26 to 50 of 404 Information Security Jobs in the UK excluding London

A well-established business is looking for an accomplished Head of Information Security to join its team based in Uxbridge, west London. Please note this is an office-based role, so you will work from the office 5 days per week. In … this role of significant responsibility, you will design and lead the information security strategy for the organisation. Supported by a Cyber Security Analyst you will provide InfoSec expertise, ensuring that the business has a secure, resilient and robust technology estate, and will also ensure that effective security governance policies and procedures are in place. In order … party suppliers and external auditors and will deliver awareness training, enhance and test the businesses disaster recovery, continuity and incident response plans, and carry our internal audits for the InfoSec governance frameworks. This is an excellent opportunity for a Head of Information Security to join a market leading business. More ❯

Experience Years: 3-5 Years of Experience Employee Type: Regular Remote Type: Onsite About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. As an Information Security Engineer, you will be responsible for security operations, using and managing security systems, identifying and … managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. … As an Information Security Engineer, you will be responsible for security operations, using and managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities More ❯

supported in a truly inclusive workplace. If you want to do more, because you care, we want you on our team. LET'S TELL YOU MORE Our highly innovative Information Security team do a wonderful job protecting our business, our people, and our customers from these daily threats and you have an opportunity to join the team as … our Information Security Architect . In this role, you'll join a team who're responsible for the design, engineering, technical delivery, maintenance and improvements of the systems and applications for the Information Security Office. You'll ensure all technology investments deliver appropriate security controls that protect the business and our customers, and you'll … be responsible for solving complex security problems and selecting the best available solutions from a range of technological and organisational components and structures. The decisions you make fundamentally determine whether Severn Trent can manage its data, information systems and communications networks securely. You'll be based at our Severn Trent Centre head office in Coventry. You'll work More ❯

more sustainable than single-use packaging. To strengthen our IT department, we are currently looking for a Cybersecurity & Compliance Manager. This is a key role focused on ensuring the security and regulatory compliance of our systems and processes. The position offers flexibility and can be fulfilled either remotely (within the Greater London area) or in a hybrid setup from … Dudley. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT … knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role, with travel up to 30% of the time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST More ❯

more sustainable than single-use packaging. To strengthen our IT department, we are currently looking for a Cybersecurity & Compliance Manager. This is a key role focused on ensuring the security and regulatory compliance of our systems and processes. The position offers flexibility and can be fulfilled either remotely (within the Greater London area) or in a hybrid setup from … Dudley. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT … knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role, with travel up to 30% of the time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST More ❯

more sustainable than single-use packaging. To strengthen our IT department, we are currently looking for a Cybersecurity & Compliance Manager. This is a key role focused on ensuring the security and regulatory compliance of our systems and processes. The position offers flexibility and can be fulfilled either remotely (within the Greater London area) or in a hybrid setup from … Dudley. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT … knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role, with travel up to 30% of the time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST More ❯

Overview Join our team as an Information Security Specialist and help keep our people, systems, and data safe. About the Role In this role, you will play a key part in strengthening our Information Security Management System (ISMS) by: Conducting internal audits and supporting external audit activities Assisting with the management and resolution of information security incidents Delivering training sessions and raising awareness of information security across the business Supporting the review, development, and continuous improvement of security processes and policies Performing supplier security assessments and evaluations Working closely with Engineering and IT teams to investigate and address MSSP alerts Qualifications If you're proactive and a true team … you. You'll work closely with teams across the organisation, so strong communication, adaptability, attention to detail, and the ability to juggle multiple priorities are key. Strong knowledge of information security principles, frameworks, and best practices, whether from studying or practical experience High attention to detail with a commitment to accuracy and quality Strong problem-solving skills with More ❯

APPLICATION SECURITY ENGINEER £90,000 + 15% Bonus + Excellent Staff Benefits including Strong Pension, Life Assurance Hybrid Working ( 2 Days per Week Onsite ) An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving forces behind Innovative Development of Enterprise-Led Internet Technology. They are now … looking for an Application Security Engineer to join their existing & high performing large scale In - House Security Team including SOC & Cyber Analysts through to Experienced Cyber Security Engineers & Security Architects. As an AppSec Engineer you will focus on the technical side of IT Security, specifically looking at Application Security & Code Analysis, ensuring their Applications … are Built Securely. The Information & Cyber Security Team deal with the Security of Closed-Sourced, Open-Source & In-House Developed Applications ensuring that All Systems & Services are Built with Privacy & Security by Design. You will be working closely with the Software Development Team , to confirm that Application Based Vulnerabilities are Understood & Mitigated meaning that Code Reading More ❯

