26 to 50 of 194 Security Posture Jobs in the UK

We are looking for an established IT Security Engineer to join the Information Security function of the UKs largest sofa retailer. This is a pivotal role, demanding an experienced professional to be the technical authority on security matters. You will be the hands-on force protecting our information systems across all our environments. We need a proactive … So, if your experience doesn't quite match the specification, we'd still really love to hear from you What you'll be doing This role is about reducing security risk through technical delivery and strategic oversight. 1. Security Engineering & Architecture Lead the deployment, configuration, and tuning of new and existing security tools to enhance defence and … efficiency. Drive the enforcement of security policy and controls across key domains Initiate, provide counsel and assurance on technical security projects from conception through to operational handover, ensuring clear risk reduction objectives are met. Working with other areas within the technology function to execute the delivery of the projects Provide technical counsel to the Head of Group IT More ❯

Software Engineer - Security Product Engineering Job ID: R19464 Location: London - The River Building HQ Type: Permanent Ready to apply? Get started with your online application. Not quite your dream role? Sign up to get notified when the right vacancy comes along. Why Deliveroo Our mission is to transform the way you shop and eat, bringing the neighbourhood to your … of a rapidly expanding industry. As a small team making a large impact, we value autonomy, ownership, and new ideas. We are looking for a Software Engineer within the Security Product Engineering team to design, develop, and support security products, including custom access tooling (PAM), authentication solutions supporting millions of users, and more. Reporting to the Head of … Security Architecture & Engineering, this hands-on role will influence the security posture across the company, ensuring security is integrated into all projects. What you'll do: Work with cloud platforms (AWS, Azure, GCP), CI/CD pipelines, containerisation (Docker, Kubernetes), and infrastructure-as-code. Design, develop, and implement scalable, reliable, and maintainable software systems, features, and More ❯

Role title: Information Security Manager Reports to: Head of Operational Resilience Location: Hub Location Hours of work: Full time, with 3 days per week in the office SMCR Function: Conduct Purpose of role Information Security Manager you will define and drive the information security strategy across our financial services business. You will lead a growing team of … security professionals to safeguard customer data, ensure compliance with regulatory frameworks, and build a culture of security awareness throughout the organisation. Your strategic vision and hands-on expertise will protect critical systems and support business growth. Key Responsibilities Develop and maintain the enterprise information security strategy aligned with business goals Lead the implementation and oversight of a … 3rd party managed Security Operations Centre (SOC) ensuring effective integration. Baseline and conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance More ❯

open plan, smart casual dress code, regular incentives and company events Supporters of 85+ charities with strong commitment to diversity and sustainability PURPOSE OF JOB: As a Microsoft Cloud Security Specialist, you will play a pivotal role in driving the growth of our Microsoft Security business. This is a strategic sales overlay role focused on supporting our sales … teams in positioning, differentiating, and closing opportunities across Microsoft’s security portfolio - including Microsoft Defender XDR, Sentinel, Entra, Purview, and Defender for Cloud. You will act as a subject matter expert and trusted advisor, helping customers understand the value of Microsoft’s integrated security solutions and how they can reduce risk, improve compliance, and accelerate secure digital transformation. … A key part of your remit will be to lead sales of our Microsoft Security Managed Service, including managed SOC. You will collaborate closely with internal sales teams, Microsoft account teams, and Bytes stakeholders to align with the Microsoft FY26 solution plays and partner incentives. Your success will be measured by pipeline growth, deal velocity, and the expansion of More ❯

Role title: Head of Information Security Reports to: CTOO Location: Hub Location Hours of work: Full time, with 3 days per week in the office SMCR Function: Certified Purpose of role As Head of Information Security you will define and drive the information security strategy across our financial services business. You will lead a team of security professionals to safeguard customer data, ensure compliance with regulatory frameworks, and build a culture of security awareness throughout the organisation. Your strategic vision and hands-on expertise will protect critical systems and support business growth. Key Responsibilities Develop and maintain the enterprise information security strategy aligned with business goals Oversee security architecture, vulnerability management, incident response … and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps Ensure compliance with financial regulations (e.g. GDPR, PCI DSS, SOX, FCA requirements) Establish and enforce security policies, standards, and procedures Report security posture, incidents, and key metrics to senior leadership and the board Drive security awareness and training programmes for all More ❯

Hiring Mobile Security Engineer - Contractual (Bristol - UK) Client Introduction: The company is a multinational Sweden SAAS product-based firm. Company Strength: 100+Key Responsibilities Job Summary Our team is accountable for security within the mobile channel. We provide a suite of mobile security components, that provides an all-round security posture in mobile apps including associated … passionate about our shared passion for delivering new features for customers across our brands in the mobile space. This role will be pivotal in building, delivering, and driving the security of our mobile platform. The key aspect of this role is the design and delivery of a world-class security framework, including associated services (penetration testing, research, consultancy … etc.). Essential skills & experience: Experience of Mobile platform security, threat modelling and mitigation techniques Capable of conducting regular reviews of our mobile application security posture using your hands-on experience. Develop and maintain pen-testing security tools, scripts, policies and procedures In depth knowledge of mobile app security standards (Android/iOS) Desirable knowledge More ❯

