cryptography practices (e.g. PKI) Cloud environments (Azure, AWS) Fundamental understanding of privacy and dataprotection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside More ❯
annual external audits required to support certification. Ensure data security and compliance with relevant legal, regulatory, contractual and policy requirements. Ensure process and requirements are met to support GDPR compliance and protection of personal data. Maintain and improve level of compliance with ISO 27001:2022 and Cyber Essentials Plus requirements. Work in partnership with development staff to embed More ❯
malware analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation. More ❯
CD pipelines and cloud deployments. Manage output from cloud-native security tools (e.g., AWS GuardDuty, Azure Defender). Ensure compliance with industry regulations and standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide security guidance on architecture, design reviews, and cloud migrations. Create and maintain cloud security documentation, training materials, and incident response playbooks. Stay current on emerging cloud security More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management: Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and other relevant legal and contractual obligations, as well as application security standards. Risk Management : Lead the information security risk management process, including identification, assessment, treatment, and monitoring More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
Services. Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to More ❯
foster a strong security-first culture Compliance & Governance Work in partnership with the Compliance Manager and DPO to ensure security measures support dataprotection obligations (e.g. UK GDPR). Maintain up-to-date records of security incidents, policies, and audit logs - ensuring documentation is meaningful and accessible. Support leadership with security input into market entry, overseas operations, and More ❯
IT certifications such as CompTIA A+, Network+ * Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+ * Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR). * Experience in scripting or programming languages including PowerShell for automating security tasks. Person Specification: * Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by More ❯
consumption. Data Management and Governance: Strong knowledge of data management principles and best practices, including data governance frameworks. Experience with data security and compliance regulations (GDPR, CCPA, HIPAA, etc.). Leadership and Communication: Exceptional leadership skills to manage and guide a team of architects and technical experts. Excellent communication and interpersonal skills, with a proven ability More ❯
incident monitoring, detection, response via SOC and MSSPs. Manage security tools like SIEM and endpoint protection. Lead incident response and post-incident analysis. Enforce policies for data privacy (GDPR & NIST). Conduct regular security audits. Manage vendor relationships and negotiate contracts. Report service performance to stakeholders. Coordinate with other Tosca functions for effective implementation. Other relevant responsibilities as required. More ❯
Ensure high availability, disaster recovery, and data integrity across platforms. Perform database modeling, normalization, and capacity planning. Establish data security policies, access controls, and compliance processes (e.g., GDPR, HIPAA). Mentor junior database developers and provide technical leadership on database solutions. Work with stakeholders to understand data needs and translate them into technical solutions. Required Skills & Qualifications More ❯
remediation measures. Monitor systems, networks, and logs then Investigate security breaches, incidents, and other cybersecurity events. Oversight of compliance for regulatory compliance requirements, such as SOC2, HIPAA, ISO 27001, GDPR etc, and ensure our systems adhere to these standards Conduct security awareness training sessions, enabling the business. Who you are Cloud security enthusiast - You're comfortable navigating AWS and GCP More ❯
internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing More ❯
internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint, Rapid7, Wiz.io , MS Defender, SIEM, vulnerability management, penetration testing More ❯
and customer feedback. Infrastructure And Security Ensure robust system architecture and IT infrastructure that supports business operations. Oversee cybersecurity measures to protect company and customer data, complying to GDPR requirements. Ensure interworking between on prem, private cloud and public cloud infrastructure to support platforms and products Optimize private and public cloud infrastructure, usage and cost, DevOps pipelines, and technical More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
employment status. If you are utilising a work visa this must allow you to work in the UK unrestricted for at least the next 5 years. In accordance with GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com /More ❯
Whetstone, Greater London, UK Hybrid / WFH Options
CLS Group
layers, particularly in risk management and security strategy development Lead efforts to assess and mature security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing More ❯
configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with security frameworks and compliance requirements, including GDPR, HIPAA, and PCI DSS. Provide guidance on data strategies for security monitoring, such as data persistence and streaming for long-term analysis and real-time detection. Assist clients More ❯
skills & knowledge: Broad knowledge of cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities and software security. Strong knowledge of regulatory requirements (e.g. GDPR, ISO27001, PCI-DSS) and experience in regulatory reporting. 3-5 years of experience in GRC, risk management, or compliance. A bachelor's degree in computer science, Cyber Security or similar More ❯
