1 to 25 of 38 Information Security Jobs in the Thames Valley

Software Security Engineer Department: Tech - Security Employment Type: Permanent - Full Time Location: Oxford, UK Reporting To: Head of Information Security Description Are you ready to raise the bar on cyber security and contribute to making our flagship products cyber resilient? We are looking for a Security Engineer to join our Information Security team at our Oxford headquarters. You will be working across software engineering, modelling, and data science bringing your full self, including your security knowledge and expertise to the business. As a Security Engineer at Aurora Energy Research, you will enable our colleagues to improve our secure software development lifecycle, ensure secure operational practices, and support compliance. You … on getting smart ideas into the hands of your colleagues. You enjoy working simultaneously on various initiatives and moving between teams. You will become part of a top-notch information security team who love solving difficult problems. By joining our Information Security team, you will be part of something big and meaningful: help protect our brand More ❯

Oxford or Glasgow, if preferred. Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow … professionally. Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development,be joining a company that prioritizes both your growth and the safety of our clients. We're in an exciting phase of expansion and are looking for self-motivated … you require accommodations during the application process, let us know, and we'll work to meet your needs. As a Senior AI Governance Consultant within our highly skilled Cyber Security Team, you will be at the forefront of our new and exciting AI governance service. This will involve advising clients on developing and implementing robust AI governance frameworks, conducting More ❯

the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team. This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head … of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk … Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support More ❯

Job summary We are seeking an Information Governance & Cyber Security Manager to lead the second line of defence across Information Governance, Cyber Security, Quality, and Digital Clinical Safety. In this role, you will oversee the operational delivery of InHealths management systems, ensuring compliance, accountability, and consistency across the business. You will provide strong leadership, manage a … governance priorities that protect our patients, staff, and services. This is a pivotal position for someone who is enthusiastic, motivated, and passionate about embedding high standards of quality and security across a healthcare organisation. This is a full-time permanent role, working remotely. There will be travel to InHealth sites as part of the role. Main duties of the … job Information Governance: Oversee policy frameworks, DPIAs, DSAs, and regulatory compliance, and lead the Data Security Protection Toolkit return. Cyber Security: Manage security policies, lead ISO 27001 certification, embed data security practices, and oversee incident response. Digital Clinical Safety: Maintain digital clinical safety policies (DCB0129/0160), ensure training compliance, and support safety case documentation. More ❯

different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and manufacturing site teams. You will review, manage and … where required prepare responses to internal and external customer enquiries in relation to information and cyber security arrangements. You will support IT, procurement, legal, data protection and digital security and business stakeholder in relation to supplier information and cyber security due diligence and requirements. As the successful candidate you will also lead risk-based party … security assurance, management, and continuous improvement activities. In addition, facilitate and coordinate IT risk management risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T More ❯

About the role Here at DS Smith, a multi-national sustainable packaging provider, we are looking for a Security Assurance Analyst to join our growing Security Team. The mission of the I&T Digital Security organisation is to deliver an efficient and effective service that has scalability and flexibility to support the demands of a FTSE … business.Supporting Head of Information Security Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and relevant security policies and best … practices.In this position you will provide assurance and guidance that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policies.Visibility and the ability to build close working relationships with Information & Technology (I&T) team members, business stakeholders as well as external partners is essential. This will require some More ❯

Our client, a leading global organization, is partnering with a prestigious end client based in Reading. Were excited to offer an outstanding opportunity for askilled Financial Services Security Architect to join a dynamic IT team . If you are interested and have the relevant skills and experience, please apply promptly to discuss further. Job Title: Financial Services Security Architect Location: Reading, UK (Hybrid 4 days onsite) Duration: 6 months Rate: £765 - 775 per day Inside IR35 We are seeking an exceptionally experienced Security Architect to join a high-profile programme within the financial services sector. This is a senior-level opportunity for a security leader with extensive experience designing and implementing enterprise-grade security architectures across complex, highly regulated environments. The role will focus heavily on cloud security, AI/ML security, regulatory compliance, and secure-by-design frameworks for critical systems. Why This Role? Shape and deliver the security architecture strategy for enterprise cloud and AI/ML programmes. Work on cutting-edge initiatives in the financial services domain More ❯

