1 to 25 of 70 Security Posture Jobs in London

Job summary The Associate Information Security Practitioner role is part of the Moorfields Information Security Team. The team ensures that our systems and data are safe, secure, and resilient - so that we can focus on delivering high-quality, patient-centred care, and are trusted by our patients, service users and staff. The team has operational responsibility for security tooling, such as anti-virus and intrusion prevention, security assurance platforms, security testing and monitoring platforms, etc) and for our managed services (security operations centre). The team performs assurance and compliance activities most notably contributing to the annual NHS Data Security Protection Toolkit (DSPT) cycle. We put people at the heart of everything we … Digital, Data and Technology experts that deliver excellence in a busy department. Main duties of the job At this role level, you will: Contribute to operational support of information security solutions and services Engage with our third party provision of information security service Contribute Information Security expertise to projects and operational services Support assurance activities and the More ❯

identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team … in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role … you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends More ❯

Overview As Cyber Security Manager at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture in tandem with GRC practices and policies as they evolve to align with current and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing, you will lead day to day … cyber security operations and project based work. You will help train and upskill your fellow Two Circlers on topics such security awareness, OWASP Top 10 and Security by Design, as well as understanding and feeding into their processes and workflows, to keep good security practice on the agenda. Externally, this role will also engage with our More ❯

and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do The Global Platform Team Lead and Senior Director - IT Security is responsible for leading the design, delivery, and continuous evolution of BCG's security platforms across identity, device, and data protection domains. This role ensures end-to-end … security engineering across all technology environments, including cloud, on-prem, and hybrid systems. The leader will drive strategic planning, execution, and operations of scalable, automated, and resilient security controls that protect BCG's global operations and users, while enabling innovation and agility across BCG Core, BCG X, and CT worldwide. This role is also accountable for embedding security within DevSecOps practices, enforcing automation at scale, and applying Site Reliability Engineering (SRE) principles across all security services. The role requires strong partnership with ISRM, with a focus on balancing and prioritizing security requirements, automation opportunities, user experience needs, and broader business outcomes. Key Responsibilities: Strategic Leadership & Transformation: Define and execute a unified security engineering strategy More ❯

The Global Delivery Director - Secure Data is a critical leadership role that enables the secure foundation of BCG's digital operations globally. By driving scalable, automated, and user-focused security engineering-and by embedding security into modern engineering and operational practices-this role ensures BCG can innovate securely while maintaining trust, compliance, and operational excellence. The Global Delivery … Director - Secure Data is responsible for leading the design, delivery, and continuous evolution of BCG's data security strategy and controls. This role ensures that BCG's most sensitive data is protected globally through secure-by-design engineering, automation at scale, and resilient security platforms. The Director will drive strategic planning, execution, and operations of scalable, automated, and … resilient security solutions that safeguard BCG's global operations and users, while enabling innovation and agility across BCG Core, BCG X, and CT worldwide. This role is accountable for embedding security within DevSecOps practices, applying Site Reliability Engineering (SRE) principles across all security services, and aligning with privacy, compliance, and business leaders to maintain trust and regulatory More ❯

I am currently working with a Charity who are seeking a Head of Information Security and Compliance. You will join an ambitious, focused and dynamic team who are passionate about how technology can enable our staff to deliver incredible support to the armed forces community. Role Purpose: The Information Security and Compliance Manager is responsible for developing, implementing … and maintaining security policies, procedures, and controls to protect the data and systems. They will play a pivotal role in the management and containment of security incidents, ensuring continuous improvement in their security posture while raising awareness for staff, volunteer and member communities. The post holder will lead on activities that assess, report and mitigate risk … practices and settings to include sensitivity labels, data retention policies and data loss protection policies Collaborate with the Head of Risk, DPO and VCISO to identify and manage information security risks and mitigating controls Lead the wider business areas to ensure security policies and procedures are embedded in all business processes. Take an active role in in the More ❯