Job Description We are seeking a Senior Security GRC Manager to join our Group Technology team in Milton Keynes . You will play a pivotal role in shaping and advancing our security governance, risk, and compliance practices across the Group Technology function. You will have a hands-on role to monitor, report on and lead initiatives to strengthen … our security posture, ensuring regulatory alignment. This is an exciting opportunity to make a tangible impact, working with a diverse range of stakeholders and supporting the strategic direction of the business. Key Responsibilities: Governance & Compliance : Lead the development, implementation, and continuous improvement of security and technology control frameworks; maintain and update security policies and standards; support … governance forums, including Information Security, Business Continuity, and Audit & Risk Committees. Risk Management : Conduct operational risk assessments and provide expert consultancy on security risks, incidents, and investigations; identify and address gaps in controls, providing clear reporting and recommendations. Stakeholder Engagement: Collaborate with internal teams and external partners to manage security and technology risks; support external and internal More ❯

Job summary The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose is to support safe care … be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded a … additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Deputise for Security Lead (Analyst) in their absence. Act More ❯

Job Title: Head of Cyber Security Salary: £82,000 - £95,000 Location: London Key Skills: Cyber Security Strategy & Governance, Incident Response & Risk Management, Stakeholder & Board-Level Communication, Leadership & Team Development We are seeking a highly experienced Head of Cyber Security to lead the delivery of a best-in-class security posture within a large, complex … service users, and wider stakeholders from cyber risk. Protecting critical health services from evolving threats is a top priority, and this role plays a central part in ensuring robust security measures are in place. Reporting directly to the Director of Digital Services, the Head of Cyber Security will be a core member of the senior digital leadership team. … You will oversee the development, implementation and governance of information security across the organisation, spanning infrastructure, applications, medical devices, communications, and policy frameworks. Key Duties & Responsibilities Lead the development and delivery of a comprehensive cyber security strategy across both corporate and clinical areas. Oversee the organisation's information security portfolio, including compliance frameworks, risk assessments, and threat More ❯

As Hargreaves Lansdown (HL) continues it digital journey, we are enhancing our Cloud Assurance capabilities, within our Information Security Team. We are seeking a highly skilled Senior Security Analyst with a proven track record in delivering and maintaining Cloud assurance, preferably within a financially regulated enterprise environment or similar. The Senior Security Analyst is a specialist lead … SME role with the primary focus on AWS Cloud Security Assurance, as well as Governance, Risk and supporting Compliance. You will be supporting the Information Security function to ensure HL remains effective in protecting critical information assets within risk appetite. You will be working with a highly skilled and committed Security, Digital IT and Cloud teams. You … will play a significant role in our Cloud journey, working with our AWS and Azure Cloud platforms and security toolsets. We offer a commitment to your career development through training, mentoring and internal opportunities. What you'll be doing You will be the SME and lead for the technical aspects of Cloud security assurance risk and controls. You More ❯

My client is looking for a Senior Information Security Consultant - GRC to deliver governance, risk, and compliance services to clients across Europe. This role focuses on strengthening client security posture through risk management, policy development, compliance assessments, and training. You will also support internal initiatives, mentor junior colleagues, and contribute to my client’s wider security leadership. Key Responsibilities Lead delivery of GRC and information security services to clients, including risk identification, remediation, and compliance with regulatory and data protection standards. Develop, implement, and review security and governance policies, frameworks, and operational procedures. Conduct ISMS assessments, internal audits, and compliance gap analyses against recognised standards. Advise on secure tool deployment, incident response procedures … and overall security posture enhancement. Define and implement tailored security tools, processes, and controls. Deliver training, awareness sessions, and security simulations to client teams. Produce executive-level reports and technical briefs for clients. Build and maintain strong client relationships, ensuring high-quality service delivery and long-term trust. Mentor and train junior colleagues, including providing line More ❯

