51 to 75 of 183 Information Security Jobs in London

Oliver James are partnered with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Lead. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Oliver James are partnered with a … globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Lead. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Based in the City of London with a flexible hybrid model (average … loyalty bonuses. Key Responsibilities Third-Party Risk Management: Lead and own the third-party vendor risk assessment process across a portfolio of 100-120 vendors. Review and validate vendor security documentation (e.g., SOC 2, ISO 27001), evaluate control effectiveness, and coordinate remediation efforts for identified gaps. Ensure relevant business stakeholders are informed of potential risks. Governance, Risk & Compliance (GRC More ❯

a culture of learning within the team, enhancing the professional capabilities of team members. Who We Look For Bachelor’s degree or higher, with 5+ years of experience in security assessment, IT audit, or consulting at a leading professional consulting firm or legal firm, in-house experience working in multinational company is a bonus Strong understanding of global compliance … marketing) and experience in compliance/product workflow design; experience in the internet/gaming industry is a plus. Expertise in global privacy regulations, including privacy principles, operational legal security frameworks, and compliance solutions. Proficient in IT audit, information security management, and IT/technology risk management, with the ability to resolve compliance risks effectively. Knowledge of … security control frameworks (e.g., ISO27001, ISO20000, ITIL, COBIT) and experience collaborating with information security teams to implement compliance requirements. Strong problem-solving skills, proactive work ethic, flexible thinking, and the ability to thrive under pressure. Able to use English and Chinese as working language to interact with stakeholders across the global Location: This role can be based More ❯

a culture of learning within the team, enhancing the professional capabilities of team members. Who We Look For Bachelor’s degree or higher, with 5+ years of experience in security assessment, IT audit, or consulting at a leading professional consulting firm or legal firm, in-house experience working in multinational company is a bonus Strong understanding of global compliance … marketing) and experience in compliance/product workflow design; experience in the internet/gaming industry is a plus. Expertise in global privacy regulations, including privacy principles, operational legal security frameworks, and compliance solutions. Proficient in IT audit, information security management, and IT/technology risk management, with the ability to resolve compliance risks effectively. Knowledge of … security control frameworks (e.g., ISO27001, ISO20000, ITIL, COBIT) and experience collaborating with information security teams to implement compliance requirements. Strong problem-solving skills, proactive work ethic, flexible thinking, and the ability to thrive under pressure. Able to use English and Chinese as working language to interact with stakeholders across the global Location: This role can be based More ❯

a culture of learning within the team, enhancing the professional capabilities of team members. Who We Look For Bachelor’s degree or higher, with 5+ years of experience in security assessment, IT audit, or consulting at a leading professional consulting firm or legal firm, in-house experience working in multinational company is a bonus Strong understanding of global compliance … marketing) and experience in compliance/product workflow design; experience in the internet/gaming industry is a plus. Expertise in global privacy regulations, including privacy principles, operational legal security frameworks, and compliance solutions. Proficient in IT audit, information security management, and IT/technology risk management, with the ability to resolve compliance risks effectively. Knowledge of … security control frameworks (e.g., ISO27001, ISO20000, ITIL, COBIT) and experience collaborating with information security teams to implement compliance requirements. Strong problem-solving skills, proactive work ethic, flexible thinking, and the ability to thrive under pressure. Able to use English and Chinese as working language to interact with stakeholders across the global Location: This role can be based More ❯

a culture of learning within the team, enhancing the professional capabilities of team members. Who We Look For Bachelor’s degree or higher, with 5+ years of experience in security assessment, IT audit, or consulting at a leading professional consulting firm or legal firm, in-house experience working in multinational company is a bonus Strong understanding of global compliance … marketing) and experience in compliance/product workflow design; experience in the internet/gaming industry is a plus. Expertise in global privacy regulations, including privacy principles, operational legal security frameworks, and compliance solutions. Proficient in IT audit, information security management, and IT/technology risk management, with the ability to resolve compliance risks effectively. Knowledge of … security control frameworks (e.g., ISO27001, ISO20000, ITIL, COBIT) and experience collaborating with information security teams to implement compliance requirements. Strong problem-solving skills, proactive work ethic, flexible thinking, and the ability to thrive under pressure. Able to use English and Chinese as working language to interact with stakeholders across the global Location: This role can be based More ❯