I am currently working with a Charity who are seeking a Head of Information Security and Compliance. You will join an ambitious, focused and dynamic team who are passionate about how technology can enable our staff to deliver incredible support to the armed forces community. Role Purpose: The Information Security and Compliance Manager is responsible for developing, implementing … and maintaining security policies, procedures, and controls to protect the data and systems. They will play a pivotal role in the management and containment of security incidents, ensuring continuous improvement in their security posture while raising awareness for staff, volunteer and member communities. The post holder will lead on activities that assess, report and mitigate risk … practices and settings to include sensitivity labels, data retention policies and data loss protection policies Collaborate with the Head of Risk, DPO and VCISO to identify and manage information security risks and mitigating controls Lead the wider business areas to ensure security policies and procedures are embedded in all business processes. Take an active role in in the More ❯

safe and secure information space. Cloud SecOps Lead – Job Description We are looking for a Cloud SecOps Lead to guide and support a team of engineers in managing cloud security operations across partner environments. This role involves close collaboration with SOC teams, project stakeholders, and architecture groups to ensure a strong security posture and operational excellence. This … and is open only to UK Citizens or individuals with Indefinite Leave to Remain (ILR) who have resided continuously in the UK for the past five years, due to Security Clearance requirements. Key Responsibilities Lead investigations of security incidents raised by SIEM and CNAPP tooling. Drive improvements in cloud security posture using Microsoft Defender for Cloud. … Guide project teams on remediation steps and ensure alignment with security best practices. Support WebOps activities including deployment and configuration of SIEM and CNAPP tools. Oversee vulnerability management processes and ensure timely remediation. Manage and maintain LogicMonitor for cloud platform monitoring Create and update logicmodules Configure alert rules and escalation chains Manage ServiceNow integration for incident handling Build and More ❯

Application Security Lead Entertainment UK Hybrid/Remote Job description This role works closely with development teams to verify our partners applications satisfy the defined security criteria, supporting the organization on the security design and conducting reviews of applications, while improving automation. Primary Responsibilities: Provide technical leadership and guidance on application security best practices, methodologies, and … technologies. The ideal candidate will serve as a trusted advisor to development teams, architects, and stakeholders across our clients organisation. Design and review security architectures for applications, ensuring the implementation of effective security controls and countermeasures. Conduct threat modelling exercises to identify potential security risks and vulnerabilities early in the development lifecycle. Conduct in-depth security assessments, code reviews, and penetration testing of applications to identify and mitigate security vulnerabilities. Utilise industry-standard tools and methodologies to assess the security posture of applications and provide actionable recommendations for remediation Essential At least three years experience in a similar senior Information Security position Customer-oriented person, with the ability to educate and More ❯

or looking to be part of something that truly matters, Ipsotek is where your ideas and impact can thrive. Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting … as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . You will also liaise directly with the Eviden COO to align Ipsotek’s security strategy with broader group-level initiatives and priorities. This role requires close collaboration with development , project operations , presales , and client-facing teams … ensuring security is embedded across the lifecycle of our solutions. It also includes client trust and onboarding activities , helping build and maintain confidence in Ipsotek’s information protection practices. Key Responsibilities Security Strategy & Governance Define and implement Ipsotek’s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence More ❯

or looking to be part of something that truly matters, Ipsotek is where your ideas and impact can thrive. Role Overview Ipsotek is seeking a strategic and hands-on Security Lead to own and evolve our security posture across the business. This pivotal role will oversee security strategy , vulnerability management , and security operations (SecOps) , acting … as the primary point of contact for all security-related matters within Ipsotek and externally with the Eviden Centre of Excellence . You will also liaise directly with the Eviden COO to align Ipsotek’s security strategy with broader group-level initiatives and priorities. This role requires close collaboration with development , project operations , presales , and client-facing teams … ensuring security is embedded across the lifecycle of our solutions. It also includes client trust and onboarding activities , helping build and maintain confidence in Ipsotek’s information protection practices. Key Responsibilities Security Strategy & Governance Define and implement Ipsotek’s security strategy aligned with business and regulatory requirements. Liaise with the Eviden COO and Eviden Centre of Excellence More ❯

