1 to 25 of 211 Security Management Jobs in the UK

celebrates new ideas and diverse perspectives. You can experience a world of opportunity and the chance to shape a career as unique as you. Position Summary WSP's Information Security Office (ISO) is responsible for the deployment and maintenance of the information security framework for both the IT organization and wider business community. This includes the Governance mechanisms … policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients. The role of Regional Information Security Officer reports directly to the Business Information Security Officer and is responsible for delivering the Information Security Framework into the applicable region of WSP. This is primarily an internally facing role, although … some interaction with clients and third parties may be required. This position requires a senior management professional with relevant experience and a strong working knowledge of IT security, risk management, regulatory compliance, information and public cloud service technology, IT operations management principles, and third-party security management. A little more about your role Specific areas More ❯

Information Security Compliance Officer Required Qualifications & Certifications: Education Bachelor's degree in Cybersecurity, Information Technology, Computer Science , or a related field. A master's degree in information security , Risk Management, or Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO … Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP/E, CIPM for data protection compliance) Experience Requirements: 3-5+ years of experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK … government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for third-party compliance. Handling incident response & reporting (e.g., Data Breach Notifications under GDPR). Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk More ❯

The team you'll be working with: The Security Architect will be responsible for the design, implementation and ongoing development of the security architecture of the client's IT systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to the design of secure client … end-to-end solutions Develop secure conceptual, logical and high level designs by identifying appropriate security controls to be embedded in solutions that meet business requirements whilst evidencing alignment to the target risk appetite. Own the design and be able to articulate and justify design recommendations at security architecture assurance gates Draft design documentation, options papers, risk assessments More ❯

The Information Security Director develops, shapes, and maintains Sycurio's information security capability, driving the attainment and maintenance of the ISO27001, PCI-DSS, and SOC2 compliance. They are the subject matter expert on all things regarding security and compliance, owning the information risk management processes. They are the thought leader on all matters within the security and compliance domain such that the company remains secure against the ever-changing security threat and compliance landscape. Information Security Strategy Create and maintain the Company's strategy, ensuring alignment to the Company's strategy and business goals. Work across internal and external stakeholders, communicating the information security strategy to relevant parties and providing assurance of … policies, procedures, and systems. Develop, maintain, and expand the information security management system ('ISMS') to optimise compliance for ISO27001, PCI-DSS, and SOC2. Identify gaps in the information security capability, both technical and operational, and propose remediation and mitigation plans and solutions. Responsible for the Company's information security capability, ensuring it remains secure against an More ❯

Cyber/Info Security Strategist/Consultant - Architect - Leeds 674 60,000 plus 10% bonus and benefits + free parking Here we have a brand-new LEAD Information/Cyber Security vacancy, based in Leeds. Position: Lead Information/Cyber Security Officer Size of team: 15 FTE's Salary: 60k & added bonus 10% + other % benefits Key … Stakeholders: Heads of Departments, Directors, CIO Main purpose of job As a key member of the Information/Cyber Security team, the Lead Information/Cyber Security Officer will be engaged with the business and provide consultative and specialist services to assist and improve its information security posture ensuring secure business processes and delivering secure services to … processes and the current/emerging threat landscape, ensuring risks are identified and managed with appropriate best practice controls and measures. Key responsibilities Implementation of the Information/Cyber Security strategy and measurement of progress through performance metrics. Contribute to the development of policies, standards and guidelines and ensure these are embedded within the business. Contribute to the development More ❯

Senior Cybersecurity Officer - Assurance - Information Security - Banking Excellent opportunity opens for an Cybersecurity Officer/Information Security Officer/Information Security Assurance Officer with Financial Services experience to join a London based bank's team, helping to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Key … Responsibilities: Collaborate with Information Security Engineering and Operations Teams to integrate security measures into business processes. Advise business units on security-related issues and initiatives. Oversee Second Line project activities to evaluate information security risks for new projects, products, systems, and other significant changes within the bank. Supervise the resolution of risks and issues identified during … audits or external assessments. Develop, review, and maintain information security governance documents, including policies, standards, frameworks, and procedures. Create and deliver Information/Cyber Security Awareness training, educating staff on best practices. Maintain comprehensive records and documentation of ISO activities. Provide regular updates and reports to the Information Security Management System (ISMS) governance committee. Manage internal More ❯