Role/Job Title: DevSecOps Pentester Work Location: London (2 - 3days) The Role Conducts security assessments and penetration tests across CI/CD pipelines, cloud infrastructure, and application environments. Integrates automated security tools and practices within DevOps workflows to ensure continuous security validation. Identifies and exploits vulnerabilities in code, containers, APIs, and infrastructure-as-code before they … reach production. Collaborates with development, security, and operations teams to implement remediation and improve security posture. Stays current with threat landscapes, tools, and methodologies to proactively defend against evolving cyber risks in general and more specific to an airline industry, transportation sector. Your Responsibilities Integrate security practices and tools into the DevOps pipeline to ensure security is a continuous process. Perform IaC Automation and ServiceNow integrations to automate AWS Service catalogues. Contribute to security tooling, checklists, and automation efforts. Identify potential security threats and vulnerabilities during the design phase identify flaws in CI/CD, IaC, and cloud/containerized environments. Perform manual and automated security testing on web apps, APIs, pipelines. More ❯

Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying, assessing, and remediating security vulnerabilities. The role sits within the Digital Engineering Services & Solutions (DES) department of the Technology Division. The role is part of the Digital Engineering Services & Solutions (DES) department, which … with service transition processes to ensure compliance with internal controls and regulatory standards. It plays a critical role in governance, audit readiness, and the continuous improvement of MUFG's security posture, while also serving as the central coordination point for all vulnerability-related activities across DES. The successful candidate must demonstrate proven experience in leading teams and fostering … expected to establish best practices for risk identification and remediation planning, while also influencing stakeholders and delivering competitive advantage for global organisations by protecting against external threats and potential security vulnerabilities. NUMBER OF DIRECT REPORTS Circa 5 Key Responsibilities Strategic Leadership & Vision Lead the design, development, operation and management of the department's Threat and Vulnerability Management (TVM) strategy More ❯

Information Security Manager We are recruiting an Information Security Manager who will be a key member of the Healix Risk Department. You will be working across Healix International Group to manage all areas of data & information security compliance including the oversight and management of the firm's control framework relating to these speciality areas. As the Information … Security Manager you will design, implement & maintain the Information Security Management System (ISMS) in accordance with ISO27001, Cyber Essential Plus & SOC2 and other relevant standards. In a travel risk management environment this role is critical for safeguarding sensitive traveller data, real-time location tracking and operational systems that support crisis response and duty of care obligations for clients … address these risks including the compilation of business continuity plans (BCP). You will work very closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber threat security. About Healix Healix safeguard's people's health and wellbeing in every corner of the world. We offer international risk management and assistance services around More ❯

Greetings We are Hiring Network Security Specialist in Warwick/Wokingham Network Security 6 Months Contract ? Designing, Architect, Implementing and Maintaining an organization's network security infrastructure solutions like Firewalls, IDPS, Proxy, Load Balancers, VPN, WAF etc., align with the organization's strategies, policies, and standards. ? Design and manage firewall policies, network access controls, AAA mechanisms, MFA … IAM solutions, RBAC, Privilege Management etc., ? In-depth understanding of cloud network security, different network architectures (e.g., LAN, WAN, DMZ) and topologies, network protocols, routing, switching, and subnetting. ? Ensure network security measures are aligned with relevant compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance … gaps. ? Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. ? Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security (OCI/Azure/AWS), Web Security, Email Security, Logging and Monitoring, General PKI and Cryptography. More ❯

Cyber Security Lead Hamilton, Glasgow or Stonehouse, Gloucester Join a leading utilities company that champions innovation and service excellence. At Last Mile, were proud to deliver high-quality solutions across the multi-utility sector, and our IT team is expanding. Were now looking for a talented Cyber Security Lead to play a pivotal role in strengthening our digital … resilience. As a Cyber Security Lead, reporting into the Director, Technology and Data, youll lead and develop a team of security professionals, oversee the delivery and ongoing management of our security infrastructure, and act as the go-to technical expert in threat detection, incident response, and vulnerability management. Were looking for someone with strong leadership skills, a … deep knowledge of the cyber security landscape, and a real passion for safeguarding digital assets. Whats in it for you as a Cyber Security Lead? Here at Last Mile, we pride ourselves in providing a great range of benefits including a fantastic amount of annual leave, including a Christmas shut down. 25 days holiday, increasing after 2 years More ❯

Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying, assessing, and remediating security vulnerabilities. The role sits within the Digital Engineering Services & Solutions (DES) department of the Technology Division.The role is part of the Digital Engineering Services & Solutions (DES) department, which encompasses … with service transition processes to ensure compliance with internal controls and regulatory standards. It plays a critical role in governance, audit readiness, and the continuous improvement of MUFG's security posture, while also serving as the central coordination point for all vulnerability-related activities across DES.The successful candidate must demonstrate proven experience in leading teams and fostering a … expected to establish best practices for risk identification and remediation planning, while also influencing stakeholders and delivering competitive advantage for global organisations by protecting against external threats and potential security vulnerabilities.NUMBER OF DIRECT REPORTSCirca 5 KEY RESPONSIBILITIES Strategic Leadership & Vision Lead the design, development, operation and management of the department's Threat and Vulnerability Management (TVM) strategy and roadmaps More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid/Southeast Region - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate … with multi-disciplinary teams to define and implement security risk assessments and best practice solutions, ensuring alignment with business risk appetites and transformation goals. You'll be part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD/Public … Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks, controls, and treatment activities. Provide pragmatic remediation and risk management guidance. Support secure design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience More ❯