Information Security Manager Location: London, Hybrid Salary: Up to 75,000 Reports to: Head of Cyber Security A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client … will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential. This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions … and enabling clients to benefit from cutting-edge threat detection and response capabilities. Key Responsibilities: Serve as a vCISO for clients, providing strategic guidance on security posture and compliance Lead the development and implementation of security policies, procedures, and controls Manage ISO27001 compliance, including internal and external audits Conduct risk assessments and oversee incident response planning Collaborate with More ❯

Organisations who are one of a major driving forces behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering … Tools Scheduling of Scanning across Business, ensuring Reporting Requirements are met whilst Minimising Operational Impacts to Endpoints Scheduling Internal & External Resources to Ensure Targets are Met Work across Full Information Security Project Lifecycle Ensure Compliance with Security Policies & Procedures Act as an Escalation Point & Coordinate with other Teams when required Key Skills & Experience Required for Vulnerability Management … Analyst role will include: Strong Understanding of Information/Cyber Security Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches More ❯

Head of Security Architecture - GDS - G6 £71,370 - £103,924 (London)/£67,126 - £91,453 (National) - Based on capability. Published on 12 September 2025. Deadline 28 September 2025. Location Bristol, London, Manchester Job summary The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern … part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol. The Information Security team at GDS protects the people, services and information used to deliver critical government digital infrastructure such as GOV.UK and One Login. We do this by … supporting a secure software development lifecycle, setting and checking proportional organisation policies and building a positive, no-blame security culture across the organisation. The Government Digital Service is where talent translates into impact. From your first day, you'll be working with some of the world's most highly-skilled digital professionals, all contributing their knowledge to make change More ❯

Head of Security Architecture - GDS - G6 £71,370 - £103,924 (London)/£67,126 - £91,453 (National) - Based on capability. Published on 12 September 2025. Deadline 28 September 2025. Location Bristol, London, Manchester Job summary The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern … part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol. The Information Security team at GDS protects the people, services and information used to deliver critical government digital infrastructure such as GOV.UK and One Login. We do this by … supporting a secure software development lifecycle, setting and checking proportional organisation policies and building a positive, no-blame security culture across the organisation. The Government Digital Service is where talent translates into impact. From your first day, you'll be working with some of the world's most highly-skilled digital professionals, all contributing their knowledge to make change More ❯

Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives … mentor others, and collaborate effectively across business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance … risk & controls within the information security, ideally in a regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of control frameworks (NIST CSF, COBIT). Ability to run threat intelligence and vulnerability assessments. Experience collaborating with 2nd and 3rd line governance teams (e.g. More ❯

Howdens Joinery have an exciting brand-new opportunity as an Information Security Architect to join our growing Cyber team. Responsible for designing secure, scalable solutions that align with Howdens’ business goals and cyber risk strategy. This role will suit a pro-active individual with an investigative nature who will be our key advisor across IT, Architecture, and Cyber … is a permanent opportunity based from our office in Northampton where you will be required to work onsite 2 days per week. What will I be doing as an InfoSec Architect? Collaborate across business, technical, and service teams to design and deliver security solutions that enhance cybersecurity maturity, reduce risk, and align with broader business objectives and priorities. Engage … with stakeholders to understand and balance competing business needs, technical constraints, and security requirements, ensuring practical and effective outcomes. Lead and contribute to solution design and re-architecture initiatives, assessing technical options in partnership with the Head of Information Security and Enterprise Architecture, and ensuring solutions are secure, maintainable, and scalable. Conduct proactive security architecture reviews More ❯

will: Assess that Cybersecurity is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security … vulnerabilities. These risk assessments will be presented to risk owners who are either Director or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to … project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation related to security assessments, risks, mitigation plans, and compliance status, providing regular reports to relevant stakeholders across waterfall and iterative deployment methodologies. Enable the business by being a trusted partner. This means working with Business Relationship Managers, Business Advisers, and Programme Managers More ❯

will: Assess that Cybersecurity is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security … vulnerabilities. These risk assessments will be presented to risk owners who are either Director or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to … project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation related to security assessments, risks, mitigation plans, and compliance status, providing regular reports to relevant stakeholders across waterfall and iterative deployment methodologies. Enable the business by being a trusted partner. This means working with Business Relationship Managers, Business Advisers, and Programme Managers More ❯