Position: Security Lead/Security Architect Type: Permanent Location: London 2 days p/week; 3 days remote Salary: £84K - £94K DOE Looking for your next step in security leadership? This is a great opportunity for an experienced security professional to take ownership of an organisation's technology security strategy - driving best practice, influencing culture … and embedding security at the heart of delivery. The Role As the Security Lead/Security Architect, you'll be the go-to person for all things security across global engineering teams. You'll shape strategy, improve governance, and guide technical teams to build secure, resilient systems. This role blends hands-on technical insight with strategic … influence - perfect for someone who enjoys both detail and direction. What You'll Be Doing Lead the organisation's security posture across technology and engineering. Set and deliver security strategy and best practice frameworks (ISO 27001, NIST, AWS Well-Architected). Oversee incident response, risk assessments, and vulnerability management. Drive a positive security culture across technical More ❯

architectures including firewalls intrusion detection prevention systems and encryption technologies Adhere to enterprise governance review processes to deliver project goals deliverables Follow enterprise ITSM CMDB processes Monitor and analyze security s using Security Information and Event Management SIEM tools and respond to security incidents in a timely and effective manner Collaborate with cross functional teams to develop … and enforce identity and access management IAM policies and network access control NAC solutions Stay abreast of the latest security threats industry trends and best practices to proactively enhance the organization's network security posture Ensure compliance with relevant security regulations and standards and assist in audit processes as needed Conduct regular security assessments including … penetration testing and vulnerability assessments to identify and remediate potential security risks ESSENTIAL EXPERIENCE 12 years of Proven experience in network security with a strong understanding of network security fundamentals encryption technologies and secure network design principles Zscaler Private Access Internet Access Experience in design and delivery of Zero Trust Network Access in ITOT environments Proficiency in More ❯

Software Engineer - Security Product Engineering Job ID: R19464 Location: London - The River Building HQ Type: Permanent Ready to apply? Get started with your online application. Not quite your dream role? Sign up to get notified when the right vacancy comes along. Why Deliveroo Our mission is to transform the way you shop and eat, bringing the neighbourhood to your … of a rapidly expanding industry. As a small team making a large impact, we value autonomy, ownership, and new ideas. We are looking for a Software Engineer within the Security Product Engineering team to design, develop, and support security products, including custom access tooling (PAM), authentication solutions supporting millions of users, and more. Reporting to the Head of … Security Architecture & Engineering, this hands-on role will influence the security posture across the company, ensuring security is integrated into all projects. What you'll do: Work with cloud platforms (AWS, Azure, GCP), CI/CD pipelines, containerisation (Docker, Kubernetes), and infrastructure-as-code. Design, develop, and implement scalable, reliable, and maintainable software systems, features, and More ❯

Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development We are seeking a highly experienced Head of Cyber Security to lead the delivery of a best-in-class security posture within a large, complex … service users, and wider stakeholders from cyber risk. Protecting critical health services from evolving threats is a top priority, and this role plays a central part in ensuring robust security measures are in place. Reporting directly to the Director of Digital Services, the Head of Cyber Security will be a core member of the senior digital leadership team. … You will oversee the development, implementation and governance of information security across the organisation, spanning infrastructure, applications, medical devices, communications, and policy frameworks. Key Duties & Responsibilities Lead the development and delivery of a comprehensive cyber security strategy across both corporate and clinical areas. Oversee the organisation's information security portfolio, including compliance frameworks, risk assessments, and threat More ❯

Role/Job Title: DevSecOps Pentester Work Location: London (2 - 3days) The Role Conducts security assessments and penetration tests across CI/CD pipelines, cloud infrastructure, and application environments. Integrates automated security tools and practices within DevOps workflows to ensure continuous security validation. Identifies and exploits vulnerabilities in code, containers, APIs, and infrastructure-as-code before they … reach production. Collaborates with development, security, and operations teams to implement remediation and improve security posture. Stays current with threat landscapes, tools, and methodologies to proactively defend against evolving cyber risks in general and more specific to an airline industry, transportation sector. Your Responsibilities Integrate security practices and tools into the DevOps pipeline to ensure security is a continuous process. Perform IaC Automation and ServiceNow integrations to automate AWS Service catalogues. Contribute to security tooling, checklists, and automation efforts. Identify potential security threats and vulnerabilities during the design phase identify flaws in CI/CD, IaC, and cloud/containerized environments. Perform manual and automated security testing on web apps, APIs, pipelines. More ❯

