26 to 50 of 94 Information Security Management Jobs in the UK

be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) - SIO Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The CISO Function consists of four teams, these are … CISO Portfolio Office, Secure (by Design), Security Assurance, and Security Governance, Risk & Compliance (GRC). The post of Cyber Security Lead - Security Assurance has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 30% per annum. … Please be aware that RRP is non-contractual and subject to review. Main duties of the job This role is part of the Security Assurance team, which acts as a second line of defence and provides evidence-based confidence in the effectiveness of NHS England's cyber security controls, processes, and systems. It supports informed assurance by: Evaluating More ❯

Frankfurt am Main, Hesse, Germany; London, England, United Kingdom This is a hybrid role and can be based in London or Frankfurt. The Role As a Senior IT Security Analyst at euNetworks, you will play a key role in protecting the organisation against information security threats by implementing and maintaining both technical and organisational safeguards. Working closely … with the Information Security Steering Team and as part of the broader IT function, you will be instrumental indriving forward our security posture. What will you be doing? Administer and maintain the Security Information and Event Management (SIEM) system and other IT security platforms. Review and evaluate security aspects of IT projects … identifying risks and ensuring appropriate controls are implemented. Investigate and respond to security incidents and queries, coordinating with relevant teams. Continuously monitor IT infrastructure for vulnerabilities, anomalies, and other potential security issues. Plan and coordinate external penetration tests to identify and address security weaknesses. Compile and deliver regular reports (monthly and quarterly) on the organisation's security More ❯

We are seeking an experienced Information Security Consultant with a distinguished background in cyber security, governance, and risk management. As an Information Security Consultant , you will play a pivotal role in helping our clients navigate the complex landscape of cyber threats and risks. Your responsibilities will include implementing robust security controls, ensuring compliance with … industry standards and regulations, and assisting clients in enhancing their overall information security posture. In this role, you will: Develop and implement cyber security strategies and roadmaps tailored to our clients' specific needs. Be part of continuous development regarding ISMS and GRC contributing to Nixu way of working and offerings. Contribute to achieving ISO 27001/… certification, differentiating our clients from their competitors. Conduct thorough security and data privacy risk assessments. Conduct Vendor risk assessments and audits. Implement security controls and promote security awareness across diverse organizations. Create operational guidance for the compliant implementation of third-party services and evaluate associated risks. Location: Espoo, Finland Posting Deadline: 20/04/2025 Be More ❯

Company description: Water Utility Company based in Yorkshire region of England. Job description: Information Governance Assistant Hello! Thanks for stopping by. Let us tell you about all the great reasons to join us here at Yorkshire Water: We offer a competitive salary, depending on experience £32,228 - £40,284 Annual incentive related bonus (£1000 maximum bonus opportunity for the … performance year) Attractive pension scheme (up to 12% company contribution) Development opportunities in line with the Information Governance Assistant progression plan 25 days annual leave plus bank holidays plus an extra wellness day! Life assurance cover of 4 times pensionable salary A great benefits package choose from health cash plan scheme, critical illness insurance, dental insurance, life assurance flex … many more! Location: Buttershaw/Hybrid Working (2 days office a week Bradford) Work type: Permanent. 37 hours per week, Monday Friday We have an exciting opportunity for a Information Governance Assistant to join the Data Protection team at Yorkshire Water and be a part of helping Yorkshire Water to provide the best service to our customers. Could this More ❯

Job summary NHS England's Chief Information Security Office (CISO) Function's purpose is to enable safe care and build public trust by strengthening the cyber resilience of the NHS. The CISO supports the Transformation Directorate's purpose of delivering the best care and outcomes for patients, and enables faster, safer digital transformation of the NHS. As part … of the CISO Function the Senior Cyber Security Advisor sit in the Secure Consulting Team who provide specialist cyber security consultancy services to NHS England's Critical National Infrastructure and major national services, ensuring these services and digital programmes are Secure by Design. Senior Cyber Security Advisors ensure NHS England's systems operate from a cyber resilient … architecture. They provide detailed cyber guidance to programme delivery teams, including architecture, software engineering and infrastructure, supporting the management of cyber risk. This is an exciting opportunity to help deliver cyber resilient systems for the NHS. You'll be given the support and autonomy to use your skills, knowledge, and experience, to make a real impact on improving people More ❯