Overview At Vanta, our mission is to help businesses earn and prove trust. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without … it. As Vanta's Customer Success Manager you will play a pivotal role in guiding some of our largest customers through their security and compliance journeys with Vanta's specialised solutions. By combining your customer-centric approach with expertise in Vanta's products and security best practices, you contribute to the overall success and satisfaction of Vanta's … customers in achieving robust security and compliance outcomes. Vanta's success over the last year was exponential and we are now working to solve the problem of how to provide world-class customer experience to as many security-minded software companies as possible. As Vanta's Customer Success Manager, you will be the voice of Vanta, responsible for More ❯

Project Security Analyst (Azure) We are seeking a Project Security Analyst with expertise in Microsoft Azure to support and enhance the cloud security posture across multiple projects. You will work closely with project managers, cloud architects, DevOps teams, and security stakeholders to ensure Azure-based solutions meet enterprise security standards and compliance requirements, dealing … with the following: Security Planning & Risk Assessment Analyze and define security requirements for Azure-based projects. Conduct threat modeling and risk assessments for cloud workloads. Support the secure configuration of Azure services (e.g., Azure AD, Key Vault, Defender for Cloud). Project Delivery Support Act as the security SME (Subject Matter Expert) in Azure-focused projects. Ensure … security milestones are integrated into project delivery timelines. Review architectural diagrams and deployment plans from a security perspective. Compliance & Governance Assist with the implementation of security policies and standards in Azure. Ensure project deliverables meet compliance frameworks (e.g., ISO 27001, NIST, CIS, GDPR). Support audits and evidence collection for Azure resources. Required Skills & Experience Strong background More ❯

Cyber Security Engineer CyberSec Engineer/IT Security Specialist – Disaster Recovery, Resilience Testing, CyberSec Improvements, Vulnerability Scanning/Management, Infrastructure, Nutanix, Commvault, VMware, Azure, PowerShell, Python; Law Firm, Permanent, London/Hybrid (3/2). £80k - £95k (On Experience) +Bonus +Benefits Global Low Firm seeks experienced Cyber Security Engineer/IT Security Specialist to join … the IT Infrastructure Engineering Team and play a key role in the strengthening of the IT security position and critically ensuring that Disaster Recovery, failover, and operational resilience capabilities are effective and continually improved through ongoing testing and (re)engineering. This is a hands-on, process-driven role where you will ensure that disaster recovery (DR), failover, and operational … resilience capabilities are robust, tested, reviewed, and continuously improved. You’ll play a critical part in safeguarding business continuity and strengthening our cyber security posture, working closely with infrastructure, security, and business continuity teams. As such the CyberSec Engineer/IT Security Specialist will: Lead the planning, orchestration, and execution of DR and resilience testing Perform More ❯

Security Lead Oxfordshire/Hybrid/Permanent/up to £65,000 About the Role We're seeking a Security Lead to take ownership of both client-facing and internal security strategy within our Managed Services environment. This is a strategic and hands-on leadership position - you'll oversee security governance, ensure compliance with leading frameworks … Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor translating complex risks into clear business outcomes. Internally, you'll own our security frameworks, guide improvement across tools and teams, and ensure compliance … through measurable posture metrics and ongoing development. Key Responsibilities Lead client Quarterly Security Reviews (QSRs) covering vulnerabilities, incidents, compliance, and risk registers. Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, and NIST . Ensure secure deployment and More ❯

Cyber Security Lead Location : Knowsley, Liverpool – (Hybrid, with occasional client visits) Salary : £50K - £60K per annum + Excellent Benefits! Employment Type : Full-time, Permanent About Curveball Solutions At Curveball Solutions, we’re proud to be more than an IT provider we strive to become an extension of your business: a trusted partner. From our early days in 1998 as … IT support always with a tailored approach, unwavering reliability, and exceptional customer service at our core. Our values centre on customer-centricity, innovation, transparency, and trust. We actively prevent security risks and deliver solutions designed for each client’s unique challenges never “one size fits all”. We’re seeking a passionate Cyber Security Lead to shape, elevate … Curveball’s cybersecurity offering. You’ll be the cornerstone of our proactive protection and compliance framework driving strategy, policy, and client-focused solutions. Your Mission in a Nutshell: Build security strategy, negotiate with clients, drive policy and compliance, manage M365 security, run workshops, produce tender responses, and elevate our cyber posture across all MSP services. In addition More ❯

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant … exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with … certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international More ❯

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant … exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with … certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international More ❯