experience Previous consulting or technical client-facing experience Background in SOC, Pen Testing, InfoSec, or Systems Admin Knowledge of BGP, WAF, CDN, or cloud platforms (AWS, Azure, GCP) Basic scripting (e.g. Python, Bash) for automation or analysis Please note that at times due to More ❯

role within afast-paced and dynamic environment, focused on the support, troubleshooting, and continuous improvement. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance and DV. Location: Reading The successful candidate will join a highly skilled team of support engineers providing technical infrastructure support. The role will require a flexible working ethic … the development of technical solutions. Participates as part of a team and maintains good relationships with team members, internal DXC Teams and customers. Uses knowledge tools and re- uses information for the benefit of projects, and of professional development. Education and Experience required: Bachelors degree in Computer Science, Engineering, or related field or equivalent work experience. professional-level certification … Identity and Access Management service support Active Directory Active Directory Federation Services (ADFS) Lightweight Directory Access Protocol (LDAP) Privileged Access Management principles knowledge and experience Multi Factor Authentication principles Information Security principles Windows Server 2003 to 2022 Group Policy Windows PKI DFS Microsoft Clustering Great customer service Good understanding of networks and Domain Structure What We Will Do More ❯

Office Demonstrated success in cost optimisation, value realisation, and spend analysis across IT categories Understanding of software licensing models, including SaaS, perpetual, subscription, and cloud-based agreements Familiar with information security, GDPR, and regulatory compliance as it applies to third party IT services For the full role profile please click the document attached. Please click on the link More ❯

Strategy & Transformation Deployment (IT) Analyst. You will be part of the S&T Deployment Commercial and Enabling functions, developing and deploying solutions into the UK & Ireland, and ensuring the security and efficiency of our projects, products and processes. You will guide internal customers to align with PepsiCo Enterprise Architecture standards, balance business needs with the latest digital technology trends … and act as a central contact for Region/Global teams. You'll collaborate with like-minded individuals to drive innovation and shape the future, ensuring the security and success of the business. Responsibilities Project & Governance Execution Lead onboarding, development, testing and rationalization of applications and products. Execute project governance and reporting using tools like Service Now. Ensure adherence … to Information Security, Enterprise Architecture and S&T governance standards. Stakeholder & Vendor Engagement Maintain strong relationships with vendors, OU, Region and Global teams. Act as the UK&I point of contact for Region and Global product and transformation teams, ensuring visibility and alignment with local needs. Collate and analyse business requirements and translate them into actionable activities or More ❯

adaptable, proactive, and committed to professional growth. The Role We are seeking a proactive and detail-oriented Compliance Coordinator to take ownership of compliance across quality, environmental, health & safety, information security, and data protection standards. This role will be central in achieving and maintaining certifications such as ISO 9001, ISO 14001, ISO 45001, ISO 27001 , as well as More ❯

responsible for partnering with your functional department to address complex business challenges, aligning with strategic goals and objectives. Collaborating closely with both the Engineering team and the Head of Information Security to drive technological excellence across your systems estate. You should be able to work independently and with other team members, leading on technical decisions and implementations. The More ❯