including research ethics and data sharing/licensing and/or service agreements involving personal data, liaising with the Head of IG and Moorfields General Counsel where appropriate. Manage information asset accession and information security reviews relating to research proposals, including Information risk assessments, data protection impact assessments for new and existing research systems/processes … and processes to identify gaps in current practice, and where required make recommendations. Work with the managers and principle investigators to ensure the maintenance of their entries to the information asset register. Develop and provide tailored IG training and guidance for research colleagues. Investigate and report on IG complaints and incidents in line with Trust policy as required, particularly … where they are linked to research. Coordinate, develop and review appropriate information-sharing protocols that provide clarity of purpose and enable streamlining of information disclosure routes. Ensure the Trust is compliant with legislative requirement for data sharing or licensing. Support research leadership with the production of IG related data and reports, including for Moorfields Research Management Committee, Research More ❯

IT Security Analyst Location: Hybrid - Buckinghamshire Salary: £50,000 - £55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a … global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to … customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage More ❯

IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a … global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to … customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage More ❯

AWS Cloud Security Engineer – Contract (Inside IR35) Hybrid 2/3 days from the London office We are seeking an experienced Cloud Security Engineer with a strong emphasis on AWS. This is a hands on role, the successful candidate will be responsible for designing, implementing, and maintaining secure cloud infrastructure, ensuring a robust security posture and supporting … our applications. Key Responsibilities: Design and implement secure AWS cloud infrastructure, focusing on system architecture, Identity and Access Management (IAM), encryption, data protection, and network security. Collaborate with the Information Security and application teams to drive cloud security initiatives and align with the broader security strategy. Enhance and secure CI/CD pipelines across multiple applications … by embedding secure coding and DevSecOps best practices. Develop automation tools and scripts to streamline security processes, monitor key security metrics, and support operational demands. Stay up to date with emerging threats, industry trends, and mitigation techniques to continually improve cloud security controls. Required Skills and Experience: Minimum 3 years in a DevSecOps capacity and 5+ years More ❯

Lead Cyber Security Engineer I’m working with a leading law firm that’s building out a brand-new Security Operations (SecOps) function and they’re looking for a Lead Cyber Security Engineer to help shape it from the ground up. This is a fantastic opportunity for someone who enjoys being both hands-on and strategic. You … ll not only be the technical lead on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role … Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email/web security, MFA, SSO, PAM, MDM/MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation efforts. Collaborating with external penetration testers and ensuring compliance with frameworks such as ISO More ❯

Cyber Security Engineer (DevSecOps) Automation/Cloud/Salesforce Rate: Circa £600/day (Outside IR35) Length: 12 months Location: Milton Keynes/Initially Hybrid (Flexibility) We're working with a well-known insurance company currently undergoing a company-wide transformation programme. As the organisation moves from on-premise to a cloud-based environment, the need for an improved … security posture is mission critical. As the Cyber Security … Engineer, you'll be focused primarily on hands-on engineering work, with some strategic responsibilities. You'll be joining a small but growing security team, reporting into the InfoSec Manager and Head of Technology. Your role will cover areas such as: Setting up a DevSecOps practice - embedding security within DevOps and automation processes. Embedding security into the More ❯

Cyber Security Engineer (DevSecOps) Automation/Cloud/Salesforce Rate: Circa 600/day (Outside IR35) Length: 12 months Location: Milton Keynes/Initially Hybrid (Flexibility) We're working with a well-known insurance company currently undergoing a company-wide transformation programme. As the organisation moves from on-premise to a cloud-based environment, the need for an improved … security posture is mission critical. As the Cyber Security … Engineer, you'll be focused primarily on hands-on engineering work, with some strategic responsibilities. You'll be joining a small but growing security team, reporting into the InfoSec Manager and Head of Technology. Your role will cover areas such as: Setting up a DevSecOps practice - embedding security within DevOps and automation processes. Embedding security into the More ❯

