26 to 50 of 59 Information Security Governance Jobs in the UK

Join to apply for the Information Technology Consultant role at Virgin Atlantic . This role is responsible for supporting the governance of information security, ensuring that an appropriate risk, policy, and reporting framework is managed to enable Virgin Atlantic Airways to use information safely and in compliance with regulation. It involves supporting the identification, management … and documentation of requirements impacting the risk, policy, and reporting framework, as well as communicating governance matters with internal and external groups such as Internal Audit, Technology Leadership Team, Safety & Security, Virgin Group, or CPNI. The role ensures robust identification, management, and mitigation of information and cybersecurity risks across Virgin Atlantic’s operations. With an emphasis on … risk management activities, third-party supply chain security, and the assurance of policy, control, and compliance effectiveness, you’ll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: ISO/IEC 27001:2022 NIST Cybersecurity Framework PCI-DSS 4.0.1 UK GDPR, NIS2 Directive, CAP1753, and related sector obligations This makes More ❯

IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

the City of London is seeking a Senior IT GRC Analyst to join its dynamic team. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance (GRC) frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key … Responsibilities: Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the … second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: 3-5+ years of experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT security More ❯

application button which will direct you to our careers site. If you require any adjustments to assist you in applying, please contact careers@thenottingham.comWe are looking for a proactive Information Security Risk Analyst to join our dynamic Information Security Team. In this role, you will play a crucial part in strengthening our governance, risk, and … compliance initiatives related to information security. Your efforts will help ensure our organisation meets regulatory standards, effectively manages security risks, and maintains a robust security posture to safeguard our customers and sensitive data. We welcome candidates from all backgrounds to apply and contribute to our diverse and inclusive team.Here’s a taste of what you will be … doing as a Risk Analyst at Nottingham Building Society: - Framework Development: Develop and maintain the organisation’s information security governance, risk, and compliance framework. Risk Assessments: Conduct risk assessments to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR, ISO 27001, CQuest, SOC 2, and FCA More ❯

tasks are the following: Providing counsel on all aspects of cybersecurity incident prevention and response, including customer and regulatory notifications, contractual obligations, and legal risk mitigation, to cyber and information security stakeholders. Advising business stakeholders on regulatory inquiries regarding cyber and information security issues and/or events. Instructing Citi’s Cybersecurity Fusion Center and Citi … s business lines on legal risks associated with various components of Citi’s cyber and information security program, including matters involving incident response strategies, incident investigations, and regulatory compliance. Tracking existing and proposed cybersecurity rules and regulations (such as DORA and the EU Cyber Resilience Act) and advising on legal interpretations in order to inform a compliance strategy. … and initiatives to provide legal risk mitigation advice. Drafting cybersecurity presentations, exercises, and trainings, as well as presenting and participating as needed. Counseling on the development and implementation of information security governance. Updating cybersecurity policies, playbooks, and procedures. What we’ll need from you We are looking for an attorney who has experience advising clients on cybersecurity issues More ❯

Head of Information Security Department: IT Operations Employment Type: Permanent - Full Time Location: London Reporting To: Kirsty Kelly Description As Head of Information Security, you will report directly into the Group CISO, and be responsible for leading and managing key pillars of our security programme, with a primary focus on Third-Party Security Risk … Management, Data Loss Prevention (DLP), Policy Governance, Security Training & Awareness, and Identity & Access Management (IAM). You will work closely with the Group CISO to ensure consistent high standards in your areas of responsibility and ensure global adherence to security practices. The ideal candidate will have deep knowledge of regulatory frameworks such as NYDFS Cybersecurity Regulation, GDPR … and other European and Australian data protection laws, and will bring a proactive, risk-based approach to the governance and operationalisation of security controls. About the role Within this role, you will act as a member of the CISO’s leadership team, contributing to security strategy, budgeting, and cross-functional planning. This involves supporting the CISO to More ❯

Senior Security Compliance Specialist, Payments Security Compliance In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number … of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge … and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customer’s Trust in Amazon by providing secure More ❯

are maintained Supervises a team of specialists Delivers risk management services to Hitachi Energy in cooperation with the team Works closely with stakeholders to prioritize, create reporting, and oversee security findings Improves management of security risks/issues and helps identify areas of risk Reports on the services and their continuous improvement Background: 8+ years of experience in … IT/Information Security Governance in large, global organizations (consulting, audit, or industry/operations) Experience in planning and operating security risk/issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, etc. … required Experience in service build-up is a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC, etc.) is a plus Qualified individuals with a disability may request a reasonable accommodation if you are unable or limited in your ability to use or access the Hitachi Energy career site due to your disability. You may request More ❯

procedures Supervises a team of specialists, Deliver risk management services to Hitachi Energy in cooperation with the te Work closely with the stakeholders to prioritize, create reporting, and oversee security findings. Improve management of security risks/issues and help identify areas of risk Reporting on the services, and their continuous improvement. Background: 8+ years of experience in … IT/Information Security Governance in large, global organizations (consulting, audit or industry/operations Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required … Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC ) is a plus Qualified individuals with a disability may request a reasonable accommodation if you are unable or limited in your ability to use or access the Hitachi Energy career site as a result of your disability. You may request reasonable More ❯