Job Title: Information Security Compliance Analyst Location: Hertfordshire, UK (Hybrid) Contract: 12-Month Fixed Term (Salaried) Are you passionate about cybersecurity, compliance, and driving risk management strategies? We’re seeking an experienced Information Security Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management … System. This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business. Requirements: ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of … frameworks like ISO 27001/27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security training programs. Excellent stakeholder management, communication, and analytical skills. This is an exciting opportunity for someone who thrives in a fast-paced, regulated environment and wants to make a real impact in protecting systems, data, and operations across More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the … role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM … CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability: ready More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the … role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM … CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability: ready More ❯

thinking organization committed to innovation, resilience, and trust. As we continue to grow and evolve in a digital-first world, we are seeking a strategic and business-savvy Business Information Security Officer (BISO) to bridge the gap between cybersecurity and business operations. The BISO is expected to be adaptable and have the ability to implement the integration of … cybersecurity into our IT and operational technology (OT) ecosystems. As the BISO, you will serve as the primary liaison between the BA Customers & Solutions Security & Resilience team and business units, ensuring that information and cybersecurity strategies align with business goals. You will be responsible for embedding security into business processes, managing risk, and driving a culture of … security awareness across the organization. The BISO will report directly to the Head of Business Excellence, with additional reporting to the Director of Asset Management on the OT topics. Main tasks Act as the trusted information and cybersecurity advisor to management and stakeholders Establishing, developing and implementing the Security Management System in the BU More ❯

thinking organization committed to innovation, resilience, and trust. As we continue to grow and evolve in a digital-first world, we are seeking a strategic and business-savvy Business Information Security Officer (BISO) to bridge the gap between cybersecurity and business operations. The BISO is expected to be adaptable and have the ability to implement the integration of … cybersecurity into our IT and operational technology (OT) ecosystems. As the BISO, you will serve as the primary liaison between the BA Customers & Solutions Security & Resilience team and business units, ensuring that information and cybersecurity strategies align with business goals. You will be responsible for embedding security into business processes, managing risk, and driving a culture of … security awareness across the organization. The BISO will report directly to the Head of Business Excellence, with additional reporting to the Director of Asset Management on the OT topics. Main tasks Act as the trusted information and cybersecurity advisor to management and stakeholders Establishing, developing and implementing the Security Management System in the BU More ❯

action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards … Policies & Standards team, using newer technologies such as Artificial Intelligence and Machine Learning. Connect to your skills and professional experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and … standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion More ❯

action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards … Policies & Standards team, using newer technologies such as Artificial Intelligence and Machine Learning. Connect to your skills and professional experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and … standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion More ❯

action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards … Policies & Standards team, using newer technologies such as Artificial Intelligence and Machine Learning. Connect to your skills and professional experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and … standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion More ❯

action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards … Policies & Standards team, using newer technologies such as Artificial Intelligence and Machine Learning. Connect to your skills and professional experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and … standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion More ❯

action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity Lead the research and development of Deloitte Global cybersecurity standards, detailed security baselines and their supporting documents, to meet Deloitte's business objectives and cybersecurity risk appetite Collaborate with subject matter experts and leadership to determine the impact of cybersecurity standards … Policies & Standards team, using newer technologies such as Artificial Intelligence and Machine Learning. Connect to your skills and professional experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security/cybersecurity domain, with a focus on policies and … standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion More ❯

everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 The role of Cyber Security Consultant sits within the Cyber Security team in Three UK, which is responsible for providing subject matter expertise and guidance to business units across Three's Network and … policy and standards. In this role you will have a broad and challenging remit, you will therefore need to be flexible and agile in your approach, switching between different security disciplines within the team as necessary. You will be engaging in the delivery of multiple business initiatives by introducing baseline and enhanced security requirements and supporting their implementation … through guidance and advice. You will also be recommending security solutions and then providing design input and technical approvals, assurances, and governance of deliveries that the project carries out with our colleagues and partners. Within the Security team itself you will be expected to collaborate with the wider team and security colleagues providing technical support and guidance More ❯

Are you currently working for an IT provider but ready to step into the world of dedicated Cyber Security? We have an exciting opportunity for an Information Security Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance … Team's service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security programs Contribute to significant projects that support clients' compliance and risk management goals If you're ready to make an impact in Cyber Security, this role is for you! Responsibilities … Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team with scoping engagements and delivering More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment … travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other … standards Help identify and assess information security risks, working closely with the Cyber Risk Manager Provide guidance to colleagues on basic security best practices and requirements Contribute to reporting on the ISMS performance and improvement plans Support continual improvement initiatives and track progress Keep up to date with key trends and changes in information security More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment … travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other … standards Help identify and assess information security risks, working closely with the Cyber Risk Manager Provide guidance to colleagues on basic security best practices and requirements Contribute to reporting on the ISMS performance and improvement plans Support continual improvement initiatives and track progress Keep up to date with key trends and changes in information security More ❯

value everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Create & Maintain an information security management system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the … to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders, published, and communicated. Also, ensure that policies are managed throughout their lifecycle and updated through yearly … or ad-hoc reviews. Produce relevant security standards documentation in consultation with Technical teams. Lead on providing information to Three UK Customers (B2B) regarding Three UK's security practices. Support proactive and effective oversight of technology and security risk management frameworks, methodologies, processes, assurance, remediation, and reporting activities across the company. Assist in designing, building More ❯

