with business goals and technical feasibility. Governance & Risk Management Establish best practices for prompt engineering, model safety, bias mitigation, and responsible AI. Ensure compliance with data privacy regulations (GDPR, HIPAA, etc.) and internal governance policies. Define monitoring and observability strategies for GenAI systems in production. Stakeholder Engagement Translate business requirements into technical specifications and solution blueprints. Present architectural decisions andMore ❯
with business goals and technical feasibility. Governance & Risk Management Establish best practices for prompt engineering, model safety, bias mitigation, and responsible AI. Ensure compliance with data privacy regulations (GDPR, HIPAA, etc.) and internal governance policies. Define monitoring and observability strategies for GenAI systems in production. Stakeholder Engagement Translate business requirements into technical specifications and solution blueprints. Present architectural decisions andMore ❯
london (city of london), south east england, united kingdom
Capgemini
with business goals and technical feasibility. Governance & Risk Management Establish best practices for prompt engineering, model safety, bias mitigation, and responsible AI. Ensure compliance with data privacy regulations (GDPR, HIPAA, etc.) and internal governance policies. Define monitoring and observability strategies for GenAI systems in production. Stakeholder Engagement Translate business requirements into technical specifications and solution blueprints. Present architectural decisions andMore ❯
of Operational Risk practices in multinational setups providing B2B services. You have strong experience setting up Architectural roadmaps/Blueprints holistically. Exposure to regulatory compliance such as DORA, SOX, HIPAA, CSRD etc. Knowledge of architectural frameworks (e.g. TOGAF) and data/systems integration exposure. Strong communicator and good stakeholder management ability. What you'll get in return Flexible working options More ❯
of Operational Risk practices in multinational setups providing B2B services. You have strong experience setting up Architectural roadmaps/Blueprints holistically. Exposure to regulatory compliance such as DORA, SOX, HIPAA, CSRD etc. Knowledge of architectural frameworks (e.g. TOGAF) and data/systems integration exposure. Strong communicator and good stakeholder management ability. What you'll get in return Flexible working options More ❯
of Operational Risk practices in multinational setups providing B2B services. You have strong experience setting up Architectural roadmaps/Blueprints holistically. Exposure to regulatory compliance such as DORA, SOX, HIPAA, CSRD etc. Knowledge of architectural frameworks (e.g. TOGAF) and data/systems integration exposure. Strong communicator and good stakeholder management ability. What you'll get in return Flexible working options More ❯
in cross-functional collaboration. Familiarity with agile development methodologies and tools. Experience with AI/ML applications in cardiology or diagnostics. Knowledge of cybersecurity and data privacy regulations (e.g., HIPAA, GDPR). Experience with international teams and global product launches. Attributes We Value Creative thinker, proactive problem solver, and passionate about improving patient care through innovative product strategies. More ❯
london, south east england, united kingdom Hybrid / WFH Options
Aibidia
a cloud environment Integrating data pipelines with external services through APIs Enforcing data security measures, including encryption and access controls Designing data solutions adhering to regulatory requirements (e.g., GDPR, HIPAA)Implementing metadata repositories for tracking data lineage and dependencies Building data solutions leveraging different data ingestion methods and technologies Skills, Knowledge And Expertise Must have: Experience with cloud-based technologies More ❯
and regulatory systems (e.g., MasterControl, Rimsys) and customer platforms (Zendesk, SharePoint). Experience working in regulated industries (Healthcare/MedTech/Pharma) with knowledge of data privacy & compliance requirements (HIPAA, GDPR, MDR). Hands-on experience in data modeling, mapping, and integration feasibility assessments. Excellent facilitation and stakeholder management skills to lead discovery workshops. Prior consulting experience with Discovery/ More ❯
and regulatory systems (e.g., MasterControl, Rimsys) and customer platforms (Zendesk, SharePoint). Experience working in regulated industries (Healthcare/MedTech/Pharma) with knowledge of data privacy & compliance requirements (HIPAA, GDPR, MDR). Hands-on experience in data modeling, mapping, and integration feasibility assessments. Excellent facilitation and stakeholder management skills to lead discovery workshops. Prior consulting experience with Discovery/ More ❯
enterprise applications, and endpoint devices Utilise systems management tools such as Google Analytics, or similar for monitoring and asset control Ensure endpoint compliance with healthcare IT security standards, including HIPAAand internal cybersecurity policies Support hardware lifecycle management, including imaging, asset tagging Maintain IT service records via ticketing systems, ensuring SLA compliance and escalation where necessary Assist in the preparation More ❯
Collaborate with software development teams to integrate IAG solutions with existing IT infrastructure and applications. Compliance & Risk Management: Ensure that IAG solutions comply with relevant regulations, such as GDPR, HIPAA, and SOX. Conduct risk assessments related to identity and access management and recommend mitigation strategies. Implement and maintain audit trails and reporting mechanisms to track access and identity-related activities. More ❯