the area Supervise a team of specialists Deliver risk management services to Hitachi Energy in cooperation with the team Work closely with stakeholders to prioritize, create reports, and oversee security findings Improve management of security risks/issues and help identify areas of risk Report on the services and their continuous improvement Background: 8+ years of experience in … IT/Information Security Governance in large, global organizations (consulting, audit, or industry/operations) Experience in planning and operating security risk/issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, etc.) Experience … in service build-up is a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC, etc.) is a plus Hitachi Energy is a global technology leader advancing a sustainable energy future for all. We serve customers in utility, industry, and infrastructure sectors with innovative solutions and services across the value chain. We pioneer technologies and enable More ❯

exclusive features. This range is provided by itecopeople. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range Governance, Risk and Compliance Manager. (GRC Manager) About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks for IT Services. You will define risk and governance processes, including how process owners are identified and the activities to ensure that the process is governed effectively, to ensure that IT systems and information assets are adequately protected. You will be responsible for identifying, evaluating and reporting on governance and compliance risks and … regulatory and legal requirements. The GRC Manager works proactively with the various departments, business units and suppliers to implement practices that meet the clients defined policies and standards for information risk management, governance and compliance. About You: You will have a significant level of specialist expertise in IT Governance, Risk and Compliance, with proven responsibility for, and More ❯

Head of Information Security Department: IT Operations Employment Type: Permanent - Full Time Location: London Reporting To: Kirsty Kelly Description As Head of Information Security, you will report directly into the Group CISO, and be responsible for leading and managing key pillars of our security programme, with a primary focus on Third-Party Security Risk … Management, Data Loss Prevention (DLP), Policy Governance, Security Training & Awareness, and Identity & Access Management (IAM). You will work closely with the Group CISO to ensure high standards in your areas of responsibility and global adherence to security practices. The ideal candidate will have deep knowledge of regulatory frameworks such as NYDFS Cybersecurity Regulation, GDPR, and other … European and Australian data protection laws, bringing a proactive, risk-based approach to security governance and controls operationalization. About the role This role involves acting as a member of the CISO's leadership team, contributing to security strategy, budgeting, and cross-functional planning. Key responsibilities include: Managing cyber incidents and supporting the CISO team in global coordination. More ❯

Senior Security & Compliance Specialist, Payments Security Compliance Job ID: Amazon Development Centre (London) Limited In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to … be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward … thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customer More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and be responsible for managing a small in-house team that plans, schedules, monitors, and reports on activities related to information and cyber security. The role … will collaborate with Information Technology, Group Risk and Compliance, HR, Facilities, and third parties. Key Responsibilities & Accountabilities: Support the Global CISO in maintaining and implementing the cyber security strategy Take overall responsibility for information security risk and compliance Manage the BMS Information Security Control Framework Develop and maintain the Information Security governance and oversight target operating model Create policies and supporting governance materials Own the Information Security Risk management processes Identify information security threats and coordinate with technical teams to understand BMS exposure Provide specialist Information Security input to IT and business operations Ensure information security initiatives are current and security More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Client: BMS Group Location: London (City of London), United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 16.06.2025 Expiry Date: 31.07.2025 Job Description: Summary of Position: This position reports directly to the global CISO and manages a small in-house … team responsible for planning, scheduling, monitoring, and reporting on information/cyber security activities. The role collaborates with IT, Group Risk and Compliance, HR, Facilities, and third parties. Key Responsibilities & Accountabilities: Support the Global CISO in maintaining and executing the cyber security strategy. Take overall responsibility for information security risk and compliance. Manage the BMS … Information Security Control Framework. Develop and maintain the Information Security governance and oversight target operating model. Create policies and governance materials. Own the Information Security Risk management processes. Identify security threats and collaborate with technical teams on exposure. Provide security expertise to IT and business operations. Ensure security initiatives More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and also be responsible for managing a small in-house team who plan, schedule, monitor and report on activities relating to information/cyber security. The … role will work in collaboration with Information Technology, Group Risk and Compliance, HR, Facilities and a number of third parties. Key Responsibilities & Accountabilities: Support the Global CISO in maintaining and realising the cyber security strategy Take overall responsibility of information security risk and compliance Assume responsibility for the BMS Information Security Control Framework Produce … and maintain a the Information Security governance and oversight target operating model Produce policies and supporting governance material Take ownership for the Information Security Risk management processes Identify information security threats and work with technical teams to understand BMS exposure Provide specialist Information Security input to IT and business operations More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and also be responsible for managing a small in-house team who plan, schedule, monitor and report on activities relating to information/cyber security. The … role will work in collaboration with Information Technology, Group Risk and Compliance, HR, Facilities and a number of third parties. Key Responsibilities & Accountabilities: Support the Global CISO in maintaining and realising the cyber security strategy Take overall responsibility of information security risk and compliance Assume responsibility for the BMS Information Security Control Framework Produce … and maintain a the Information Security governance and oversight target operating model Produce policies and supporting governance material Take ownership for the Information Security Risk management processes Identify information security threats and work with technical teams to understand BMS exposure Provide specialist Information Security input to IT and business operations More ❯

