security during internal and external audits and assessments Run lessons-learned forums and improve control effectiveness Produce detailed assurance reporting, metrics, and dashboards for stakeholders Key Skills & Experience: Minimum 2 years' experience in Information or Cyber Security, ideally in financial services Solid understanding of security risk management principles and taxonomy Working knowledge of GRC platforms - RSA Archer preferred Familiarity … with NIST CSF , NIST 800-53 , ISO 27001 , SOC 1 & 2 Good written and verbal communication skills for technical and non-technical stakeholders Strong documentation and risk reporting skills Knowledge of vulnerability management and incident management practices Experience planning, analysing, and presenting data to support risk decisions Desirable Certifications: CISM, CRISC, CISA , or MSc in Information Security Knowledge … of Prince2 , MSP , or APMQ beneficial Location & Working Model: Based in London Hybrid working model - 2 days onsite per week More ❯
Liverpool, England, United Kingdom Hybrid / WFH Options
MFK Recruitment
are still with the company and really enjoying their roles! As an IT Systems Specialist, the role will ensure seamless onboarding, lead IT infrastructure projects, and support compliance initiatives (SOC2 Type II and ISO 27001 audits). You will manage our core tools (Google Workspace, JumpCloud, HubSpot, 1Password, Jira) while collaborating across teams to optimize workflows and security. IT Systems … ensure compliance with access policies. Project Leadership: Migrate systems (e.g., email groups, Jira → HubSpot), implement SSO via JumpCloud, and manage tool integrations. Compliance Support: Partner with Vanta to maintain SOC2/ISO 27001 readiness; document controls, remediate findings, and prepare audit materials. IT Operations: Troubleshoot issues, manage device inventory, and enforce security policies (MFA, endpoint protection). Process Improvement: Automate … Requirements: 3-5 years in IT support, systems administration, or compliance-focused roles. Hands-on experience with Google Workspace, Jira, SSO tools (e.g., JumpCloud), and MDM solutions. Familiarity with SOC2 Type II and ISO 27001 frameworks (audit processes, control implementation). Strong project management skills; ability to prioritize tasks across multiple stakeholders. Excellent communication skills for translating technical concepts to More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Ultimate Asset
agency group. Cybersecurity & Compliance Own the organization’s cybersecurity end-to-end strategy— tech platforms, monitor, assess, and mitigate risks. Ensure compliance with data protection regulations (e.g., GDPR, ISO, SOC2). Develop and enforce IT policies, disaster recovery, and business continuity plans. Service Management & Support Manage IT support functions, ensuring responsive and high-quality service to employees. More ❯
agency group. Cybersecurity & Compliance Own the organization’s cybersecurity end-to-end strategy— tech platforms, monitor, assess, and mitigate risks. Ensure compliance with data protection regulations (e.g., GDPR, ISO, SOC2). Develop and enforce IT policies, disaster recovery, and business continuity plans. Service Management & Support Manage IT support functions, ensuring responsive and high-quality service to employees. More ❯
South East London, England, United Kingdom Hybrid / WFH Options
Ultimate Asset
agency group. Cybersecurity & Compliance Own the organization’s cybersecurity end-to-end strategy— tech platforms, monitor, assess, and mitigate risks. Ensure compliance with data protection regulations (e.g., GDPR, ISO, SOC2). Develop and enforce IT policies, disaster recovery, and business continuity plans. Service Management & Support Manage IT support functions, ensuring responsive and high-quality service to employees. More ❯
organizational goals and regulatory requirements. Security Operations Oversee security operations to monitor, detect, and respond to potential threats in real-time. Lead the establishment of a Security Operations Center (SOC) for continuous monitoring and threat intelligence. Continuously evaluate and enhance security tools, technologies, and processes to stay ahead of evolving threats. Application and Cloud Security Implement best practices for … third-party security standards and monitor compliance. Manage security reviews during vendor onboarding and contract renewals. Governance, Risk, and Compliance Ensure compliance with relevant regulations (e.g., PCI DSS, GDPR, SOC2, ISO 27001) and internal policies. Maintain up-to-date knowledge of emerging threats, regulatory changes, and best practices. Establish and report key security metrics to the executive More ❯
Bury St Edmunds, England, United Kingdom Hybrid / WFH Options
Hamilton Barnes 🌳
UK; willing to undergo DBS and Counter Terrorist Check. It would be great if you had: Certifications such as CISSP, or other relevant qualifications. Experience with additional frameworks (e.g., SOC2, NIST, NCSC CAF). More than 2 years’ experience delivering IT or cybersecurity solutions. Benefits: 30 days annual leave + 8 bank holidays Additional day off for your birthday More ❯
and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯
ensuring that they are up-to-date and effective. ️ Is This You? CISSP, CISA, or CISM certification is strongly recommended, but not required. ISO 27001/27701/42001, SOC-2, PCI DSS, and GDPR knowledge, experience, and qualifications are highly desirable. At least 5 years of relevant industry experience in information security, with a focus on security architecture More ❯
and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯
and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯
and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯
and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯
and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯
large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes from More ❯
Merton, Wisconsin, United States Hybrid / WFH Options
QuadMed