will: Assess that Cybersecurity is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security … vulnerabilities. These risk assessments will be presented to risk owners who are either Director or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to … project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation related to security assessments, risks, mitigation plans, and compliance status, providing regular reports to relevant stakeholders across waterfall and iterative deployment methodologies. Enable the business by being a trusted partner. This means working with Business Relationship Managers, Business Advisers, and Programme Managers More ❯

will: Assess that Cybersecurity is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security … vulnerabilities. These risk assessments will be presented to risk owners who are either Director or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to … project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation related to security assessments, risks, mitigation plans, and compliance status, providing regular reports to relevant stakeholders across waterfall and iterative deployment methodologies. Enable the business by being a trusted partner. This means working with Business Relationship Managers, Business Advisers, and Programme Managers More ❯

will: Assess that Cybersecurity is embedded throughout the development lifecycle of Technology Assets by using Deloitte's Secure System Development Lifecyle (SSDLC) to assure paths to production. Oversee that security testing activities like vulnerability scanning, penetration testing, and code reviews are completed to identify weaknesses and potential exploits on the identified security requirements. Identify potential information security … vulnerabilities. These risk assessments will be presented to risk owners who are either Director or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to … project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation related to security assessments, risks, mitigation plans, and compliance status, providing regular reports to relevant stakeholders across waterfall and iterative deployment methodologies. Enable the business by being a trusted partner. This means working with Business Relationship Managers, Business Advisers, and Programme Managers More ❯

GRC Analyst This is a hybrid role and can be based from either our Peterborough, Manchester, Stoke, Tunbridge Wells or Chesterfield office. Role Purpose: Reporting to the Head of Information Security to provide BAU operational technical security support. The Senior GRC Analyst will be responsible for compliance governance to security standards, delivering required GRC processes and … provide ongoing assurance that digital systems and data are safe and secure. Key Accountabilities & Responsibilities: Be an SME for PCI DSS and contribute to and ensure compliance governance to security standards. Contribute to business and technology audits. Engagement with 3rd party partners as a SME and to ensure due diligence process adherence. Management IT Security GRC activities and … end-to-end delivery of information security practices and processes. SME, advice, oversight and governance of security policies, processes, procedures and standards. Contribute to the delivery of the security roadmap and a continuous improvement model for security. Ensure Information Security controls are operating effectively. Ensure where gaps are identified that these have remediation plans More ❯

The Role: We are looking for a Cloud Security Engineer with experience on AWS, to join our growing team. The successful candidate will have an essential role in ensuring the information security of our business. You will be working in a team that is designing and building resilient and secure Cloud environments that proactively prevent security threats. You will typically have industry accreditations like AWS Certified Security - Specialty The main responsibilities of the position include: Design and build resilient Cloud infrastructures that are protected against security threats Develop and assess Cloud security solutions to secure systems, databases and networks Conduct assessment and make recommendations to ensure that appropriate controls are in place … Gain insight into security incidents and threats by monitoring/analyzing logs and performing vulnerability assessments Participate in efforts that shape the company’s security policies, procedures and standards for use in Cloud environments Create technical and managerial level security reports for Cloud-based applications and infrastructure Implement and tests network and security Disaster Recovery procedures More ❯

Information Security Analyst 📍 Location: City of London (Hybrid – 2 days/week in office) 💰 Salary: Competitive … + Benefits 🧭 Industry: B2B Travel Tech/SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment … settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across More ❯

Information Security Analyst 📍 Location: City of London (Hybrid – 2 days/week in office) 💰 Salary: Competitive … + Benefits 🧭 Industry: B2B Travel Tech/SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment … settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across More ❯

Information Security Analyst 📍 Location: City of London (Hybrid – 2 days/week in office) 💰 Salary: Competitive … + Benefits 🧭 Industry: B2B Travel Tech/SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment … settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation: Improve and implement security measures across More ❯

Are you a hands-on security professional with experience managing IT security operations and driving improvements across infrastructure and processes? This Manchester based organisation is looking for a Security Manager to take ownership of information security, risk management and ongoing security enhancement activities. Youll work closely with Senior Leadership, leading key initiatives to protect … systems, data and users while helping shape the organisations security posture. What youll be doing: Managing day-to-day information security operations, including incident response and risk assessments Leading the development and implementation of security policies, standards, and controls Driving continuous improvement initiatives to strengthen cyber resilience Developing and supporting security roadmaps aligned with business … needs Acting as the security escalation point within the IT function Collaborating with internal teams and external suppliers to maintain compliance and security best practices Supporting audit and compliance activities related to Cyber Essentials, ISO27001 or similar What youll need: Proven experience managing IT security or information security functions Strong technical knowledge of Microsoft environments More ❯