City of London, London, United Kingdom Hybrid / WFH Options
Bonhill Partners
/IT security projects in a regulated environment. Strong understanding of cybersecurity domains: IAM, threat intel, incident response, vendor risk, etc. Familiarity with frameworks such as NIST, ISO 27001, PCI-DSS, and FFIEC. Solid grasp of the full project delivery lifecycle (PDLC). Strong stakeholder management, documentation, and analytical skills. More ❯
/IT security projects in a regulated environment. Strong understanding of cybersecurity domains: IAM, threat intel, incident response, vendor risk, etc. Familiarity with frameworks such as NIST, ISO 27001, PCI-DSS, and FFIEC. Solid grasp of the full project delivery lifecycle (PDLC). Strong stakeholder management, documentation, and analytical skills. More ❯
Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Emponics
on your own initiative as a self-starter Desirable Skills Understanding of how to build resilient multi-site architectures Experience and knowledge of cloud security and relevant ISO and PCI compliance requirements Knowledge of Azure and other cloud providers Experience of Windows and Linux operating systems Experience of using Terraform to build, change and version infrastructure. Experience of container More ❯
background, including experiences with major cloud platforms. Demonstrated experience developing and implementing security policies, standards, and procedures. Solid understanding of risk management frameworks, and industry-specific compliance requirements (e.g., PCI, SOC 2, GDPR). Experience with external audits and leading certification processes. Opinions on what good security standards and processes look like as we define ours at Duffel. Big … environment. You believe in your own methods but keep an open mind, taking suggestions and feedback onboard as well. Bonus points if you have: Experience guiding an organisation through PCI-DSS certification. Experience in travel, flights, hotels, or cars. What you can expect from us: We're dedicated to your personal growth. Our environment is comfortable both physically More ❯
higher maturity. What You'll Be Doing: Develop and implement information security policies, standards, and guidance in collaboration with stakeholders. Ensure compliance with industry standards such as NIST CSF, PCI-DSS, ISO 27001, and SOC 2. Coordinate responses to internal and external audits and liaise with key stakeholders. Develop and deliver security policy awareness and training programs. Assess … security, ideally in a public tech company or regulated industry. Experience in developing and implementing information security policies, standards and procedures. Familiarity with security standards such as NIST CSF, PCI-DSS, ISO 27001, and SOC2. Strong skills in security metrics and reporting. Ability to engage collaboratively with technical and non-technical stakeholders. Excellent written and verbal communication skills. More ❯
Senior Cyber Security Analyst - AWS - PCIDSS - Manchester Senior Cyber Security Analyst with a PCIDSS & AWS cloud background is required to join our global client's new UK cybersecurity team. This role is predominantly end-client facing, advising on security best practices, vulnerability management and securitystandard compliance (e.g. NIST, ISO, PCIDSS … EMEA regions. Skills & Experience Required: 4+ years of experience working in Cyber Security within an AWS cloud environment Any experience with CrowdStrike would be a bonus Good experience with PCIDSS Vulnerability management & Compliance Lead on Audits Strong Securitystandard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI … in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCIDSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and their remediation, to improve vulnerability management. More ❯
Senior Cyber Security Analyst - AWS - PCIDSS - Manchester Senior Cyber Security Analyst with a PCIDSS & AWS cloud background is required to join our global client's new UK cybersecurity team. This role is predominantly end-client facing, advising on security best practices, vulnerability management and securitystandard compliance (e.g. NIST, ISO, PCIDSS … EMEA regions. Skills & Experience Required: 4+ years of experience working in Cyber Security within an AWS cloud environment Any experience with CrowdStrike would be a bonus Good experience with PCIDSS Vulnerability management & Compliance Lead on Audits Strong Securitystandard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI … in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCIDSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and their remediation, to improve vulnerability management. More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
Lloyds Bank plc
you know how to design and review rules that are effective, compliant, and minimize risk. Compliance and controls knowledge: Familiarity with regulatory standards and certification frameworks (e.g. ISO 27001, PCI-DSS) and experience participating in audits or maintaining key security controls. You understand how to translate regulatory requirements into practical network security measures. Leadership and collaboration: Demonstrable ability More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Henderson Scott
measures Key experience we're looking for: Deep experience working in Security Operations, including working with MDR providers and SOC environments Strong knowledge of relevant frameworks and standards including: PCI-DSS GDPR NIST CSF CIS Critical Security Controls Cyber Essentials Plus Hands-on experience across Cloud Security, Identity and Access Management, Zero Trust, Security Service Edge (SSE), and More ❯
Azure Cloud Platform. Extensive experience working with Microsoft 365. Good experience with Firewalls, Networks, Switches, Routers & Domain Controllers. Well-versed with Security Protocols such as NIST in conjunction with PCI-DSS and GDPR. If this sounds like an interesting opportunity to you, feel free to apply for this position or drop me your CV at mohammad.sobee@harveynash.com More ❯