Senior Cybersecurity Officer - Assurance - Information Security - Banking Excellent opportunity opens for an Cybersecurity Officer/Information Security Officer/Information Security Assurance Officer with Financial Services experience to join a London based bank's team, helping to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Key … Responsibilities: Collaborate with Information Security Engineering and Operations Teams to integrate security measures into business processes. Advise business units on security-related issues and initiatives. Oversee Second Line project activities to evaluate information security risks for new projects, products, systems, and other significant changes within the bank. Supervise the resolution of risks and issues identified during … audits or external assessments. Develop, review, and maintain information security governance documents, including policies, standards, frameworks, and procedures. Create and deliver Information/Cyber Security Awareness training, educating staff on best practices. Maintain comprehensive records and documentation of ISO activities. Provide regular updates and reports to the Information Security Management System (ISMS) governance committee. Manage internal More ❯

Senior Cybersecurity Officer - Assurance - Information Security - Banking Excellent opportunity opens for an Cybersecurity Officer/Information Security Officer/Information Security Assurance Officer with Financial Services experience to join a London based bank's team, helping to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Key … Responsibilities: Collaborate with Information Security Engineering and Operations Teams to integrate security measures into business processes. Advise business units on security-related issues and initiatives. Oversee Second Line project activities to evaluate information security risks for new projects, products, systems, and other significant changes within the bank. Supervise the resolution of risks and issues identified during … audits or external assessments. Develop, review, and maintain information security governance documents, including policies, standards, frameworks, and procedures. Create and deliver Information/Cyber Security Awareness training, educating staff on best practices. Maintain comprehensive records and documentation of ISO activities. Provide regular updates and reports to the Information Security Management System (ISMS) governance committee. Manage internal More ❯

The Head of Security Assurance is responsible for leading the Security Assurance Department primarily made up of Security Assurance coordinators. The Head of Security Assurance is responsible for the co-ordination of all security assurance activities to ensure that SecureCloud+ services and supporting internal Information Technology meets the highest security standards and requirements of … our customers. The role will support the delivery of a variety of innovative, accreditable, cost efficient and profitable solutions to comply with HMG's security classification system, and will also lead on the transformation of delivery of services to the MOD's secure by design methodology. The Head of Security Assurance will encompass two key areas of Information … disruption and destruction to achieve the objectives of data integrity, availability and confidentiality. Role Responsibilities Key responsibilities for this role may include: Lead and Manage all members of the Security Assurance department. Mentor junior members of the Security Assurance department. Promote a strong security culture within the company. Co-ordinate the security accreditation and assurance processes More ❯

Senior Cyber Security (GRC) Analyst This Senior Cyber Security (GRC) Analyst will report to the Cyber Security Governance, Risk & Compliance Manager and will work within the Information Systems directorate based in either our London or Crawley office. You will be a permanent employee. You will attract a salary of up to £75,000.00 and a bonus of … On - scheme providing discount on hundreds of retailers' products. Discounted gym membership. Employee Assistance Programme. Job Purpose The Senior Governance Risk and Compliance (GRC) Analyst will support the Cyber Security GRC Manager in developing IT governance, risk management, and compliance strategies across UK Power Networks information applications and users to safeguard essential business services and operations from cyber … Industry and Regulatory: Deputise for the GRC manager to represent UKPN in energy sector industry forums and regulatory working groups, working collaboratively with Ofgem and the Department for Energy Security and Net Zero. Communication: Communicate and work with all teams and partners in UK Power Networks. Good verbal, written, and presentational skills to express risks and the potential possible More ❯

to our success and of great importance to our clients, our partners and to our team. This is why we are currently looking for someone to help evolve the security function. As the Information Security Manager in the team, you will be working with our Security engineers as well as other teams and stakeholders to drive improvements … to our security program and ensure a pragmatic approach to security and risk. Responsibilities Develop, implement, and maintain the organization's information security policies, standards, and procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin … s PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security risks across the business through the establishment of risk treatment plans. Serve as the primary liaison for security matters, both internally and externally. Collaborate with leadership and internal stakeholders More ❯

Are you currently working for an IT provider but ready to step into the world of dedicated Cyber Security? We have an exciting opportunity for an Information Security Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance Team … s service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security programs Contribute to significant projects that support clients' compliance and risk management goals If you're ready to make an impact in Cyber Security, this role is for you! Responsibilities: Ensure … protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team with scoping engagements and delivering valuable services More ❯

Information Security Compliance Analyst 12 Month Fixed Term Contract Salary: Negotiable Hybrid - Hertfordshire As an Information Security Compliance Analyst, you will support the development and maintenance of the EMEA wide information security management system in accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR. … You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties/responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk … risk mitigation plans in conjunction with relevant internal and external stakeholders/groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including More ❯