Overview At Vanta, our mission is to help businesses earn and prove trust. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without … it. As Vanta's Customer Success Manager you will play a pivotal role in guiding some of our largest customers through their security and compliance journeys with Vanta's specialised solutions. By combining your customer-centric approach with expertise in Vanta's products and security best practices, you contribute to the overall success and satisfaction of Vanta's … customers in achieving robust security and compliance outcomes. Vanta's success over the last year was exponential and we are now working to solve the problem of how to provide world-class customer experience to as many security-minded software companies as possible. As Vanta's Customer Success Manager, you will be the voice of Vanta, responsible for More ❯

Cyber Security Engineer CyberSec Engineer/IT Security Specialist – Disaster Recovery, Resilience Testing, CyberSec Improvements, Vulnerability Scanning/Management, Infrastructure, Nutanix, Commvault, VMware, Azure, PowerShell, Python; Law Firm, Permanent, London/Hybrid (3/2). £80k - £95k (On Experience) +Bonus +Benefits Global Low Firm seeks experienced Cyber Security Engineer/IT Security Specialist to join … the IT Infrastructure Engineering Team and play a key role in the strengthening of the IT security position and critically ensuring that Disaster Recovery, failover, and operational resilience capabilities are effective and continually improved through ongoing testing and (re)engineering. This is a hands-on, process-driven role where you will ensure that disaster recovery (DR), failover, and operational … resilience capabilities are robust, tested, reviewed, and continuously improved. You’ll play a critical part in safeguarding business continuity and strengthening our cyber security posture, working closely with infrastructure, security, and business continuity teams. As such the CyberSec Engineer/IT Security Specialist will: Lead the planning, orchestration, and execution of DR and resilience testing Perform More ❯

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant … exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with … certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international More ❯

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant … exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with … certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international More ❯

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant … exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with … certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international More ❯

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant … exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with … certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international More ❯

Senior Application Security Engineer | Permanent | UK (Hybrid - a few times per month) | £84k We're working with a forward-thinking professional services firm on a key hire to embed security into every part of their digital product journey. They're looking for a Senior Application Security Engineer to drive secure-by-design principles across new and evolving … applications and act as a Subject Matter Expert for software security across the business. This is a high-impact role in a collaborative, ambitious, and people-focused IT team. You'll play a hands-on role, shaping security culture, guiding engineering teams, and ensuring that security is integrated into every stage of the software development lifecycle. What … you'll be doing: Leading the cultural shift towards secure software development across product teams Defining and implementing the software security strategy in line with business goals Collaborating with developers to automate security testing and embed security requirements into the SDLC Supporting penetration testing, vulnerability management, and remediation efforts Acting as a software security SME, advising More ❯

Senior Application Security Engineer | Permanent | UK (Hybrid - a few times per month) | £84k We're working with a forward-thinking professional services firm on a key hire to embed security into every part of their digital product journey. They're looking for a Senior Application Security Engineer to drive secure-by-design principles across new and evolving … applications and act as a Subject Matter Expert for software security across the business. This is a high-impact role in a collaborative, ambitious, and people-focused IT team. You'll play a hands-on role, shaping security culture, guiding engineering teams, and ensuring that security is integrated into every stage of the software development lifecycle. What … you'll be doing: Leading the cultural shift towards secure software development across product teams Defining and implementing the software security strategy in line with business goals Collaborating with developers to automate security testing and embed security requirements into the SDLC Supporting penetration testing, vulnerability management, and remediation efforts Acting as a software security SME, advising More ❯

the impregnability of the clients critical digital assets. This includes securing public-facing portals, safeguarding the vital infrastructure links between Aramco and Saudi government projects, and developing a proactive security posture that anticipates future threats. You are not just a manager; you are a player-coach and a strategic thinker. We are looking for someone currently in a … Responsibilities: Practice Leadership: Define the strategic vision, methodologies, and service offerings for our cybersecurity vertical. Hands-On Technical Delivery: Lead the architecture, design, and hands-on implementation of robust security solutions for critical systems. This includes application security, network security, and infrastructure hardening. Client Liaison: Act as a trusted security advisor to our key stakeholders at … compliance, including those specific to the Kingdom of Saudi Arabia (KSA) and critical national infrastructure. Team Building: Be prepared to recruit, mentor, and lead a team of top-tier security engineers as the practice expands. Who You Are: You have 8+ years of experience in cybersecurity, with at least 2+ years in a Team Lead or Manager capacity. You More ❯