and proactive SaaS GRC Specialist to strengthen our Governance, Risk, and Compliance framework as we scale our SaaS operations. In this role, you will ensure that our business processes, security controls, and regulatory obligations are consistently met. You will work across multiple teams—security, legal, product, and operations—helping us maintain trust with customers and regulators while supporting … due diligence requests. Deliver GRC training and awareness sessions to employees across the business. Track regulatory changes and advise leadership on potential business impacts. Requirements Bachelor’s degree in Information Security, Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance … certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond GDPR (CCPA, UK-GDPR, HIPAA). Role Type Permanent or Contract London-based (Hybrid) or remote About Us Discover tailored data privacy More ❯

office. Purpose of the Role Primark Technology is on a transformation journey supporting the business strategy which includes modernising our operating model as well as technology architecture and Cyber Security and Risk posture. This role is key in building and improving Primark's Cyber Security posture. Duties & Responsibilities Actively progress and improve Primark's cyber security posture … and Agile delivery methodology and development methods Certified with appropriate qualifications is desirable, 1. Structured Project Management : Prince/PMP 2. Agile certification, such as Scrum, SaFe, AgilePM 3. Information Security/Data Protection certification An appropriate degree, equivalent qualification or experience Desirable Be a passionate and visionary technologist able to inspire others to challenge and disrupt the … ways to translate that into business opportunities. Be able to take people along with you, empowering new ways of working and successfully executing on those opportunities. Have extensive cyber security delivery and programme/project management experience, Retail experience would be beneficial. Be technically strong across a range of IT disciplines and systems, including cloud and network security. Have More ❯

of a component handling team across a variety of platforms across core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record … and customer experience/turnaround. Assist in the management of any control issues identified via audits or other control issues. Essential Skills/Basic Qualifications: Experience in Cryptography/Information Security ITIL Foundation Batchelor Degree in Computer Science Strong stakeholder management, able to influence and negotiate at all levels Attention to detail and accuracy of work Experienced at … making informed decisions, against tight timescales Able to prioritise and manage multiple tasks concurrently Proficient in MS Office applications ? Desirable Skills/Preferred Qualifications: Experience in IT Security roles Knowledge of cryptography Industry relevant Security qualifications. Industry relevant Project Management qualifications. Experience in an Operational environment Operational documentation creation and maintenance. Deep understanding of change disciplines including change More ❯

of a component handling team across a variety of platforms across core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record … and customer experience/turnaround. Assist in the management of any control issues identified via audits or other control issues. Essential Skills/Basic Qualifications: Experience in Cryptography/Information Security ITIL Foundation Batchelor Degree in Computer Science Strong stakeholder management, able to influence and negotiate at all levels Attention to detail and accuracy of work Experienced at … making informed decisions, against tight timescales Able to prioritise and manage multiple tasks concurrently Proficient in MS Office applications ? Desirable Skills/Preferred Qualifications: Experience in IT Security roles Knowledge of cryptography Industry relevant Security qualifications. Industry relevant Project Management qualifications. Experience in an Operational environment Operational documentation creation and maintenance. Deep understanding of change disciplines including change More ❯

of a component handling team across a variety of platforms across core geographic locations globally. Management of Cryptographic infrastructure to include Out of Hours Support, production of monthly management information and risk statements. Adherence to Group IT Security Standards. Problem, Incident & Change Management including root cause identification. Procedure/process development. Project delivery. Cryptographic Hardware Management. Auditable Record … and customer experience/turnaround. Assist in the management of any control issues identified via audits or other control issues. Essential Skills/Basic Qualifications: Experience in Cryptography/Information Security ITIL Foundation Batchelor Degree in Computer Science Strong stakeholder management, able to influence and negotiate at all levels Attention to detail and accuracy of work Experienced at … making informed decisions, against tight timescales Able to prioritise and manage multiple tasks concurrently Proficient in MS Office applications ? Desirable Skills/Preferred Qualifications: Experience in IT Security roles Knowledge of cryptography Industry relevant Security qualifications. Industry relevant Project Management qualifications. Experience in an Operational environment Operational documentation creation and maintenance. Deep understanding of change disciplines including change More ❯

innovation, optimises our systems, and ensures smooth operations across The IN Group (TIG). We’re structured into five specialist areas: Infrastructure – keeping our tech ecosystem strong and reliable. Information Security – ensuring our security measures are always effective. Service Delivery – running the Service Desk and resolving IT support issues. Product Development – optimising and enhancing our product pipeline. More ❯