Information Security Compliance Analyst 12 Month Fixed Term Contract Salary: Negotiable Hybrid - Hertfordshire As an Information Security Compliance Analyst, you will support the development and maintenance of the EMEA wide information security management system in accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR. … You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties/responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk … risk mitigation plans in conjunction with relevant internal and external stakeholders/groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including More ❯

DR Advisor in developing and maintaining IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions. Incident Response and Management: Support DR-related incident response activities, including investigating IT security incidents, breaches, and disruptions. Issue Identification: Identify and document control deficiencies, compliance gaps, and areas for improvement. Collaborate … to develop actionable recommendations and corrective action plans. Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders. Policy and Procedure Development: Assist in developing and maintaining risk management, compliance, and control-related policies, procedures, and guidelines, ensuring alignment with regulatory requirements and industry … best practices. Vendor Risk Management Support: Assist in assessing and managing risks associated with third-party vendors and service providers, evaluating controls and contractual adherence. Continuous Improvement: Identify opportunities to enhance risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's environment. Project Work: Contribute to project activities to ensure GRC requirements are More ❯

Join our dynamic team as a Security Operations Manager, where you'll lead and enhance our security strategies to protect critical assets and ensure operational resilience. WHO ARE WE? Privately owned and independently minded, Creditsafe operates with the singular vision of powering business decisions. We do this by delivering valuable intelligence on customers, suppliers and potential buyers to … intelligence accessible to all businesses big and small but most importantly, opened up new avenues of data intelligence for businesses with machine learning, AI and connected data. From risk management through to opportunity identification, our industry-leading solutions, power decisions for companies by turning their data into actionable insights that help them become stronger, grow faster and thrive. THE … TEAM Creditsafe’s Information Security and Compliance team are motivated by protecting company reputation, safeguarding existing revenue, and supporting the generation of future revenue. We realise that security can often be misunderstood so our approach is enabling new and existing customers to interact with our products and services, and we pride ourselves on balancing a positive security More ❯

Information Security Manager Role Description This is a full-time role as an Information Security Manager for a bank in Central London. The Information Security Manager will be responsible for day-to-day tasks related to information security management, including implementing and maintaining Information Security Management Systems (ISMS), ensuring cybersecurity and network security, and protecting sensitive information. This is a hybrid role, based in London with the flexibility for some remote work. Qualifications Information Security Management, ISMS, and Cybersecurity skills Network Security and Information Security knowledge Experience in implementing and maintaining ISMS Proficient in identifying and addressing information security vulnerabilities Strong analytical and problem-solving skills Excellent … communication and interpersonal skills Certifications such as CISSP, CISM, or equivalent are preferred Bachelor's degree in Information Security, Computer Science, or related field Additional Skills Strong hands-on network and security background Cisco networking Cisco firewalls (Firepower/Threat Detection) Palo Alto firewalls SIEM experience (Logarithm desirable) Web proxy (Forcepoint desirable) Governance skills Policy writing/reviewing More ❯

The opportunity We're looking for an Information Security Manager to take ownership of Attest's security posture as we scale. Our consumer research platform helps brands make better decisions; keeping our data, people, and customers secure is critical to our success. If you're excited about shaping security in a fast-growing SaaS company - without the … to collaborate in person while ensuring enough time remotely for deep, focused work. Learn more about our hybrid working philosophy here . What You'll Do As our Information Security Manager, you will define and implement security strategies, ensuring we maintain a strong security foundation without slowing down innovation. You'll work cross-functionally with Engineering, IT … and Legal to embed security across the business, enhance compliance, and proactively manage risks. Key Responsibilities Develop and implement security strategy : aligning security plans with business goals. Own our security program : building and maintaining an information security management system. Promote security culture : working closely with IT to educate and enable teams across Attest. More ❯

Senior Information Security GRC Analyst Senior Information Security GRC Analyst Locations: London, United Kingdom; Manassas, United States Posted on: 4 Days Ago ABOUT US We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation can address … relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Are you passionate about security Governance, Risk and Compliance (GRC)? Do you thrive in a dynamic environment where your experience and your security expertise can shape the future of our organization? We are … looking for a GRC Specialist like you to join our growing Information Security Governance team. In this role, you will: Develop and implement robust GRC frameworks to ensure compliance with increasingly stringent industry regulations and standards. Lead the reporting and presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with cross-functional security More ❯