passionate and experienced Vulnerability Lead to shape and lead the creation and ongoing operation of our comprehensive vulnerability management program. This is a unique opportunity to establish a critical security function, define best practices, and significantly enhance our overall security posture. A key aspect of this role involves the end-to-end management and continuous improvement of the … vulnerability management programme. This includes defining scanning strategies, conducting risk-based triage and prioritisation, overseeing remediation efforts, and providing actionable reporting to enhance the Engine's security posture. What you'll get to do Conduct vulnerability scans regularly and proactively as needed. Validate findings and use a risk-based approach. Enrich findings with threat intelligence and business impact to … resolver groups by triaging and prioritising vulnerabilities to facilitate timely resolution of outstanding findings using a risk based approach Track and manage remediation through to closure with Technology and Security teams. Ensure timely patching of critical vulnerabilities in line with SLAs. Ensure visibility across the technology estate, including cloud environments. Coordinate scanning and coverage of data centre estate, cloud More ❯

headquartered in the UK and FCA-regulated. The Role Goji is looking for a hands-on Head of IT to build and nurture our IT function, ensuring seamless infrastructure, security, and user support. This role provides an exciting opportunity to shape IT operations with a people-first approach, designing systems, processes, and policies that support our teams in doing … The Head of IT will report to the CTO and work closely with key stakeholders across the company to create and deliver an IT strategy that balances operational efficiency, security, and a positive employee experience. We are looking for someone who is collaborative, inclusive, and passionate about enabling teams through technology. How you'll contribute Develop and deliver a … long-term growth. Lead and uplift IT operations and support functions, ensuring a seamless and reliable experience for all teams across the organisation. Work in close partnership with the Information Security Officer (ISO) to continuously evolve our Information Security Management System (ISMS), balancing strong protection with ease of adoption. Provide efficient, empathetic IT support across hardware More ❯

Lead Security Controls Assessor - NIS2 Readiness (Financial Services) Contract Type: 6-Month Rolling Contract Rate: £550/day (Inside IR35) Location: Fully Remote My client, a leading organisation in the Financial Services sector, is currently seeking two experienced contractors to join their Security Controls Assessor team. This is a strategic initiative focused on preparing for the upcoming NIS2 … project teams, and EGSO to ensure cohesive support Document the organisation's regulatory posture, ISRG priorities, gaps, risks, and sustainability of compliance efforts Provide regular updates to the EMAP Information Security Regulatory Governance Specialist This is a fantastic opportunity to contribute to a high-impact regulatory programme within a complex, multi-entity financial environment. If you're experienced … in security controls assessment, regulatory compliance, and NIS2 alignment, this role offers both strategic influence and operational depth. Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will More ❯

Lead Security Controls Assessor - NIS2 Readiness (Financial Services) Contract Type: 6-Month Rolling Contract Rate: £550/day (Inside IR35) Location: Fully Remote My client, a leading organisation in the Financial Services sector, is currently seeking two experienced contractors to join their Security Controls Assessor team. This is a strategic initiative focused on preparing for the upcoming NIS2 … project teams, and EGSO to ensure cohesive support Document the organisation's regulatory posture, ISRG priorities, gaps, risks, and sustainability of compliance efforts Provide regular updates to the EMAP Information Security Regulatory Governance Specialist This is a fantastic opportunity to contribute to a high-impact regulatory programme within a complex, multi-entity financial environment. If you're experienced … in security controls assessment, regulatory compliance, and NIS2 alignment, this role offers both strategic influence and operational depth. Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will More ❯

