to Standardise information security policies, frameworks, andcontrols across all entities, while allowing flexibility for business specific regulations. Oversee Cyber security regulatory compliance initiatives ns (e.g. NIST, ISO 27001, SOC2 compliance). Lead the design and operation of shared security services between IAG Loyalty and IAG airlines (e.g., threat detection, incident response, intel management, data sharing) at the group level. More ❯
ServiceNow products, particularly within the ITSM suite. Strategy & Compliance Operate within Agile/Scrum methodologies to ensure efficient project execution. Apply knowledge of relevant compliance frameworks (e.g., ISO 27001, SOC2, HIPAA) within enterprise service management environments. Required Skills, Knowledge & Experience Technical & Platform Expertise ServiceNow Expertise: 4–5 years of hands-on ServiceNow implementation experience, with a proven … . Cloud Architect-level certification on a major platform (e.g., AWS, Azure, or Google Cloud). Salary - Up to £150,000 per annum + bonus Work Model - Ideally Hybrid 2 days a week in London (can be flexible) MUST BE SC CLEARED OR CAN BE SC CLEARED More ❯
/cyber security projects and challenges, preferably over a number of industry domains Strong understanding of leading cybersecurity frameworks and standards such as ISO27001, NIST, Cyber Essentials+, CAF, CIS, SOC2, etc. Up-to-date knowledge of cyber/information security, concepts, risk, controls, and industry trends Experience of working on e.g., security governance models and frameworks, policies More ❯
/cyber security projects and challenges, preferably over a number of industry domains Strong understanding of leading cybersecurity frameworks and standards such as ISO27001, NIST, Cyber Essentials+, CAF, CIS, SOC2, etc. Up-to-date knowledge of cyber/information security, concepts, risk, controls, and industry trends Experience of working on e.g., security governance models and frameworks, policies More ❯
e.g. CISSP, CISM, ISO27001 Lead Auditor/Implementer, Cloud Security Practitioner ). Strong working knowledge of key frameworks and standards including ISO27001, Cyber Essentials, CIS Critical Controls, NIST CSF, SOC2 , and Data Protection requirements ( DPA/GDPR ). Outstanding communication and relationship-building skills — able to influence, challenge constructively, and engage with both technical teams and senior leadership. More ❯
e.g. CISSP, CISM, ISO27001 Lead Auditor/Implementer, Cloud Security Practitioner ). Strong working knowledge of key frameworks and standards including ISO27001, Cyber Essentials, CIS Critical Controls, NIST CSF, SOC2 , and Data Protection requirements ( DPA/GDPR ). Outstanding communication and relationship-building skills — able to influence, challenge constructively, and engage with both technical teams and senior leadership. More ❯
logging tools. Lead incident detection and response, including root-cause analysis and remediation tracking. Maintain Humanoid’s information security risk register and control library. Drive readiness for ISO 27001, SOC2, and GDPR compliance. Deliver staff security-awareness and phishing-simulation programmes. Partner with Engineering to align product and corporate security practices. Networking & Connectivity Manage office and lab … efficiencies through the deployment of AI solutions Knowledge of ITIL or other IT service management frameworks, particularly incident/change management. Exposure to compliance frameworks such as ISO 27001, SOC2, or NIST. Prior experience scaling IT teams from small core functions into mature multi-discipline organisations. What We Offer Competitive salary plus participation in our Stock Option Plan. Paid vacations. More ❯
City of London, London, United Kingdom Hybrid/Remote Options
Humanoid
logging tools. Lead incident detection and response, including root-cause analysis and remediation tracking. Maintain Humanoid’s information security risk register and control library. Drive readiness for ISO 27001, SOC2, and GDPR compliance. Deliver staff security-awareness and phishing-simulation programmes. Partner with Engineering to align product and corporate security practices. Networking & Connectivity Manage office and lab … efficiencies through the deployment of AI solutions Knowledge of ITIL or other IT service management frameworks, particularly incident/change management. Exposure to compliance frameworks such as ISO 27001, SOC2, or NIST. Prior experience scaling IT teams from small core functions into mature multi-discipline organisations. What We Offer Competitive salary plus participation in our Stock Option Plan. Paid vacations. More ❯
Company description: Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as … and risk assessment solutions It would be a real bonus if you have: Master's degree in Computer Science, Information Security, or a related field Experience or understanding of SOC2and DORA regulation What we offer: We realize that managing work life balance is a challenge we all face in our daily lives and in order to More ❯
City of London, London, United Kingdom Hybrid/Remote Options
Crimson
GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC2, and OWASP frameworks. Senior Security Analyst/Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in More ❯
