76 to 100 of 493 Information Security Jobs in the UK excluding London

Information Security Officer - International Law Firm (London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the … firm's long-term security strategy, drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm's information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes and More ❯

Careers# Head of Cyber Security Team:Technology - UK Location:Leeds Work Model:hybrid Work Type:Permanent Hi, we're PEXA! We know you'll Google us before applying, so let's keep this brief. PEXA revolutionised the way that property is settled in Australia, turning a paper-based process into a digital one. Our solution is a world-first … just one aspect of your life - we want to help you create your ideal work/life blend, rather than squeezing in life around work.As the Head of Cyber Security at PEXA UK, you'll play a key role in protecting the digital backbone of our business. Working closely with the UK CTO, Group CISO in Australia, and the … PEXA UK leadership team, you'll define and drive the security strategy, standards, and posture across our three UK brands: PEXA UK, Smoove, and Optima Legal.You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with More ❯

Nottingham Trent House (95002), United Kingdom, Nottingham, NottinghamshireRisk Remediation AssessorAbout the RoleCapital One has a team of Information Security specialists who not only focus on security, but are relationship experts, risk assessment champions, and resolve complex information security issues related to Capital One’s third parties. The Cyber Third Party Risk Reduction (CTPRR) program defines … the framework and conducts the assessments which enable the business to protect sensitive information, physical assets, and confirms the Third Parties’ ability to provide continual services. This role will partner with a community of internal and external stakeholders to ensure third party engagements receive the necessary CTPRR due diligence; evaluate the effectiveness of the third party’s security environment and deliver a quality assessment report. It also supports ongoing security by working with the third parties to remediate any identified issues, enabling effective risk management in alignment with business tolerance and industry requirements. Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know More ❯

Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Identity Engineer. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program. Responsibilities will include: Strong experience with authentication systems such as LDAP, MS Active Directory, Kubernetes, and Microsoft Entra … solutions like SailPoint, IBM, Oracle, etc. Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing … to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on information security controls. Continually improve team documentation, including solution run books, architecture, knowledge base articles, FAQs, SharePoint. Provide evidentiary support for Audit and Compliance teams. Manage the remediation process including tracking and resolutions of findings from More ❯

Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Identity Engineer. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program. Responsibilities will include: Strong experience with authentication systems such as LDAP, MS Active Directory, Kubernetes, and Microsoft Entra … solutions like SailPoint, IBM, Oracle, etc. Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing … to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on information security controls. Continually improve team documentation, including solution run books, architecture, knowledge base articles, FAQs, SharePoint. Provide evidentiary support for Audit and Compliance teams. Manage the remediation process including tracking and resolutions of findings from More ❯

Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Identity Engineer. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program. Responsibilities will include: Strong experience with authentication systems such as LDAP, MS Active Directory, Kubernetes, and Microsoft Entra … solutions like SailPoint, IBM, Oracle, etc. Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing … to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on information security controls. Continually improve team documentation, including solution run books, architecture, knowledge base articles, FAQs, SharePoint. Provide evidentiary support for Audit and Compliance teams. Manage the remediation process including tracking and resolutions of findings from More ❯

one aspect of your life - we want to help you create your ideal work/life blend, rather than squeezing in life around work. As the Head of Cyber Security at PEXA UK, you'll play a key role in protecting the digital backbone of our business. Working closely with the UK CTO, Group CISO in Australia, and the … PEXA UK leadership team, you'll define and drive the security strategy, standards, and posture across our three UK brands: PEXA UK, Smoove, and Optima Legal. You'll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance … with ISO 27001 and FCA requirements. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. You'll shape how we manage threats, embed secure-by-design principles, and foster a culture of security awareness across the organisation. You'll also collaborate closely with technology, legal More ❯

Organisations who are one of a major driving forces behind Innovative Development of Enterprise-Led Internet Technology. Role Overview: As a Vulnerability Management Analyst you will focus on Technical Information Security within the Security Function , within a major part of the Organisation's Vulnerability Management Team . You will work closely within the Security Department covering … Tools Scheduling of Scanning across Business, ensuring Reporting Requirements are met whilst Minimising Operational Impacts to Endpoints Scheduling Internal & External Resources to Ensure Targets are Met Work across Full Information Security Project Lifecycle Ensure Compliance with Security Policies & Procedures Act as an Escalation Point & Coordinate with other Teams when required Key Skills & Experience Required for Vulnerability Management … Analyst role will include: Strong Understanding of Information/Cyber Security Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches More ❯

