ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health/Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management System … ISMS) in accordance with ISO27001 in a company that manages highly sensitive data. You will support the firm's governance, addressing areas of risk and supporting plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber … threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. Assessing security posture, identifying vulnerabilities, and developing mitigation strategies to manage enterprise-wide information security risks. Maintaining and enhancing the organisation's risk register and heat map, ensuring risks More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
C4S Search Ltd
of 8, ensuring balanced workloads, knowledge sharing, and a positive culture while supporting career growth. Provide high-level technical leadership, including architecture decisions, code reviews, managing technical debt, and risk assessment. Collaborate across teams and senior management to ensure smooth operations, project delivery, and alignment with business priorities. Implement secure, compliant development practices alongside Quality, IT, and DevOps teams … driving continuous improvement and cyber security. Track team performance metrics, communicate progress, and provide strategic input to technical roadmaps and risk management. Key Skills Minimum 5 years in software development, with 3+ years managing technical teams; strong leadership, mentoring, and recruitment experience. Expertise in web technologies (.NET, C#, Angular preferred) and cloud platforms (Azure preferred). Proficient in agile … and waterfall methodologies including Scrum and Kanban. Deep understanding of software development lifecycle, release processes, and technical risk management. Solution-focused, diplomatic leader with excellent collaboration, communication, and decision-making skills. Benefits Hybrid working model Opportunity to work on high-impact healthcare technology A collaborative and values-driven culture Ongoing professional development and leadership progression How to Apply If More ❯
laws and regulations. Commercial contract management & negotiation Draft, review, and negotiate a wide range of commercial agreements including SaaS, technology, procurement, and partnership contracts. Advise stakeholders on contract terms, risk allocation, and negotiation strategy. Support procurement and vendor management by identifying cost-saving or risk-mitigation opportunities in third-party contracts. Maintain and update internal legal templates and … or dispute resolution options. Regulatory & compliance Advise on compliance with relevant financial services regulations, outsourcing rules, and data protection obligations. Support the review of third-party contracts for regulatory risk and alignment with internal policies. Assist with interactions with regulatory bodies and financial institutions, including legal aspects of KYC and ownership verification. General legal advisory & Business Partnering Act as … a trusted legal partner to business teams across a wide range of legal and strategic matters. Support cross-functional projects with legal insight and risk assessment. Work closely with Finance, Compliance, Risk, and Operations to ensure legally sound business execution. Advise on the development and launch of new products and services, ensuring compliance with applicable laws and regulatory More ❯
a global multi billion pound business in Belfast as they seek a Vulnerability and Penetration Testing Engineer to join their Belfast Centre team in providing security architecture, vulnerability and risk assessment. Responsibilities: Thoroughly evaluate proposed and current solutions to ensure compliance with established standards for secure system design. This includes meeting requirements outlines in the ISMS Policy, client contracts … regulatory expectations, and professional obligations. Architect, implement, and support assessment solutions identified as necessary for the protection of firms assets. Continually evaluate relevant products, tools, scripts, and techniques that improve existing assessment capabilities. Essential Criteria: Excellent knowledge of Vulnerability and Penetrating Testing concepts and best practices, including the requirements for WhiteHat/Ethical Hacking. Experience with automated tools … such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave. Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables. Working knowledge of information security frameworks such as ISO27001, NIST, and CIS. If this sounds like a good opportunity, apply today or get in contact with Andrew.Nitek More ❯
a global multi billion pound business in Belfast as they seek a Vulnerability and Penetration Testing Engineer to join their Belfast Centre team in providing security architecture, vulnerability and risk assessment. Responsibilities: Thoroughly evaluate proposed and current solutions to ensure compliance with established standards for secure system design. This includes meeting requirements outlines in the ISMS Policy, client contracts … regulatory expectations, and professional obligations. Architect, implement, and support assessment solutions identified as necessary for the protection of firms assets. Continually evaluate relevant products, tools, scripts, and techniques that improve existing assessment capabilities. Essential Criteria: Excellent knowledge of Vulnerability and Penetrating Testing concepts and best practices, including the requirements for WhiteHat/Ethical Hacking. Experience with automated tools … such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave. Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables. Working knowledge of information security frameworks such as ISO27001, NIST, and CIS. If this sounds like a good opportunity, apply today or get in contact with Andrew.Nitek More ❯