Who we are: ALTEN, an engineering and technology consultancy, We are a leading Engineering and IT consultancy operating across 30 countries, making waves in all sectors: Aeronautics, Space, Defence, Security and Naval, Automotive, Rail and Mobility, Energy and environment, Life Sciences and Health, Industrial Equipment and electronics, Telecoms, Banking, Finance & Insurance, Retail, Services & Medias, Public Services & Government. With a … UK entities, working closely with the Group Legal Corporate Department. Manage delegations of authority, signatures, and contracts for key personnel, ensuring governance standards are upheld. Support the Quality and Information Security teams with review of governing policies and procedures. Support Finance team with legal and compliance queries, including for audit purposes. Insurance & Compliance: Work with the Group Insurance … ALTEN’s insurance policies across the UK entities. Support the Group Compliance Department in the deployment of the anti-corruption program, data protection program, international trade sanctions, and national security programs. M&A Legal Support: Collaborate with the Group M&A team to provide legal support during mergers and acquisitions. Participate in legal due diligence for targets and manage More ❯

Our client is seeking a Cybersecurity Threat Handler to join the Engineering and Technology Information Security team. 3 days in office in London Salary is up to £80k base Responsibilities Acting as a hands-on expert and builder for cloud-based technologies, ensuring security, performance, operability, and scale. Assisting as an internal specialist, facilitating the implementation of … End technologies within technology and business teams. Building strong relationships with developers, technology teams, solution teams, and business application owners. Implementing and maintaining industry-standard protocols to strengthen our security measures. Developing and implementing innovative and differentiating cloud technologies. Collaborating and consulting with key technical experts, technology teams, and external industry groups to resolve complex technical issues and achieve … Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas such as IAM, KMS, and Network Infrastructure. Expertise in analyzing security events from Microsoft Windows endpoints with a deep understanding of operating system security. Experience More ❯

Identifying opportunities for process improvement and contributing to continuous service enhancement Supporting ITIL-aligned activities such as demand management, release planning, and service validation Assisting with initiatives relating to Information Security and governance where required You’ll be expected to bring both technical knowledge and a people-focused approach to stakeholder engagement, always aiming for clear communication and More ❯

troubleshooting network and server hardware issues; configuring personal computers and mobile devices, managing systems and software applications, resolving telecommunication and network communication issues (including WiFi). Ensuring that data Security, Privacy and Governance procedures and guidelines are up to date, implemented and monitored. Additionally, providing project support for new practices and solutions, in terms of installing adequate IT infrastructure. … Function Information technology Facility Head Office, Dunkeld Position Clinical Application Support Specialist Introduction A vacancy exists for a Clinical Application Support Specialist based at Head Office in Oxford Parks, reporting to Application Portfolio Manager for Renal, Oncology and Remote Foetal Monitoring. This is a hands-on operational position responsible for supporting all clinical systems and applications in the portfolio … troubleshooting network and server hardware issues; configuring personal computers and mobile devices, managing systems and software applications, resolving telecommunication and network communication issues (including WiFi). Ensuring that data Security, Privacy and Governance procedures and guidelines are up to date, implemented and monitored. Additionally, providing project support for new practices and solutions, in terms of installing adequate IT infrastructure. More ❯

Engineering and some Data Analytics experience, with expert knowledge in data technologies and data transformation solutions and tools. Strong analytical and problem-solving abilities. Good understanding of Quality and Information Security principles. Effective communication, ability to explain technical concepts to a range of audiences. Able to provide coaching and training to less experienced members of the team. Essential … skills: Programming Languages such as Spark, Java, Python, PySpark, Scala (minimum of 2). Extensive Data Engineering hands-on experience (coding, configuration, automation, delivery, monitoring, security). ETL Tools such as Azure Data Fabric (ADF) and Databricks or similar ones. Significant hands-on experience of HDFS/Hadoop and on-prem (coding, configuration, automation, delivery, monitoring, security). More ❯