Category Manager - Cloud & Information Security We are currently recruiting for an experienced IT Category professional to lead strategic sourcing and category management across cloud services and cybersecurity. This role is to join one of our Insurance Clients based on a 6 month contract Inside IR35. Hybrid working with 2 days in London. Key Experience Required: 5+ years in More ❯

with colleagues in UK/US/France & Mumbai. This role requires a minimum two days per week in London office. The Role: Category strategy & pipeline: Own the Cloud & InfoSec category plan for 6–12 months: size the opportunity, define value levers (cost, risk, performance), set KPIs, and maintain a visible, prioritized pipeline of sourcing events and renewals aligned to … MI from, SpendViz and Ariba to inform decisions (pipeline, cycle times, compliance, value delivery). Supplier Risk Management (SRM) & compliance: Initiate and coordinate SRM assessments and ongoing reviews (e.g., InfoSec, Privacy, BCM/Resilience) for material/critical suppliers; ensure Riskonnect/Ariba status and artefacts are up to date. Operate to the Procurement Policy and Source-to-Pay process … and work within Ariba, with a clear data stewardship mindset—comfortable owning metadata, templates, and reporting to drive decisions. Solid understanding of supplier risk workflows and partnering with Legal, InfoSec, Privacy and BCM. Strategic and analytical thinker who converts insight into pragmatic commercial actions; excellent written and verbal communication, with a positive and “can do” approach to their work. Nice More ❯

Infrastructure Security Engineer We are currently recruiting for a Infrastructure Security Engineer on a 6 month initial contract. Hybrid basis (2-3 days), office location being London. They are looking for a candidate to take responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. They are also looking for … a candidate who is able to provide advice and recommendations for the programme. Key Skills Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks … for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure Information Security Management System (Infrastructure Security Operations). Azure cloud infrastructure and configuration. System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Microsoft Exchange online Azure and on-premises More ❯

to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: 35+ years of experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security and … operational risk assessments. High attention to detail, ensuring accuracy in documentation, assessments, and compliance activities. Strong understanding of information security risk management principles, frameworks (e.g., ISO 27001, NIST), and compliance practices. Exposure and understanding of IT infrastructure, business applications, and their associated risks and controls. Experience collaborating with internal and external audit teams, including supporting audit readiness and … evidence gathering. Proven ability to work effectively across multi-disciplinary, multi-cultural, and geographically dispersed teams. Excellent written and verbal communication skills, with the ability to convey complex information clearly to both technical and non-technical audiences. Strong interpersonal and presentation skills, with confidence engaging stakeholders at all levels. Industry-recognised technical certifications such as ITIL, CISSP, CRISC, or More ❯

Join Police Digital Service as Cyber Security Operations Specialist Starting salary £60,000 About Police Digital Service To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways of working that will enable them to adapt to and deal with the complexity of … Our team provides technical advice and delivers services to help policing and law enforcement organisations across the UK prioritise and focus on technology efforts. Key Responsibilities Support the Cyber Security Operations Manager, providing specialist advice, reporting and assurance to principal stakeholders Monitor security, technological, social and scientific trends that could influence the National Policing policy Support implementation of … policing outcomes - as part of the PDS role in leading delivery for the National Digital Policing Strategy 2020-30. Work closely with the Technical Operations team to manage security decision making Identify and implement appropriate controls, mitigations and risk treatment plans Develop and manage cyber incident response for services in life Ensure alignment of security operations with More ❯

External Assurance (TEA) function focused on supplier assurance by the execution and oversight of activities including risk assessments, contract reviews, due diligence, auditing, findings and reporting to manage the information security risks related to these areas for my client evolving supplier profile aligned to defined OLAs and deadlines. The role holder will also identify and deliver enhancements to … components of customers audits, including planning, scoping, preparation, documentation, delivery and follow-up; in direct partnership with customers and internal Commercial teams. Liaise with subject matter experts to ensure information is gathered in a timely manner to ensure customer requests are correctly responded to and protect my client. Reviewing and negotiating customer contractual IT agreements and clauses to ensure … responsibilities in either a Big 8 external practice, Internal Audit, or supplier/customer assurance function for a financially regulated/FinTech entity. Certified in relevant audit, risk and security certifications preferably with one of the following: IIA, CISA, CISM, or CISSP. Strong information security/assurance, audit, compliance and risk knowledge, experience of IT risk and More ❯