Creating a better way. It's more than just the philosophy we were founded on. It's our purpose. For our employees, it means more time with patients. Unrushed visits to build meaningful relationships. And most importantly, an opportunity to More ❯
would also want good knowledge of: Cloud (AWS, OnPrem) Microservices (K8s, Kafka) IaC (Terraform) CI/CD (GitOps, Github Actions, ArgoCD) Monitoring (OpenTelemetry, Prometheus, Grafana) Security (Vault, IAM, OPA, SOC2, GDPR) What’s in it for you? Annual bonus Share Options L&D Fund Private Medical Hybrid/Flexi Working The chance to build & own the SRE function for a More ❯
would also want good knowledge of: Cloud (AWS, OnPrem) Microservices (K8s, Kafka) IaC (Terraform) CI/CD (GitOps, Github Actions, ArgoCD) Monitoring (OpenTelemetry, Prometheus, Grafana) Security (Vault, IAM, OPA, SOC2, GDPR) What’s in it for you? Annual bonus Share Options L&D Fund Private Medical Hybrid/Flexi Working The chance to build & own the SRE function for a More ❯
hands-on experience in GRC, preferably with a focus on acquisition integration. Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST. Experience with SOC1/2, GDPR, and privacy frameworks. Proficiency in information security tools, techniques, and controls. Experience with metrics and KPIs to measure and track information security risk. Ability to develop policies, standards More ❯
Role : Assistant Vice President Security Governance, Risk and Assurance Location : London on-site 2 days p/w Compensation : Up to £90,000 per annum + variable bonuses up to £115,000 Lawrence Harvey are currently partnered with a top-tier Financial Markets firm who are looking for an AVP of Security Governance, Risk and Assurance to join their … all security functions. Providing assurance to stakeholders by delivering detailed reporting and metrics. What you will bring: A minimum of 5 years of experience in Cyber Security, with ideally 2 years experience working in a Security Risk team. Organisation, experience with planning, data reporting, information and updates Strong ability to work with others to drive forward security objectives. Meticulous … with GRC tools (RSA Archer preferred) Desired qualifications/certifications: Ideally a Master's Degree in Infromation Security, CICA/CRISC/CISM/Data Analysis NIST CSF, ISO27001, SOC 1/2 Prince 2, MSP, APMQ are advantageous Sound like your next move? If it does, apply below or forward a resume to j.walsh@lawrenceharvey.com More ❯
Role : Assistant Vice President Security Governance, Risk and Assurance Location : London on-site 2 days p/w Compensation : Up to £90,000 per annum + variable bonuses up to £115,000 Lawrence Harvey are currently partnered with a top-tier Financial Markets firm who are looking for an AVP of Security Governance, Risk and Assurance to join their … all security functions. Providing assurance to stakeholders by delivering detailed reporting and metrics. What you will bring: A minimum of 5 years of experience in Cyber Security, with ideally 2 years experience working in a Security Risk team. Organisation, experience with planning, data reporting, information and updates Strong ability to work with others to drive forward security objectives. Meticulous … with GRC tools (RSA Archer preferred) Desired qualifications/certifications: Ideally a Master's Degree in Infromation Security, CICA/CRISC/CISM/Data Analysis NIST CSF, ISO27001, SOC 1/2 Prince 2, MSP, APMQ are advantageous Sound like your next move? If it does, apply below or forward a resume to j.walsh@lawrenceharvey.com More ❯
Role : Assistant Vice President Security Governance, Risk and Assurance Location : London on-site 2 days p/w Compensation : Up to £90,000 per annum + variable bonuses up to £115,000 Lawrence Harvey are currently partnered with a top-tier Financial Markets firm who are looking for an AVP of Security Governance, Risk and Assurance to join their … all security functions. Providing assurance to stakeholders by delivering detailed reporting and metrics. What you will bring: A minimum of 5 years of experience in Cyber Security, with ideally 2 years experience working in a Security Risk team. Organisation, experience with planning, data reporting, information and updates Strong ability to work with others to drive forward security objectives. Meticulous … with GRC tools (RSA Archer preferred) Desired qualifications/certifications: Ideally a Master's Degree in Infromation Security, CICA/CRISC/CISM/Data Analysis NIST CSF, ISO27001, SOC 1/2 Prince 2, MSP, APMQ are advantageous Sound like your next move? If it does, apply below or forward a resume to j.walsh@lawrenceharvey.com More ❯
manage security technologies, and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance (e.g. ISO/IEC 27001 andSOC2 certification). What you'll be doing Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program. Work directly with the business … Extensive experience in a combination of risk management, information security and IT jobs. Knowledge of common regulatory and information security management frameworks, such as ISO/IEC 27001, NIST, SOC2and GDPR. Excellent written and verbal communication skills and high level of personal integrity. Innovative thinking and leadership with an ability to lead and motivate cross-functional More ❯
master data management standards. Promote reusability and standardisation of data flows, services, and integration components. Embed security, privacy, and audit controls into every solution design, ensuring readiness for GDPR, SOC2, and ISAE 3402 requirements. Work closely with InfoSec, Compliance, and Risk functions to identify and mitigate architectural risks. Skills, knowledge, expertise: Strong experience in designing complex, multi More ❯
master data management standards. Promote reusability and standardisation of data flows, services, and integration components. Embed security, privacy, and audit controls into every solution design, ensuring readiness for GDPR, SOC2, and ISAE 3402 requirements. Work closely with InfoSec, Compliance, and Risk functions to identify and mitigate architectural risks. Skills, knowledge, expertise: Strong experience in designing complex, multi More ❯