Fully Remote (UK-based candidates) Contract Type: Contract – 3 to 6 months Day Rate: £790 per day (inside IR35) via Umbrella company Clearance: Candidates must be eligible for SC (Security Clearance) or hold active SC clearance. Subject to client approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking … a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management System (ISMS) aligned with multiple industry standards and frameworks. This is a fully remote position, offering flexibility while working … impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO/IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and More ❯

Remote (UK-based candidates preferred) Contract Type: Contract - 3 to 6 months Day Rate: £790 per day (inside IR35) via Umbrella company Clearance: Candidates must be eligible for SC (Security Clearance) or hold active SC clearance. Subject to client approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking … a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management System (ISMS) aligned with multiple industry standards and frameworks. This is a fully remote position, offering flexibility while working … impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO/IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and More ❯

Job Title: Head of Technology & Data About Us BGIS is a global leader in technical integrated building facility management services. Offering a full range of facility and real estate management services, BGIS partners with clients globally to bring forward innovative solutions. At BGIS, we believe there is always a better way. We seek out opportunities, encourage change and … communities, and planet. In-depth As the Head of Technology and Data, you will be leading and managing a diverse suite of service technologies such as Computer Aided Facilities Management (CAFM), Finance and Workflow management systems and the associated data ensuring the information can be transformed into tactical actions and decisions. You will provide leadership and management … and introduce continuous improvement process and manage technology vendors stakeholders to ensuring their performance and value for money. You will support and lead good standards and practices around workflow management and roll out awareness programmes to the organisation ensuring the business processes are adhered. You will work closely with global technology team and provide UK centric reporting strategy and More ❯

Role Description This is a full-time hybrid role for an Information Security Manager with 2nd and 3rd Line IT support experience. The role involves day-to-day tasks associated with planning, implementing, and maintaining an Information Security Management System (ISMS), including managing cybersecurity risks, implementing network security measures, and ensuring compliance with industry standards. The … Information Security Manager will also provide IT support to the company and will be based in the London office, with flexibility for some remote work. Your past experience must include 2nd and 3rd line infrastructure support where you are able to advise and direct the technical team. Qualifications Experience in Information Security Management and creating and implementing … an ISMS Experience in Cybersecurity and Network Security Expertise in Information security best practices and standards Excellent problem-solving skills and attention to detail Strong communication and collaboration skills Bachelor's or Master's degree in Computer Science, Information Technology, or related field Certifications such as CISSP, CISM, CCNA, or equivalent are a plus Experience in IT support More ❯

Information Security Analyst – FMCG, North Lanarkshire 📍 Location: North Lanarkshire (Hybrid working) 💼 Salary: £55k+ Comprehensive Benefits Package 🕒 Type: Full-Time | Permanent Are you ready to take on a hands-on role protecting business-critical systems and data from evolving cyber threats? We’re seeking a skilled Information Security Analyst to join our client and lead the implementation and operation … of essential security controls that underpin their enterprise infrastructure. This is a fantastic opportunity to apply your deep technical knowledge in a complex and varied environment, supporting business-wide initiatives while developing and maturing our security posture. 🔧 Key Responsibilities We are seeking an experienced Information Security Analyst to safeguard client’s digital assets and ensure alignment with … their Information Security Management System (ISMS). You’ll lead the design, implementation, and monitoring of security controls, supporting the group of companies in compliance with global frameworks. You’ll manage Vendor Security Assurance, review solution designs, and conduct risk-based assessments to integrate security into commercial initiatives. Collaboration with wider group and cross-functional More ❯

Information Security Analyst – FMCG, North Lanarkshire Location: North Lanarkshire (Hybrid working) Salary: £55k+ Comprehensive Benefits Package Type: Full-Time | Permanent Are you ready to take on a hands-on role protecting business-critical systems and data from evolving cyber threats? We’re seeking a skilled Information Security Analyst to join our client and lead the implementation and operation … of essential security controls that underpin their enterprise infrastructure. This is a fantastic opportunity to apply your deep technical knowledge in a complex and varied environment, supporting business-wide initiatives while developing and maturing our security posture. Key Responsibilities We are seeking an experienced Information Security Analyst to safeguard client’s digital assets and ensure alignment with … their Information Security Management System (ISMS). You’ll lead the design, implementation, and monitoring of security controls, supporting the group of companies in compliance with global frameworks. You’ll manage Vendor Security Assurance, review solution designs, and conduct risk-based assessments to integrate security into commercial initiatives. Collaboration with wider group and cross-functional More ❯