acquiring, and digital payment platforms. Platform Scalability & Security: Ensure the continuous evolution, stability, scalability, and robust security of the core payment infrastructure, adhering to the highest industry standards (e.g., PCIDSS, ISO 27001). Engineering Excellence: Lead, mentor, and expand a high-performing engineering and development team, promoting best practices in software development, architecture, and agile methodologies. Compliance … a collaborative and high-performance culture. Strategic Vision: Ability to translate complex business challenges into clear technological strategies and actionable roadmaps. Security & Compliance: Profound understanding of paymentsecurity standards (PCIDSS) and financial regulations (e.g., PSD2, GDPR). Education: Bachelor's or Master's degree in Computer Science, Engineering, or a related field Languages: Russian language skills high More ❯
of information assurance frameworks (e.g., ISO 27001, NIST SP 800-53, COBIT) ️ Experience with security assessments, audits, and vulnerability management ️ Knowledge of regulatory standards such as GDPR, HIPAA, and PCI-DSS ️ Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer are highly desirable More ❯
assets. Comfortable working independently in a delivery-focused, time-bound contractor role. Experience in the gambling sector or other regulated industries. Knowledge of relevant compliance frameworks (e.g. ISO 27001, PCI-DSS, Gambling Commission). Familiarity with business continuity frameworks and their relationship to DR. Exposure to tools like Cohesity, Veeam, Zerto, Azure Site Recovery, or equivalent. More ❯
Manchester Area, United Kingdom Hybrid / WFH Options
Impellam Group
Comfortable working independently in a delivery-focused, time-bound contractor role. Desirable: Experience in the gambling sector or other regulated industries. Knowledge of relevant compliance frameworks (e.g. ISO 27001, PCI-DSS, Gambling Commission). Familiarity with business continuity frameworks and their relationship to DR. Exposure to tools like Cohesity, Veeam, Zerto, Azure Site Recovery, or equivalent. Qualifications Relevant More ❯
e.g., ransomware, data breaches). Using NIST 800-61 or MITRE ATT&CK to structure incident response strategies. Python, PowerShell, or SOAR platforms to improve efficiency. Familiarity with GDPR, PCI-DSS, and financial regulations (e.g., FCA, PRA rules) would be amazing to have but not essential. More ❯
deliver consistently. Ideal, But Not Required 5+ years of managing multiple engineering teams with high performance. FinTech SaaS experience. Track record of delivering results in a highly regulated environment (PCI-DSS and/or HIPAA compliant). Our Offer Work with colleagues that lift you up, challenge you, celebrate you and help you grow. We come from many More ❯
the adoption of modern DevOps practices and tools to support rapid, high-quality delivery. Governance, Risk & Compliance Define and uphold IT governance and regulatory compliance standards (FSA, EBA, DORA, PCI-DSS, ISO 27001). Implement robust risk management and documentation processes to ensure audit-readiness at all times. Work closely with compliance and security teams to proactively address More ❯
improving vendor risk management processes and implement changes to enhance overall security posture. Vendor Compliance: Ensure that vendor management practices comply with industry standards, such as SOC, ISO, or PCI-DSS. Vendor Risk Management: Analyze security findings from risk assessments and ensure that they are logged and tracked appropriately in the Enterprise Risk Management tooling. About You You're More ❯
governance frameworks (e.g. COBIT, IT-CMF) • Knowledge of the legal and regulatory environment within which easyJet operates as well as specific relevant regulations and standards such as NIS, GDPR, PCIDSS etc. • Knowledge of topic-specific framework & methodologies in areas such as Risk Management (ISO 31000) IT management (e.g. COBIT) Information Security (NIST, ISF, ISO 27001), Service Delivery More ❯
Manchester, Lancashire, England, United Kingdom Hybrid / WFH Options
N Brown Group
programme to promote a strong security culture across the organisation; identifying and tracking risks in our supply chain; and for ensuring we maintain compliance with regulations such as the PCI DSSThe team works closely with 1st and 2nd line risk to develop suitable controls and metrics to ensure the Digital Operations department is operating within risk appetite, and track … Contribute to the development of control testing strategies, to ensure our security controls are operating effectively and achieving their purpose Help maintain compliance with applicable regulations such as the PCIDSS, assist in finding ways to streamline the assessment process Support the development and delivery of the security awareness training programme by working closely with colleagues across the … knowledge to understand risks associated with technology platforms and the controls to mitigate them Able to constructively challenge processes and procedures to drive continuous improvement Experience of working within PCIDSS, or other compliance frameworks Excellent communication skills with the ability to build great relationships across the business and articulate security concepts to non-technical colleagues Knowledge of More ❯
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
4it Recruitment Limited
to respond to all applications. Should you not hear from us in 5 working days then your application has not been successful. Information Security, Risk, Security, Assurance, ISO27001, NIST, PCI-DSS, CISSP, Audit, Auditing, InfoSec, CyberSec More ❯
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Stott and May
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯
process, working closely with development teams to review, design, and implement infrastructure decisions. Maintain documentation for platforms, services, and pipelines. Audit activities to ensure compliance with security policies (including PCIDSS, GDPR, and PII). Perform root‐cause analysis and implement improvements to prevent incidents and optimize performance. Maintain and evolve monitoring platforms, including synthetic and application monitoring More ❯