Information Security Lead Auditor Department: Audit Employment Type: Permanent Location: London, UK Reporting To: Regional Operations Manager Description Please note, that a full driving licence is required as this is a field-based role. Join our growing Lead Auditor teams across the UK! At ISOQAR, we draw on our experience, knowledge, and ambition to empower organisations to achieve … solutions, the Alcumus Group helps organisations increase resilience and manage risk, protecting its customers, workforce, stakeholders, and the environment. Due to our continued growth, we are seeking professionals within information security to join our expanding Lead Auditor teams supporting a broad range of clients across the UK . With onsite practical experience and deep knowledge of industry processes … and Divisional inductions, you will undertake a 12-week training programme, including classroom and onsite learning with a Senior Lead Auditor, to achieve your Lead Auditor qualifications in Quality Management Systems (9001) and Information Security Management Systems (27001). What that means day to day The life of a Lead Auditor is varied and engaging, with More ❯

Information Security Lead Auditor Department: Audit Employment Type: Permanent Location: Manchester, UK Reporting To: Regional Operations Manager Description Please note, that a full driving licence is required as this is a field-based role. Join our growing Lead Auditor teams across the UK! At ISOQAR, we draw on our experience, knowledge, and ambition to empower organisations to achieve … solutions, the Alcumus Group helps organisations increase resilience and manage risk, protecting its customers, workforce, stakeholders, and the environment. Due to our continued growth, we are seeking professionals within information security to join our Lead Auditor teams who support a breadth of clients across the UK. With onsite practical experience and deep knowledge of industry processes, policies, and … Divisional inductions, you will embark on a 12-week training programme, including classroom and onsite learning with a Senior Lead Auditor to achieve your Lead Auditor qualifications within Quality Management Systems (9001) and Information Security Management Systems (27001). What that means day to day The life of a Lead Auditor is both fun and varied More ❯

Information Security Lead Auditor Department: Audit Employment Type: Permanent Location: Reading, UK Reporting To: Regional Operations Manager Description Please note, that a full driving licence is required as this is a field-based role. Join our growing Lead Auditor teams across the UK! At ISOQAR, we draw on our experience, knowledge, and ambition to empower organisations to achieve … solutions, the Alcumus Group helps organisations increase resilience and manage risk, protecting its customers, workforce, stakeholders, and the environment. Due to our continued growth, we are seeking professionals within information security to join our expanding Lead Auditor teams who support a breadth of clients across the UK . With onsite practical experience and deep knowledge of industry processes … Divisional inductions, you will embark on a 12-week training programme, including classroom and onsite learning with a Senior Lead Auditor to achieve your Lead Auditor qualifications within Quality Management Systems (9001) and Information Security Management Systems (27001). What that means day to day The life of a Lead Auditor is both fun and varied More ❯

Information Security Lead Auditor Department: Audit Employment Type: Permanent Location: Field Based, UK Reporting To: Regional Operations Manager Description Please note, that a full driving licence is required as this is a field-based role. Join our growing Lead Auditor teams across the UK! At ISOQAR, we draw on our experience, knowledge, and ambition to empower organisations to … solutions, the Alcumus Group helps organisations increase resilience and manage risk, protecting its customers, workforce, stakeholders, and the environment. Due to our continued growth, we are seeking professionals within information security to join our growing Lead Auditor teams who support a breadth of clients across the UK . With onsite practical experience and deep knowledge of industry processes … Divisional inductions, you will embark on a 12-week training programme, including classroom and onsite learning with a Senior Lead Auditor to achieve your Lead Auditor qualifications within Quality Management Systems (9001) and Information Security Management Systems (27001). What that means day to day The life of a Lead Auditor is both fun and varied More ❯

follows (but not limited to, as business requirements evolve/change):o Server architectureo Virtualisation technologieso Datacentre operationso Cloud operationso Domain directory serviceso Data storage and managemento Device managemento Information security management and cyber securityo Database administration serviceso Network operations (wired/wireless/mobile)o Business continuity management and disaster recovery planningYou will put people … other members of your team assist in the provision of first class services and consistent levels of capability, as required by the organisationSkills needed for this roleAsset and configuration management Maintain secure configuration and accurate information, controlling IT assets in one or more significant areas Verify the location and state of assets, and support the full IT asset … management lifecycle (from request through to retirement)Availability and capacity management Manage service components to ensure they meet business needs and performance targetsChange management Analyse and assess impact, and develop and document change requests Implement complex changes based on requests for change and apply change control proceduresCoding and scripting Practical use of scripting tools and software that More ❯