Principal Product Security Engineer 6 Month Contract Frimley Based 85.40 an hour Umbrella Inside IR35 This is a great opportunity to work within one of the UKs leading Defence companies based in Frimley. Knowledge, Skills and Qualifications Knowledge: The PSA Principal Engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk … management, to be able to identify, analyse and evaluate information risks. They will be able to document and present risk management options to the business and participate in discussions. Good understanding of information security principles and is able to advise on the potential impact to Product Systems. Knowledge of security related activities required to support the … engineering lifecycle with experience of operating in the phase relevant to the role. The PSA Principal Engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies. Proven experience of assessing and managing information risk More ❯

Principal Product Security Engineer 6 Month Contract Frimley Based £85.40 an hour Umbrella Inside IR35 This is a great opportunity to work within one of the UKs leading Defence companies based in Frimley. Knowledge, Skills and Qualifications Knowledge: The PSA Principal Engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk … management, to be able to identify, analyse and evaluate information risks. They will be able to document and present risk management options to the business and participate in discussions. Good understanding of information security principles and is able to advise on the potential impact to Product Systems. Knowledge of security related activities required to support the … engineering lifecycle with experience of operating in the phase relevant to the role. The PSA Principal Engineer will have a working knowledge of the cyber security and information assurance marketplace, including products, suppliers and key threats, and will also have an understanding of the direction of potential future technologies. Proven experience of assessing and managing information risk More ❯

About the Department The Risk and Information Governance Department plays a critical role in ensuring the SRA's compliance with regulatory and security standards. We work collaboratively across the organisation to manage risk, protect information assets, and uphold the highest standards of governance and assurance. The Role This is an exciting opportunity to lead and manage the … SRA's ISO:27001 certified Information Security Management System (ISMS). As Information Security Manager, you'll be a subject matter expert, providing strategic advice and operational support to ensure robust information security practices are embedded across the organisation. You'll work closely with IT Security, Risk, and Governance colleagues to assess and … PCI DSS, and manage external certification processes. This role is ideal for someone with strong analytical skills, excellent stakeholder engagement experience, and a deep understanding of ISO:27001 and information security frameworks. What's in it for you Lead the development and implementation of a certified ISMS Collaborate with senior stakeholders across the organisation Be part of a More ❯

business communications vendors, as well as major payment service providers. We are currently looking for a GRC & Audit Lead to join our UK team. THE OPPORTUNITY: PCI Pal's Information Security team requires a dynamic and proactive individual to lead all Governance, Risk and Compliance (GRC), audit requirements for our team and the company. We are an agile … the confidentiality, integrity and availability (CIA) of our internal, external environments, and client solutions are always maintained. The Lead GRC & Audit function will be focused on ownership of all Information Security GRC, Audit and project initiatives, including proactive cross-functional collaboration with other variety of business stakeholders. The role will ultimately encompass all facets from ensuring that GRC … progressive and pragmatic approach to implementing and maturing innovative GRC and Data Privacy solutions processes and procedures. Assist in defining the technical requirements for both the tactical, to strategic, Information Security roadmap. Function as a subject matter expert, both within the team, and with peers for all matters relating to GRC, and audit management. Managing, maintaining and maturing More ❯

Type: PermanentLocation: Hybrid Overview: We are looking for a detail-oriented and proactive Information Security Compliance Analyst to join our team on a permanent basis. This role is pivotal in supporting the development and continuous improvement of our global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply with … internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others. Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC … HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of 3 years experience. Skills Required: Proven experience in information security More ❯

Senior Cyber Security Analyst (Ops - Cloud) The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose … be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded … additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Depose for Security Lead (Analyst) in their absence. Act More ❯

Senior Cyber Security Analyst (Ops - Cloud) The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose … be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The post of Senior Security Analyst has been awarded … additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Senior Security Analyst Ops you will: Provide Tier 3 security analytics and incident response for service-specific security monitoring. Depose for Security Lead (Analyst) in their absence. Act More ❯

Principal Engineer - Product Security (Product Security Analyst) - 6 month contract - Frimley, Surrey - £85.40 ph UMB or £63.21 ph PAYE (Inside IR35) The Umbrella rate quoted above is the Gross Umbrella rate (i.e. the rate we pay to the Umbrella Company inclusive of ALL employment costs). Please note, the rate paid by the Umbrella will be less, as … or Agency PAYE rate. Please get in touch to discuss the rates via these different payment vehicles. The Role The PSA Principal Engineer will be a focal point for security and information risk matters within the Product Security Engineering (PSyE) team and will be able to apply their deep level of subject matter expertise and experience to … delivered solutions meet the specified contractual and regulatory requirements and can be operated securely, correctly and safely. Role Responsiblities: Not limited to... Risk Management Accreditation Document Set (RMADS). Security Strategy and other accreditation documentation Captured and agreed technical requirements in accordance with company and programme processes. Compliant technical solutions against contractual requirements and regulations. Technical input and appropriate More ❯

