perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data Protection teams on policy alignment and compliance. Technical Review and Oversight Lead or More ❯
Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security across departments. Support Information Governance and Data Protection with policy harmonisation and compliance efforts. Technical Review More ❯
Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security across departments. Support Information Governance and Data Protection with policy harmonisation and compliance efforts. Technical Review More ❯
Carlisle, Cumbria, England, United Kingdom Hybrid / WFH Options
Cumberland Building Society
CISM. Where significant experience can be demonstrated, this will be considered You’ll have in-depth knowledge in information security, having very good experience of compliance such as ISO27001, NIST, PCI DSS, REP018, CBEST & CQUEST requirements, ideally holding the PCI Internal Security Assessor qualification. Skills, abilities and behaviours: Excellent interpersonal, written and verbal communication skills and the ability to work More ❯
background in Cyber Governance, Risk & Compliance or Information Security . Experience building management and board-level reports . Familiarity with CAF , SCF , or other security control frameworks (ISO 27001, NIST, etc.). Good understanding of risk management and supplier assurance . Excellent communication and stakeholder management skills. Comfortable working in a hybrid model - 3 days per week in Birmingham . More ❯
background in Cyber Governance, Risk & Compliance or Information Security . Experience building management and board-level reports . Familiarity with CAF , SCF , or other security control frameworks (ISO 27001, NIST, etc.). Good understanding of risk management and supplier assurance . Excellent communication and stakeholder management skills. Comfortable working in a hybrid model - 3 days per week in Birmingham . More ❯
security is embedded throughout the delivery lifecycle. This role is fully on-site in Basingstoke and will suit someone with a strong background in Secure by Design principles andNIST methodologies, who thrives in fast-paced, collaborative environments. Key Responsibilities: Lead the integration of security controls into infrastructure designs and solutions Act as the security subject matter expert across Scrum More ❯