by driving secure, scalable DevOps practices across the organization. This includes building and automating infrastructure, championing compliance-ready CI/CD pipelines, and aligning system architecture with regulatory requirements (HIPAA, 21 CFR Part 11, FDA SaMD guidelines). You will work cross-functionally with engineering, product, compliance, and leadership teams to deliver infrastructure that meets the highest standards for availability … maintain secure, scalable cloud infrastructure for our digital health platform. Automate CI/CD pipelines and lead Infrastructure as Code (Terraform, CloudFormation). Implement DevSecOps best practices to meet HIPAA, SOC 2, and ISO 27001 requirements. Monitor system performance and availability using CloudWatch, Prometheus, Grafana, and related tooling. Collaborate with engineering, security, and product teams to drive end to end More ❯
regulated software products. You'll be responsible for aligning information security and data protection with our mission to deliver FDA-regulated digital therapeutics. This includes leading regulatory security compliance (HIPAA, 21 CFR Part 11, FDA SaMD guidelines), proactively managing risk, and collaborating across engineering, product, compliance, and leadership teams. Location NYC, London, Ramat-Gan This role is based in one … offering the opportunity to collaborate closely with our dynamic team in person. Responsibilities Design, implement, and lead Remepy's security practice and enterprise cybersecurity program Own security compliance with HIPAA, 21 CFR Part 11, FDA pre/postmarket cybersecurity guidance, and related frameworks Collaborate with Product, Engineering, and Compliance to embed security-by-design across our software lifecycle Lead enterprise … years in a senior leadership role Deep familiarity with security requirements in digital health, life sciences, or FDA-regulated software environments Proven track record managing security and compliance under HIPAA, FDA, and NIST Knowledge of GDPR, ISO 27001, SOC 2 and international security standards Experience with cloud-native environments (e.g., AWS), data encryption, identity management, and secure software development practices More ❯
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
Hays
information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and … compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem-solving capabilities. What We Offer: Competitive More ❯
as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners … technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project More ❯
as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners … technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project More ❯
as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners … technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project More ❯
london (city of london), south east england, united kingdom
HCLTech
as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners … technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project More ❯
as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Designing solutions related to advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of GRC services, team and delivery capabilities. • Manage local partners … technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Crimson
collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization's risk register. Support efforts to prepare for audits and maintain certification readiness. Collaborate with engineering and operations More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Crimson
collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization's risk register. Support efforts to prepare for audits and maintain certification readiness. Collaborate with engineering and operations More ❯
the firm, including General Counsel, Information Security, and Emerging Tech Risk teams, helping to shape best practices and ensure compliance with regulations such as UK/EU GDPR, DORA, HIPAA, and EU AI Act. The role offers a dynamic mix of hands-on risk management, internal auditing, and strategic input into global processes. It’s ideal for someone with a … General Counsel on data sourcing and best practice Ideal Profile: 2–5 years’ experience in data protection, risk, or compliance Strong working knowledge of UK/EU GDPR, DORA, HIPAA, and ISO27001 Experience in professional services (law firm experience is a plus) Confident stakeholder engagement and communication skills *Visa sponsorship is not available for this position More ❯
the firm, including General Counsel, Information Security, and Emerging Tech Risk teams, helping to shape best practices and ensure compliance with regulations such as UK/EU GDPR, DORA, HIPAA, and EU AI Act. The role offers a dynamic mix of hands-on risk management, internal auditing, and strategic input into global processes. It’s ideal for someone with a … General Counsel on data sourcing and best practice Ideal Profile: 2–5 years’ experience in data protection, risk, or compliance Strong working knowledge of UK/EU GDPR, DORA, HIPAA, and ISO27001 Experience in professional services (law firm experience is a plus) Confident stakeholder engagement and communication skills *Visa sponsorship is not available for this position More ❯
the firm, including General Counsel, Information Security, and Emerging Tech Risk teams, helping to shape best practices and ensure compliance with regulations such as UK/EU GDPR, DORA, HIPAA, and EU AI Act. The role offers a dynamic mix of hands-on risk management, internal auditing, and strategic input into global processes. It’s ideal for someone with a … General Counsel on data sourcing and best practice Ideal Profile: 2–5 years’ experience in data protection, risk, or compliance Strong working knowledge of UK/EU GDPR, DORA, HIPAA, and ISO27001 Experience in professional services (law firm experience is a plus) Confident stakeholder engagement and communication skills *Visa sponsorship is not available for this position More ❯