Director in Unit 42 is a senior-level consulting position. The individual will be responsible for the day to day delivery of our threat-led and technology driven cyber security consulting services through leading and directly overseeing a team of Consultants. This person will have experience in developing teams and working with sales and domain leaders. The Consulting Director … and Customer Success Manager (CSM) to deliver pitches and prepare proposals to win new business and manage client relationships. We are seeking an individual who is passionate about cyber security and making a difference. You will be a continuous learner and have a sound knowledge of emerging cybersecurity trends and technologies. The individual serves as a trusted advisor to … cross-sector clients. Your Impact Oversee the delivery of our proactive consulting services, ensuring their consistency, quality and highest level of customer service Provide hands-on, expert-level proactive Security Operations Center (SOC) assessment and transformation services to clients and deliver findings to CxO and/or Board of Directors Work with the BDM and CSM to perform pipeline More ❯

Director in Unit 42 is a senior-level consulting position. The individual will be responsible for the day to day delivery of our threat-led and technology driven cyber security consulting services through leading and directly overseeing a team of Consultants. This person will have experience in developing teams and working with sales and domain leaders. The Consulting Director … and Customer Success Manager (CSM) to deliver pitches and prepare proposals to win new business and manage client relationships. We are seeking an individual who is passionate about cyber security and making a difference. You will be a continuous learner and have a sound knowledge of emerging cybersecurity trends and technologies. The individual serves as a trusted advisor to … cross-sector clients. Your Impact Oversee the delivery of our proactive consulting services, ensuring their consistency, quality and highest level of customer service Provide hands-on, expert-level proactive Security Operations Center (SOC) assessment and transformation services to clients and deliver findings to CxO and/or Board of Directors Work with the BDM and CSM to perform pipeline More ❯

Expertise in creation of solutions for risk and compliance advisory services (preferable candidates from Big4 organizations) • Capabilities of executing atleast 3-4 advisory/consulting engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL … MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term More ❯

Expertise in creation of solutions for risk and compliance advisory services (preferable candidates from Big4 organizations) • Capabilities of executing atleast 3-4 advisory/consulting engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL … MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term More ❯

Expertise in creation of solutions for risk and compliance advisory services (preferable candidates from Big4 organizations) • Capabilities of executing atleast 3-4 advisory/consulting engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL … MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term More ❯

Expertise in creation of solutions for risk and compliance advisory services (preferable candidates from Big4 organizations) • Capabilities of executing atleast 3-4 advisory/consulting engagements. • Technical Knowledge around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL … MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term More ❯

internal controls are regularly reviewed, updated and accessible. Prepare and present relevant compliance materials, including legal registers and policies during audits, with coverage in all relevant areas such as information security, data privacy, environmental law, and health and safety Support post-audit activities, including the development and implementation of corrective action plans where findings are identified by internal … and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO 37301 (compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation More ❯

internal controls are regularly reviewed, updated and accessible. Prepare and present relevant compliance materials, including legal registers and policies during audits, with coverage in all relevant areas such as information security, data privacy, environmental law, and health and safety Support post-audit activities, including the development and implementation of corrective action plans where findings are identified by internal … and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO 37301 (compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation More ❯

will be. Skin Analytics manufactures medical devices and complies with ISO standards 13485 and 27001. As part of your employment, you will be assigned Quality Management System (QMS) and Information Security Management System (ISMS). We require that our employees agree to complete their assigned training and diligently follow all company quality management and information security More ❯

monorepos, GitOps, branching and release strategies, etc.) Experience in designing system-level architecture and navigating trade-offs in web based systems (e.g. Microservices, REST APIs, CQRS) An understanding of information security including common attack vectors, awareness of relevant regulation and restrictions (e.g. PCI, GDPR ) Experience in design and testing strategies to enable gradual evolution of systems over time … to solve distributed computing problems (e.g. content-based addressing, immutable data structures, CRDTs, consensus protocols, merkle DAGs, etc. It'd be amazing if you can also An understanding of information security including common attack vectors, awareness of relevant regulation and restrictions Experience with running live services with significant volume of users and establishing appropriate SLOs and error budgets More ❯