25 of 25 Information Security Governance Jobs in the UK

Senior Information Security GRC Analyst Senior Information Security GRC Analyst Locations: London, United Kingdom; Manassas, United States Posted on: 4 Days Ago ABOUT US We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation … relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Are you passionate about security Governance, Risk and Compliance (GRC)? Do you thrive in a dynamic environment where your experience and your security expertise can shape the future of our organization? We … are looking for a GRC Specialist like you to join our growing Information Security Governance team. In this role, you will: Develop and implement robust GRC frameworks to ensure compliance with increasingly stringent industry regulations and standards. Lead the reporting and presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with More ❯

Are you currently working for an IT provider but ready to step into the world of dedicated Cyber Security? We have an exciting opportunity for an Information Security Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance … Team's service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security programs Contribute to significant projects that support clients' compliance and risk management goals If you're ready to make an impact in Cyber Security, this role is for you! Responsibilities: Ensure … protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team with scoping engagements and delivering valuable More ❯

Join to apply for the Head of Risk & Compliance role at DAZN Get AI-powered advice on this job and more exclusive features. Department: 61-543 - Technology Operations - Technology Governance Location: UK - Leeds Description Are you ready to take the challenge to educate all employees in a young and ambitious organisation about their role in making information security a core part of their modus operandi and conduct to appropriate behaviour change? DAZN is looking to hire an experienced Head of Risk & Compliance to join their Technology Governance team as a Fixed Term 14-month maternity cover role. Leading a team overseeing the global strategic implementation of DAZN's information security management system (ISMS), the … form the ISMS programme to ensure continued conformity with standards such as ISO27001 and PCI DSS. What you'll be doing: Leading the implementation and maintenance of DAZN’s information security management system (ISMS) in conformity with ISO27001. Managing and delivering annual workstreams for successful completion of audits against ISO27001 and PCI DSS. Providing subject matter expertise in More ❯

Information Security Manager | Full-time Onsite | Victoria, London | 3 Stage Process | £70,000 - £80,000 bonus We are working with a growing security intelligence business with operations in the UK, Ukraine and UAE. They work across national security, NGOs, government and charity organisations offering intelligence and security risk support in hostile environments. Due to expansion … and increased strategic focus, they are looking for an experienced Information Security Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in London, with an expectation of being onsite 5 days per week initially. … The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in information security governance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else) and broader More ❯

Information Security Manager | Full-time Onsite | Victoria, London | 3 Stage Process | £70,000 - £80,000 bonus We are working with a growing security intelligence business with operations in the UK, Ukraine and UAE. They work across national security, NGOs, government and charity organisations offering intelligence and security risk support in hostile environments. Due to expansion … and increased strategic focus, they are looking for an experienced Information Security Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in London, with an expectation of being onsite 5 days per week initially. … The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in information security governance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else) and broader More ❯

based asset managers and other wealth related businesses. Due to this Titan Wealth is expanding rapidly through strategic acquisitions, offering a unique combination of start-up energy and the security of private equity backing. It's an inspiring time to join the team! Looking for a self-starting highly motivated and detail-orientated Information Security Governance, Risk, and Compliance (GRC) Analyst to support the design, implementation, and ongoing improvement of our information security governance and risk management framework. This role is essential in ensuring the organisation proactively manages information security risk across its employees, technologies, vendors, and operations and adheres to the regulatory and security standards pertinent to financial … services while providing visibility to key stakeholders. Job Responsibilities Support the development, maintenance, and enforcement of information security policies, procedures, and standards Conduct risk assessments on technology systems, third-party vendors, and new services. Drive, monitor and track remediation efforts related to incidents, assurance internal audits, external audits, and security assessments Strong stakeholder management skills, working closely More ❯

IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

the City of London is seeking a Senior IT GRC Analyst to join its dynamic team. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance (GRC) frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key … Responsibilities: Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the … second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: 3-5+ years of experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

the application button which will direct you to our careers site. If you require any adjustments to assist you in applying, please contact We are looking for a proactive Information Security Risk Analyst to join our dynamic Information Security Team. In this role, you will play a crucial part in strengthening our governance, risk, and … compliance initiatives related to information security. Your efforts will help ensure our organisation meets regulatory standards, effectively manages security risks, and maintains a robust security posture to safeguard our customers and sensitive data. We welcome candidates from all backgrounds to apply and contribute to our diverse and inclusive team. Here’s a taste of what you will … be doing as a Risk Analyst at Nottingham Building Society: - Framework Development: Develop and maintain the organisation’s information security governance, risk, and compliance framework. Risk Assessments: Conduct risk assessments to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR, ISO 27001, CQuest, SOC 2, and More ❯

the application button which will direct you to our careers site. If you require any adjustments to assist you in applying, please contact We are looking for a proactive Information Security Risk Analyst to join our dynamic Information Security Team. In this role, you will play a crucial part in strengthening our governance, risk, and … compliance initiatives related to information security. Your efforts will help ensure our organisation meets regulatory standards, effectively manages security risks, and maintains a robust security posture to safeguard our customers and sensitive data. We welcome candidates from all backgrounds to apply and contribute to our diverse and inclusive team. Here’s a taste of what you will … be doing as a Risk Analyst at Nottingham Building Society: - Framework Development: Develop and maintain the organisation’s information security governance, risk, and compliance framework. Risk Assessments: Conduct risk assessments to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR, ISO 27001, CQuest, SOC 2, and More ❯

tasks are the following: Providing counsel on all aspects of cybersecurity incident prevention and response, including customer and regulatory notifications, contractual obligations, and legal risk mitigation, to cyber and information security stakeholders. Advising business stakeholders on regulatory inquiries regarding cyber and information security issues and/or events. Instructing Citi's Cybersecurity Fusion Center and Citi … s business lines on legal risks associated with various components of Citi's cyber and information security program, including matters involving incident response strategies, incident investigations, and regulatory compliance. Tracking existing and proposed cybersecurity rules and regulations (such as DORA and the EU Cyber Resilience Act) and advising on legal interpretations in order to inform a compliance strategy. … and initiatives to provide legal risk mitigation advice. Drafting cybersecurity presentations, exercises, and trainings, as well as presenting and participating as needed. Counseling on the development and implementation of information security governance. Updating cybersecurity policies, playbooks, and procedures. What we'll need from you We are looking for an attorney who has experience advising clients on cybersecurity issues More ❯

Overview: Our client is currently seeking an experienced Security Risk Analyst to join their team on a contract basis through the end of the year. This role sits inside IR35 and will require three days per week onsite at their Central London office. You ll play a key role in assessing and managing information security risks across … the business and IT landscape. Key Responsibilities: Conduct risk assessments across both IT and business units , ensuring compliance with internal security policies and relevant regulatory frameworks (eg, ISO 27001, NIST, FCA ). Collaborate with key stakeholders to gather and analyze technical security data for accurate risk evaluation and remediation. Work closely with Vulnerability Assessment & Penetration Testing (VAPT) , Threat … Intelligence , and Incident Response teams to understand technical risks and validate that appropriate controls are in place. Contribute to the ongoing improvement of Governance, Risk, and Compliance (GRC) practices by incorporating findings from technical assessments and adapting to emerging threat landscapes. Prepare clear and concise documentation and reporting for senior leadership, audit committees, and regulatory authorities. Support internal and More ❯

are maintained Supervises a team of specialists Delivers risk management services to Hitachi Energy in cooperation with the team Works closely with stakeholders to prioritize, create reporting, and oversee security findings Improves management of security risks/issues and helps identify areas of risk Reports on the services and their continuous improvement Background: 8+ years of experience in … IT/Information Security Governance in large, global organizations (consulting, audit, or industry/operations) Experience in planning and operating security risk/issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, etc. … required Experience in service build-up is a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC, etc.) is a plus Qualified individuals with a disability may request a reasonable accommodation if you are unable or limited in your ability to use or access the Hitachi Energy career site due to your disability. You may request More ❯