Oliver James has partnered with a industry leader who are currently looking for a GRC Analyst to join the team. Your role is to support the Information Security GRC Manager in understanding, evaluating, and communicating information security risks ensuring the security posture aligns with compliance and regulatory obligations. Improving and maintaining the information security governance and risk frameworks to ensure compliance with relevant standards and regulations. Experience Required: Proven experience in information security, risk, or governance. Solid understanding of key security frameworks and regulations like ISO 27001, NIST, and GDPR. Familiar with risk assessments, mitigation strategies, and creating action plans. Confident in writing reports and documentation such as audits … and ensuring compliance with standards like ISO 27001 and PCI-DSS. Strong communicator, able to work effectively with stakeholders at all levels. Key Responsibilities include: Identify, document, and communicate security risks, and help create strategies to manage them. Maintain and improve security governance and risk frameworks. Monitor compliance with security policies, standards, laws, and regulations. Coordinate More ❯

Governance, Risk and Compliance Manager. (GRC Manager) About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks for IT Services. You will define risk and governance processes, including how process owners are identified and the activities to ensure that the process … is governed effectively, to ensure that IT systems and information assets are adequately protected. You will be responsible for identifying, evaluating and reporting on governance and compliance risks and issues in a manner that meets the clients regulatory and legal requirements. The GRC Manager works proactively with the various departments, business units and suppliers to implement practices that … meet the clients defined policies and standards for information risk management, governance and compliance. About You: You will have a significant level of specialist expertise in IT Governance, Risk and Compliance, with proven responsibility for, and experience of, executing a robust risk and governance process and frameworks in a complex environment. You will be successful at More ❯

Social network you want to login/join with: Governance, Risk and Compliance Manager. (GRC Manager) About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks for IT Services. You will define risk and governance processes, including how process owners are … identified and the activities to ensure that the process is governed effectively, to ensure that IT systems and information assets are adequately protected. You will be responsible for identifying, evaluating and reporting on governance and compliance risks and issues in a manner that meets the clients regulatory and legal requirements. The GRC Manager works proactively with the various … departments, business units and suppliers to implement practices that meet the clients defined policies and standards for information risk management, governance and compliance. About You: You will have a significant level of specialist expertise in IT Governance, Risk and Compliance, with proven responsibility for, and experience of, executing a robust risk and governance process and frameworks More ❯

Governance, Risk and Compliance Manager. (GRC Manager) About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks for IT Services. You will define risk and governance processes, including how process owners are identified and the activities to ensure that the process … is governed effectively, to ensure that IT systems and information assets are adequately protected. You will be responsible for identifying, evaluating and reporting on governance and compliance risks and issues in a manner that meets the clients regulatory and legal requirements. The GRC Manager works proactively with the various departments, business units and suppliers to implement practices that … meet the clients defined policies and standards for information risk management, governance and compliance. About You: You will have a significant level of specialist expertise in IT Governance, Risk and Compliance, with proven responsibility for, and experience of, executing a robust risk and governance process and frameworks in a complex environment. You will be successful at More ❯

Join Whitbread’s Information Security Team as a Senior Information Security Manager and help safeguard our customer and colleague data. Protecting nearly £2 billion in annual transactions and a workforce of around 40,000, this role offers a unique challenge in a dynamic environment. You’ll lead the development and implementation of information security … protect Whitbread’s Commercial platforms. Managing a team of five and serve as a trusted advisor to key stakeholders, enhancing the organisation's resilience against cyber threats. Role: Senior Information Security Manager Contract Type: Full-Time and Permanent Salary: Up to £100,000 per annum Location: Holborn, London and hybrid working with coming to the office a minimum … all our benefits here: https://www.whitbreadcareers.com/about-us/benefits/What you’ll be doing: You will lead a team to operate and support an information security Governance structure of the digital environment that provides oversight on key activities and facilitate the implementation of an agreed strategy into the Whitbread businesses. Drive Security More ❯

Direct message the job poster from SR2 | Socially Responsible Recruitment | Certified B Corporation The Go to OT Security Recruiter! Senior Recruitment Consultant @ SR2 | Socially Responsible Recruitment | Certified B Corporation. Join one of the UK’s leading energy providers as an Operational Technology Cyber Analyst, where you'll play a critical role in securing our nation’s infrastructure. You’ll … Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure alignment with IEC62443, NIS, CAF, OG86, and HSE regulations. Work collaboratively with IT, engineering, and security stakeholders to maintain compliance and operational resilience. Support the maintenance and development of the OT Security Operations Centre technology stack. Deliver technical assurance across the OT security ecosystem. Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause analysis. More ❯