The Role: We are looking for a Cloud Security Engineer with experience on AWS, to join our growing team. The successful candidate will have an essential role in ensuring the information security of our business. You will be working in a team that is designing and building resilient and secure Cloud environments that proactively prevent security threats. You will typically have industry accreditations like AWS Certified Security - Specialty The main responsibilities of the position include: Design and build resilient Cloud infrastructures that are protected against security threats Develop and assess Cloud security solutions to secure systems, databases and networks Conduct assessment and make recommendations to ensure that appropriate controls are in place … Gain insight into security incidents and threats by monitoring/analyzing logs and performing vulnerability assessments Participate in efforts that shape the company’s security policies, procedures and standards for use in Cloud environments Create technical and managerial level security reports for Cloud-based applications and infrastructure Implement and tests network and security Disaster Recovery procedures More ❯

Information Security Manager - Contract (Inside IR35) 6 Months Initially Milton … Keynes/Hybrid We’re looking for an experienced Information Security Manager to take ownership of a key security improvement programme and help mature an existing InfoSec function. This role needs a trusted pair of hands – someone who can quickly assess what’s in place, bring clarity and structure, and deliver real change. You’ll lead the … hands-on, and confident operating independently We need someone who can roll up their sleeves, bring visibility to a “black box,” and make things happen. If you’re an InfoSec leader who thrives on turning complexity into clarity, let’s talk. More ❯

IT Security Specialist - Cyber, Security, Azure Location: Manchester/Hybrid Salary: £35,000 - £45,000 Contract Type: Hybrid/remote/travel Company Overview We are a well-established organisation within the public sector, committed to delivering essential services that support communities and drive operational excellence. As part of our digital evolution, we are strengthening our cybersecurity capabilities … opportunity to join a collaborative team where your expertise will help protect the digital infrastructure that underpins our services. Essential Skills & Experience *Demonstrable experience in a cybersecurity or IT security role, ideally with at least one year in a hands-on capacity *Strong understanding of cybersecurity principles and technologies. *Hands-on experience with security tools such as antivirus … content filtering, firewalls, and intrusion detection systems. *Proficiency in Microsoft Azure and associated cloud security services. *Familiarity with Windows and Linux operating systems. *Experience with log management and security monitoring platforms. *Critical thinking and problem-solving skills in complex technical environments. *Knowledge of ITIL practices and security compliance standards. *Must have access to own transport. *Willingness to More ❯

plan for the IT function that aligns with the business plan and set clear objectives and goals for the function centrally and locally Responsible for defining and leading the information security strategy, fostering innovation to drive current and future technology solutions across the organisation Define and lead information security standards, governance, policies, information security guidelines, information governance, security and information governance With the IT leadership team develop and implement the specialist strategies ensuring process excellence both in central and local teams to support the growth of the business Responsible for senior level decision making and both day to day management and enabling of the strategic direction of the IT function … measures to resolve the current issues and perceived future issues in order to contain risks, including enterprise-wide disaster recovery and business continuity plans and proactive focus on cyber security Ensure central and local IT teams are working to best industry practice and are operationally compliant with regulatory bodies in line with legislation across Europe and reporting effectively to More ❯

wellness and employee assistance programmes, gymflex, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture Role Purpose Design and implement changes to information security governance & risk management, to ensure that the organisation's … security posture is robust, compliant, and adaptable to emerging threats while aligning with strategic business goals. Accountabilities Ensure ISO27001 compliance and maturity by identifying and recommending changes to Infosec policies, processes, control frameworks Ensure that we are consistently compliant with customer, regulatory, and shareholder obligations. Implement and continuously improve a risk management process across the organisation. Maintain and assess … the effectiveness of the security controls catalogue; recommend improvements. Own the Information Security Management System (ISMS) to ensure compliance with internal and external requirements. Provide assurance that security controls are operating effectively and aligned with defined frameworks. Maintain company risk portfolio and actively review and risk finding Conduct internal assessments against regulatory and customer obligations, compliance More ❯

Affinity Water has a exciting opportunity available to work in our Cyber Security Team as a Operational Technology Information Security Analyst. The Role: As a Operational Technology Information Security Analyst will be responsible for safeguarding the organisation's Operational Technology (OT) environments from cyber threats. This role involves implementing OT security measures, monitoring the … OT network for threats, leading incident response efforts, validating security controls, and ensuring the resilience of OT systems. What you'll be doing: Implement and manage OT security controls, measures, and technologies to protect critical assets and systems. Conduct risk assessments, vulnerability management, and security testing. Develop and implement incident response plans and ensure compliance with regulations. … