Protection Act 2018, PCIDSS v4.0, and other relevant regulations. Collaborate with Data Privacy, Risk, and Audit teams. Security Operations: Implement and enhance security controls across various platforms (Microsoft 365 / Azure, AWS, Salesforce, etc.). Manage threat intelligence, monitoring, and incident response. Policy Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C … by the development of alternative solutions. Highly organised with excellent project, service and supplier management skills. Certifications: CISSP, CISM, CCSP, or ISO27001 Lead Auditor / Implementer. What will I gain? Each and every one of our employees contributes to our progress and is supporting our work to beat cancer. We think that's impressive. More ❯
London, United Kingdom Posted on 03 / 07 / 2025 Join Deriv as a Technical Compliance Specialist and play a pivotal role in transforming the landscape of regulatory compliance. In this position, you will spearhead the implementation and optimisation of cutting-edge regulatory technology solutions, streamlining compliance processes, and ensuring adherence to evolving regulations. Your expertise in AI … workflows for onboarding, AML, and fraud detection using microservices, real-time data, and rule engines, eliminating manual steps and boosting accuracy. Lead integration of cutting-edge RegTech components (AI / ML, blockchain, digital ID) by defining technical requirements, assessing fit, and guiding end-to-end implementation for KYC, transaction monitoring, and sanctions screening. Develop secure, automated data governance frameworks … work with you if you: Have 5+ years of hands-on experience implementing RegTech solutions, compliance systems, or risk management tools in financial services Possess proven expertise in AI / ML tools for compliance use cases (e.g., document analysis, transaction monitoring, regulatory change management) Are technically proficient in automation platforms (RPA, low-code tools) and data management systems (SQL More ❯
Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department deploys, supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat / incident management activities to reduce risk. NUMBER OF DIRECT REPORTS 1-2 MAIN PURPOSE OF THE ROLE To manage the technical delivery of various cybersecurity projects and contribute to … of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Threat Intelligence, Risk Evaluation, Security Assessment / Testing, Incidence Management and Vendor / Cloud products assessment Possessing high level of analytical ability where problems are typically unusual and difficult Ability to maintain a working knowledge … plan and timing, and global program ownership Demonstrable experience of senior stakeholder management and relevant management reporting. Ability to coach team members through knowledge transfer and constructive feedback Education / Qualifications: Degree educated and / or equivalent experience. SKILLS AND EXPERIENCE Functional / Technical Competencies: Essential (Must Have) Experience of working within Cybsersecurity team as a Technical More ❯
with the Lead to align on deliverables and be key in delivering to multiple business units. Being fully aware of our ways of working - within our regulatory standards (ISO 13485, ISO27001). ️ We want to hear from you if you Have experience in the following tech stack: Backend: Nodejs, JavaScript, Express Frontend: React … HL7 Ability to deal with internal and external stakeholders. Good communication skills. Collaborative and willing to listen to others ideas. Skin Analytics manufactures medical devices and complies with ISO standards 13485 and 27001. As part of your employment, you will be assigned Quality Management System (QMS) and Information Security Management System (ISMS). We require that our employees More ❯
Protection Act 2018, PCIDSS v4.0, and other relevant regulations. Collaborate with Data Privacy, Risk, and Audit teams. Security Operations: Implement and enhance security controls across various platforms (Microsoft 365 / Azure, AWS, Salesforce, etc.). Manage threat intelligence, monitoring, and incident response. Policy Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C … by the development of alternative solutions. Highly organised with excellent project, service and supplier management skills. Certifications: CISSP, CISM, CCSP, or ISO27001 Lead Auditor / Implementer. What will I gain? Each and every one of our employees contributes to our progress and is supporting our work to beat cancer. We think that's impressive. More ❯
effective remediation measures. Monitor systems, networks, and logs then Investigate security breaches, incidents, and other cybersecurity events. Oversight of compliance for regulatory compliance requirements, such as SOC2, HIPAA, ISO27001, GDPR etc, and ensure our systems adhere to these standards Conduct security awareness training sessions, enabling the business. Who you are Cloud security enthusiast - You're … that protect systems Risk assessment pro - You enjoy identifying vulnerabilities, evaluating threats, and making informed security decisions backed by solid data Technical communicator - You have strong networking knowledge (TCP / IP, protocols) and can code / script (Python, Elixir, or similar) to automate security processes Bridge builder - You excel at translating complex security concepts for different audiences, from More ❯
methods (penetration test results, threat modeling, security testing) and determining residual risk after applying compensating security controls Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO27001, SOC 2 Type 2 and familiarity working with Quality Management Systems Experience working with teams in a structured software development … achieving outcomes and nurturing relationships. Skilled in crafting compelling proposals and other business development materials. Proficient in cultivating opportunities within the client base and network. Holds Cyber Security accreditations / qualifications such as CISSP, CSSLP, CISM , indicating a solid foundation in the field. You thrive in problem-solving and analytical thinking You enjoy collaborating with multiple stakeholders in a More ❯
processes for secure model development, training, and deployment of AI products. Ensure that AI model behaviour in the firm's AI products is continuously monitored for any anomalies and / or potential security breaches. Conduct regular risk assessments and vulnerability analyses to identify potential security weaknesses in AI products and their environment. Define, develop, and maintain security policies, procedures … and stakeholder engagement skills, with the ability to bridge technical, and business perspectives. Confident in discussing complex AI models with product teams. Strong knowledge of secure development lifecycle and / or product security. You will stand out if you bring Bachelor's degree in Computer Science, Data Ethics, or a related field. Experience working in or with professional services … or legal sector organisations. Certifications in AI ethics, data privacy (e.g., CIPP / E, CIPM), or risk management (e.g., CRISC). Experience with AI auditing, algorithmic impact assessments, or model governance platforms. Knowledge of legal technology tools and platforms (e.g., legal research AI, contract analytics, generative AI). Ability to lead cross-functional initiatives in a complex, multinational environment. More ❯
informed risk decision making. Prepare and present risk reports, dashboards, and insights to senior stakeholders and governance committees. Act as the key liaison between the InfoSec function and enterprise / business risk teams. Support internal education and awareness around security risk and governance. We would love to hear from you if you have Proven experience in Information Security or … Cyber Risk, with direct experience in a cloud-first, tech-driven environment. Experience with common infosec standards / frameworks e.g. ISO27001 and GRC Tools. Strong understanding of GRC practices, enterprise risk methodologies, and security governance. Clear communicator able to translate technical risks for non-technical audiences. Hands-on experience with supplier / vendor More ❯
risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications / Skills Required Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. 5+ years of experience in information security, with a strong focus on risk assessment … and / or internal security audits. Demonstrated experience working with compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (e.g., NIST, ISO27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and More ❯
moving environmentsand you love the pace. Superb people leadership, mentoring, and cross-functional collaboration skills. Experience with geospatial data, sustainability, risk or compliance domains. Prior work achieving and maintaining ISO27001 in a SaaS context. Build tech with purpose Tackle one of the worlds most pressing challenges. Own what you build Competitive salary and meaningful equity. Time in nature We regularly … get outdoors to reflect and plan. Grow fast Dedicated L&D budget, leadership development, and lots of autonomy. Hybrid flexibility 3 days / week in our London office (Farringdon). Supportive culture Enhanced parental, carers, compassionate, and emergency leave. Wellbeing focus Lifestyle benefits, robust sick pay, and mental health support. Apply now Be part of building the infrastructure for … Kingdom 5 days ago London, England, United Kingdom 5 days ago London, England, United Kingdom 1 week ago London, England, United Kingdom 2 weeks ago Head of Engineering - (FPGA / Rust / Embedded) - 150k - ID40652 London, England, United Kingdom 5 days ago London, England, United Kingdom 1 day ago London, England, United Kingdom 1 week ago London, England More ❯
a Subject Matter Expert (SME) in analysing and helping deliveridentity and access management solutions,acrosssome ofthe following areas: Identity Governance and Administration (IGA) Identity Management (IDM) Ideally withgood conceptual / practical knowledge of: Access Management (inc.Single Sign-On (SSO) / Multi-Factor Authentication (MFA) / Password-less Authentication) Privileged Access Management (PAM) Consumer Identity (CIAM) The key … with a proven track record of deliveringprojects Background in both delivering and working with major IAM vendors, as described above E xperience in integrating withother IAM technologies, such asOkta / CyberArk(PAM) / ServiceNow / SAP technologieswould be beneficial but not compulsory. Comfortable w orking both as part of a team, orindividually, and familiar with the relevant … deliver an IAM solutionacross all aspects of the SDLC(Analyse, Design, Develop / Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx , ISO27001, NIST, HIPAA, GDPR,PSD2,etc. Ideally, an e ducation in Business, IT, IT security or related field Ability tomanage owntime and priorities effectively The following attributes, while not mandatory, will More ❯
security alerts, assisting in incident response as needed. Stay current with emerging threats, vulnerabilities, and mitigation techniques. Provide support during internal and external audits and compliance initiatives (e.g., ISO27001, SOC 2). Required Skills and Qualifications: Degree in Computer Science, Cybersecurity, Information Systems, or a related field. 3-5 years of experience in information security … Life Assurance - 5x salary Employee Assistance Program Company Pension(Salary Sacrifice options available) Access to training and development Buy and Sell holiday scheme The opportunity for "work from anywhere / global mobility More ❯
experience as an AWS Architect or similar role (5+ years in AWS-focused roles). Deep understanding of core AWS services including EC2, S3, VPC, RDS, IAM, Lambda, CloudFormation / Terraform, ECS / EKS, and API Gateway. Strong knowledge of network design, security best practices, and cloud-native application architecture. Proficient in scripting or programming (e.g., Python, Bash … or Node.js). Experience with CI / CD tools (e.g., GitLab CI, Jenkins, AWS CodePipeline). Familiarity with containerization and orchestration tools (e.g., Docker, Kubernetes). AWS certifications such as AWS Certified Solutions Architect - Professional or Associate . Preferred Qualifications Experience in hybrid cloud environments and integration with on-premise systems. Background in DevOps, SRE, or Infrastructure Engineering. Knowledge … of monitoring / logging tools (e.g., CloudWatch, Datadog, Prometheus, ELK). Experience with enterprise security and compliance frameworks (e.g., ISO27001, SOC 2, GDPR). Familiarity with cost modeling and optimization strategies in AWS. More ❯
processes and activities Support the Head of Security and Infrastructure across all functional areas within the security department Liaise with with our Privacy, Governance, Infrastructure, IT Operations, and Product / Engineering teams on all security matters Ensure tools are running correctly Ensure the integrity of our data Investigate Events of Interest (EoIs) Act upon alerts Continuous learning development Documentation … demonstrate knowledge and commitment to cybersecurity: CompTIA Security+ Certified Ethical Hacker (CEH) CompTIA Network+ ISO27001 Foundation or Practitioner AWS Certified Security Familiarity with TCP / IP, DNS, firewalls, VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with More ❯
based infrastructure (e.g., Microsoft Windows Server, M365). • Monitor system performance and ensure high availability and reliability. • Implement and maintain backup and disaster recovery solutions. Network & Connectivity • Support LAN / WAN infrastructure across multiple sites. • Troubleshoot network issues and optimise performance. • Manage firewalls, VPNs, and network security, collaborating with MSPs / Vendors as required. Cloud & Systems Administration • Manage … Desirable • Experience of Fortinet Vendor products (Fortigate appliances, FortiAnalyser and FortiManager. • Experience of file server migrations to M365 • Experience of migration from hybrid environments to cloud-only (e.g. AD / Entra ID and Exchange / Exchange Online) • Experience with scripting (PowerShell). • Knowledge of ITIL practices. • Exposure to compliance frameworks (Cyber Essentials, ISO27001More ❯
equivalent experience). Relevant certifications (e.g., CCNA, CCNP, CISSP, etc.) are highly desirable. Technical Skills: Strong experience with Windows and enterprise level Linux systems. Proficiency in networking protocols (TCP / IP, DNS, DHCP, etc.) and network security practices. Hands-on experience with firewalls, IDS / IPS, and VPN configurations. Experience with virtualization (VMware, Hyper-V, etc.). Familiarity … with various security tool sets such as SIEM solutions, DLP, Endpoint Protection. Experience implementing disaster recovery and business continuity plans. Familiarity with compliance and security frameworks (NIST, ISO27001, etc). Knowledge of zero-trust architecture and secure remote access solutions. Soft Skills: Strong analytical and troubleshooting skills. Excellent communication and collaboration abilities. Ability to prioritize … DefStan, NATO) would be advantageous. Candidates must be UK Nationals with a bility to satisfy Security Clearance requirements. Candidates should also have the flexibility to participate in the 24 / 7 On Call Support rota for our UK customer, which usually necessitates being available to provide remote assistance 2 weeks in every month. Equal Opportunity Employer Flatirons Solutions is More ❯
on our careers page 2. Submit an up-to-date CV 3. Submit a cover letter setting out briefly why your suitable for the based on the key skills / competencies required (maximum 1,000 words) Selection process 1. Monday 11 and Tuesday 19 August - Longlisted candidates will be invited to an initial telephone interview with either the Director … programmes which will require an open and agile approach to delivering great, innovative security Compliance and Process o Management of the Cyber Essentials and CE+ certification process. o Maintaining ISO27001:2022 compliance. o Establish and run the review and improvement of the NAO's Disaster Recovery plans. o Ensuring our technical policies stay relevant and fit for purpose, and maintaining … them in line with ISO27001 requirements, NCSC best practise, and alignment with HMG standards. o Support in develop and implement a Product Assurance framework with the GRC team. Own the process to deliver meaningful assurance as we integrate new products into the environment. o Reviewing and managing the Information Asset Inventory assessments, assessing the technical control performance across our technology More ❯
meantime! We are a friendly bunch and pride ourselves in having a strong culture and adhering to our values of resourcefulness, ambition, thoughtfulness and integrity. We really value work / life balance and we embrace a flat hierarchy structure company-wide. Join us and you'll learn fast about cutting-edge tech and work with some of the brightest … resolution of priority issues. Maintain a robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk More ❯
information security, with a focus on network security and architecture. Strong knowledge of malicious lateral movement techniques and mitigation strategies. Experience with security frameworks and standards (e.g., NIST, ISO27001). Excellent communication and leadership skills. Relevant certifications such as CISSP, CISM, or TOGAF are highly desirable. Previous job roles that may indicate success include Information … practices. Understanding of protocol analysis techniques. Experience with Azure Log Analytics, KQL, and Azure Alerts. Python, Shell, and PowerShell scripting. Experience with security tools and technologies (e.g., SIEM, IDS / IPS, NG Firewall capabilities, vulnerability scanners). Knowledge of Active Directory and Azure AD. Knowledge of application delivery and the infrastructures that enable it. Familiarity with SQL Server, Oracle … clustering / High Availability technologies, and secure administrative practices. More ❯
27001 compliance and accreditation effort Lead crisis management exercises at all levels of the organisation to maximise the firm's cyber readiness Chair Enterprise Information Security Forum / Council, and sit on Enterprise Risk Committee Provide the risk / security framework for the adoption of all new technologies Oversee the team of security employees and vendors … property and computer systems Responsible for the Information Security budget. Education, Skills & Experience Proven experience in IT, including at leading an enterprise-level Infosec function. Proven experience in implementation ISO27001 in one or several organisation. Experience in planning and executing security policies and standards development. Experience in creating and efficiently managing a backlog of security findings and remediation work. Excellent … knowledge of technology environments, including information security, building security, and defence solutions, backed by multiple industry certifications such as SANS / GIAC GSEC, ISC2 CISSP or SSCP, ISACA CISM or CISA. Considerable knowledge of business theory, business processes, management, budgeting, and business office operations. Excellent interpersonal, organisational and administrative skills, strong commitment to teamwork and collaborative problem solving, and More ❯
designing, implementing, and maintaining highly scalable and resilient cloud infrastructure to support our trading operations. The ideal candidate will have a strong background in cloud computing, automation, and CI / CD pipelines, ensuring high availability and performance for mission-critical systems. Key Responsibilities Cloud Infrastructure Management: Design, deploy, and maintain scalable and resilient infrastructure on AWS using Infrastructure-as … Code (IaC). Kubernetes Administration: Manage and optimize Kubernetes clusters for containerized applications, ensuring high availability and security. Automation & CI / CD: Implement and manage CI / CD pipelines for efficient deployment, testing, and monitoring of applications. Observability & Monitoring: Develop comprehensive monitoring solutions using Prometheus, Grafana, ELK stack, or similar tools to improve system reliability. Security & Compliance: Apply … Familiarity with monitoring, logging, and observability tools (Prometheus, Grafana, Datadog, ELK, etc.). Strong understanding of networking concepts (VPC, Load Balancers, DNS, Firewalls). Experience with DevOps methodologies, CI / CD pipelines, and GitOps practices. Experience with high-performance and low-latency (sub millisecond) systems. Familiarity with serverless architectures and event-driven computing. Exposure to cloud cost optimization and More ❯
progress. Code & Config Review : Conduct basic secure code and configuration reviews, escalating high-risk findings as needed. Security Tooling & Automation : Help maintain and enhance security scanning integrations in CI / CD pipelines. Pen Testing Coordination : Assist in preparing for and triaging internal and third-party penetration tests. Security Documentation & Guidance : Help develop security best practices, developer guidance, and response … understanding of identity and access controls (OAuth, SAML, API tokens). Strong collaboration and communication skills, with a willingness to learn and grow. Preferred Qualifications Experience working in Agile / Scrum teams or DevOps environments. Familiarity with CI / CD tools like GitHub Actions or Jenkins. Exposure to security frameworks (NIST, ISO27001, SOC … . Experience working in SaaS, multi-tenant cloud environments. Knowledge of machine learning security (AI / ML model risks, LLM security best practices). Familiarity with attack surface management and threat intelligence. Relevant certifications (e.g., Security+, SSCP, GSEC) are a plus but not required. What do we offer? We value our people and offer a competitive salary along with More ❯
expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including the NIST Cloud Security guidelines. You will support ISO27001 … compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecom Security Act would be advantageous to your application, as would CISSP and / or CISM accreditation. You will develop and maintain the information security architecture and will have proven experience with compliance, vulnerability management, network security, cloud security (AWS & Azure), firewalls and More ❯
i.e., control frameworks, incident management, operations and application of security best-practices. Strong understanding and knowledge of cyber security technologies (e.g., firewalls, Microsoft enterprise cloud services, VPNs, ZTNA, IDS / IPS, SIEM, Juniper MIST, encryption). Experience with security standards and frameworks such as ISO27001, NIST, and GDPR. Head of Cyber Security Seniority level More ❯