procedures Supervises a team of specialists, Deliver risk management services to Hitachi Energy in cooperation with the te Work closely with the stakeholders to prioritize, create reporting, and oversee security findings. Improve management of security risks/issues and help identify areas of risk Reporting on the services, and their continuous improvement. Background: 8+ years of experience in … IT/Information Security Governance in large, global organizations (consulting, audit or industry/operations Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required … Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC ) is a plus Qualified individuals with a disability may request a reasonable accommodation if you are unable or limited in your ability to use or access the Hitachi Energy career site as a result of your disability. You may request reasonable More ❯

and procedures. Supervise a team of specialists. Deliver risk management services to Hitachi Energy in cooperation with the team. Work closely with stakeholders to prioritize, create reporting, and oversee security findings. Improve management of security risks/issues and help identify areas of risk. Report on the services and their continuous improvement. Minimum requirements: 8+ years of experience … in IT/Information Security Governance in large, global organizations (consulting, audit, or industry/operations). Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar). Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001 … CobiT, etc.). Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC) is a plus. About Hitachi Energy: Hitachi Energy is a global technology leader advancing a sustainable energy future. We serve customers across utility, industry, and infrastructure sectors with innovative solutions and services. We are committed to digital transformation to accelerate the energy transition towards a More ❯

Senior Security & Compliance Specialist, Payments Security Compliance Job ID: Amazon Development Centre (London) Limited In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to … be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward … thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customer More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and also be responsible for managing a small in-house team who plan, schedule, monitor and report on activities relating to information/cyber security. The … role will work in collaboration with Information Technology, Group Risk and Compliance, HR, Facilities and a number of third parties. Key Responsibilities & Accountabilities: Support the Global CISO in maintaining and realising the cyber security strategy Take overall responsibility of information security risk and compliance Assume responsibility for the BMS Information Security Control Framework Produce … and maintain a the Information Security governance and oversight target operating model Produce policies and supporting governance material Take ownership for the Information Security Risk management processes Identify information security threats and work with technical teams to understand BMS exposure Provide specialist Information Security input to IT and business operations More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and also be responsible for managing a small in-house team who plan, schedule, monitor and report on activities relating to information/cyber security. The … role will work in collaboration with Information Technology, Group Risk and Compliance, HR, Facilities and a number of third parties. Key Responsibilities & Accountabilities: Support the Global CISO in maintaining and realising the cyber security strategy Take overall responsibility of information security risk and compliance Assume responsibility for the BMS Information Security Control Framework Produce … and maintain a the Information Security governance and oversight target operating model Produce policies and supporting governance material Take ownership for the Information Security Risk management processes Identify information security threats and work with technical teams to understand BMS exposure Provide specialist Information Security input to IT and business operations More ❯

Governance, Risk and Compliance Manager. (GRC Manager) About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks for IT Services. You will define risk and governance processes, including how process owners are identified and the activities to ensure that the process … is governed effectively, to ensure that IT systems and information assets are adequately protected. You will be responsible for identifying, evaluating and reporting on governance and compliance risks and issues in a manner that meets the clients regulatory and legal requirements. The GRC Manager works proactively with the various departments, business units and suppliers to implement practices that … meet the clients defined policies and standards for information risk management, governance and compliance. About You: You will have a significant level of specialist expertise in IT Governance, Risk and Compliance, with proven responsibility for, and experience of, executing a robust risk and governance process and frameworks in a complex environment. You will be successful at More ❯

tier global payments business . These roles are being offered to provide interim cover during a parental leave period and will help shape and enforce group-wide technology and information security standards across new business and acquisition areas. Contract Assignment Details: Location: London (Hybrid – 1–2 days onsite per week, flexible) Start Date: August 2025 (August start for … costs come out of your rate) Key Responsibilities: Act as the central policy and standards liaison across business programmes and senior stakeholders Develop, refine, and align internal technology/security policies and control standards Translate global regulatory requirements and frameworks into deployable technical policy Support M&A integration by embedding consistent policy and compliance expectations Maintain oversight of risk … registers and collaborate with third-party risk and legal teams Contribute to continuous improvement and automation of controls Background: Experience in technology risk, cyber security policy, or information security governance Familiarity with frameworks such as NIST, ISO 27001, DORA, and SOX Strong communication and stakeholder engagement skills Prior exposure to global financial services or payments firms More ❯

Job Title: Cybersecurity SME Work Location: Telford, Shropshire Department: Information Security & Risk Management Reports To: Chief Information Security Officer (CISO)/Head of Information Assurance, security, ensuring compliance with frameworks such as UK GDPR We at Coforge are hiring Cybersecurity SME with the following skillset: Job Summary: We are looking for a Cybersecurity SME … in the UK (based out of Telford, Shropshire) with a strong experience of – Data Protection, Application & Cloud Data Security Key Responsibilities: Information Security Governance & Compliance: • Develop and maintain security policies, standards, and procedures aligned with UK GDPR and other compliance. • Conduct risk assessments and support DPIAs for systems processing sensitive data (e.g., PII, PHI). … Ensure security controls are embedded across enterprise platforms including Pega CRM, contact center systems, and cloud data environments . Data Protection & DLP: • Design and implement DLP strategies across endpoints, cloud storage, and enterprise applications. • Enforce data classification, encryption, and access control policies for regulated data. • Collaborate with stakeholders to ensure compliance with data protection regulations and privacy-by-design More ❯

Job title: Graduate Digital Intelligence Security Consultant Location: London We offer a range of hybrid and flexible working arrangements, however for this role you will be expected to attend your BAE Systems base location (or our customer sites) 3-5 days per week. Salary: £34,000 + £2,000 Welcome Bonus What you’ll be doing: Security Consultants … help our customers understand & manager their cyber risk, secure their business and improve their security operations. We are the people they trust to defend, or recover, from cyber attack through technical services, assurance and support. Responsibilities might include support to: The investigation of security breaches and incidents Information security governance and management Development & review of … security policies and processes Security maturity and compliance activities Application and system-level risk assessments Delivery of security improvement, remediation and hardening programmes Research into cyber threats and strategies to defend from them. Analysis of security technologies and development of innovative solutions Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share More ❯

Job title: Graduate Digital Intelligence Security Consultant Location: Frimley We offer a range of hybrid and flexible working arrangements, however for this role you will be expected to attend your BAE Systems base location (or our customer sites) 3-5 days per week. Salary: £34,000 + £2,000 Welcome Bonus What you’ll be doing: Security Consultants … help our customers understand & manager their cyber risk, secure their business and improve their security operations. We are the people they trust to defend, or recover, from cyber attack through technical services, assurance and support. Responsibilities might include support to: The investigation of security breaches and incidents Information security governance and management Development & review of … security policies and processes Security maturity and compliance activities Application and system-level risk assessments Delivery of security improvement, remediation and hardening programmes Research into cyber threats and strategies to defend from them. Analysis of security technologies and development of innovative solutions Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share More ❯

Job title: Graduate Digital Intelligence Security Consultant Location: Frimley We offer a range of hybrid and flexible working arrangements, however for this role you will be expected to attend your BAE Systems base location (or our customer sites) 3-5 days per week. Salary: £34,000 + £2,000 Welcome Bonus What you’ll be doing: Security Consultants … help our customers understand & manager their cyber risk, secure their business and improve their security operations. We are the people they trust to defend, or recover, from cyber attack through technical services, assurance and support. Responsibilities might include support to: The investigation of security breaches and incidents Information security governance and management Development & review of … security policies and processes Security maturity and compliance activities Application and system-level risk assessments Delivery of security improvement, remediation and hardening programmes Research into cyber threats and strategies to defend from them. Analysis of security technologies and development of innovative solutions Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share More ❯