London, South East, England, United Kingdom Hybrid/Remote Options
Crimson
GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC2, and OWASP frameworks. Senior Security Analyst/Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in More ❯
technical expertise in core cloud services (e.g. EC2, S3, RDS, Lambda, API Gateway, VPC, Route 53, IAM, CloudFormation, or Terraform). Familiarity with security and compliance frameworks (e.g. CIS, SOC2, HIPAA). Proven success in leading cloud migration projects using tools such as AWS Server Migration Service or AWS Database Migration Service. Hands-on experience with DevOps More ❯
technical expertise in core cloud services (e.g. EC2, S3, RDS, Lambda, API Gateway, VPC, Route 53, IAM, CloudFormation, or Terraform). Familiarity with security and compliance frameworks (e.g. CIS, SOC2, HIPAA). Proven success in leading cloud migration projects using tools such as AWS Server Migration Service or AWS Database Migration Service. Hands-on experience with DevOps More ❯
pipelines (GitLab or equivalent), automating builds, tests, and deployments. Implement and maintain Kubernetes clusters (AKS), Docker images, and related infrastructure components. Ensure systems meet security, performance, and compliance standards (SOC2, encryption at rest/in transit). Collaborate with software engineers to align infrastructure delivery with development requirements. Diagnose and resolve infrastructure issues, applying fixes and process improvements. Contribute to More ❯
pipelines (GitLab or equivalent), automating builds, tests, and deployments. Implement and maintain Kubernetes clusters (AKS), Docker images, and related infrastructure components. Ensure systems meet security, performance, and compliance standards (SOC2, encryption at rest/in transit). Collaborate with software engineers to align infrastructure delivery with development requirements. Diagnose and resolve infrastructure issues, applying fixes and process improvements. Contribute to More ❯
City of London, London, United Kingdom Hybrid/Remote Options
RemoteStar
Experience in cybersecurity, risk management, GRC (governance, risk & compliance) or supply-chain risk management. Familiarity with third-party/vendor risk management platforms and frameworks (e.g., NIST, ISO 27001, SOC2, supply-chain risk standards). Understanding of machine-learning/AI concepts (e.g., risk-scoring models, graph analytics, anomaly detection). Experience working with enterprise B2B customers, especially security teams More ❯
Experience in cybersecurity, risk management, GRC (governance, risk & compliance) or supply-chain risk management. Familiarity with third-party/vendor risk management platforms and frameworks (e.g., NIST, ISO 27001, SOC2, supply-chain risk standards). Understanding of machine-learning/AI concepts (e.g., risk-scoring models, graph analytics, anomaly detection). Experience working with enterprise B2B customers, especially security teams More ❯
and vulnerability management practices. Strong knowledge of API security, OAuth, JWT, and API Gateway policies. Experience in security audits, monitoring, and incident remediation. Familiarity with compliance frameworks (e.g., ISO, SOC2, GDPR) is a plus. Hands-on experience with Terraform and Ansible for infrastructure automation. Proven experience with AWS cloud architecture and deploying microservices on ECS/ECR More ❯
and vulnerability management practices. Strong knowledge of API security, OAuth, JWT, and API Gateway policies. Experience in security audits, monitoring, and incident remediation. Familiarity with compliance frameworks (e.g., ISO, SOC2, GDPR) is a plus. Hands-on experience with Terraform and Ansible for infrastructure automation. Proven experience with AWS cloud architecture and deploying microservices on ECS/ECR More ❯
engineering best practices (e.g. test-driven development, continuous delivery, scrum practices, automation, maintainable and testable code etc.) Strong knowledge of HTTP security is highly desirable Experience with FedRamp andSOC2 certification is a plus Strong written and verbal communication skills Proactive, self-motivated, and strong ability to learn new things with little guidance Highly organized with critical More ❯
Harden distributed systems (Kafka, Redis, CockroachDB) for global banking workloads Lead our AI-powered SRE approach: observability, remediation, and auto-response Enforce zero-trust, multi-tenant security and compliance (SOC2, ISO 27001) Define IaC foundations (Terraform, GitOps, Helm) What We're Looking For: Expert with Kubernetes and Distributed Systems Experience building production infrastructure at scale (multi-region, high-availability) Extensive More ❯
Harden distributed systems (Kafka, Redis, CockroachDB) for global banking workloads Lead our AI-powered SRE approach: observability, remediation, and auto-response Enforce zero-trust, multi-tenant security and compliance (SOC2, ISO 27001) Define IaC foundations (Terraform, GitOps, Helm) What We're Looking For: Expert with Kubernetes and Distributed Systems Experience building production infrastructure at scale (multi-region, high-availability) Extensive More ❯
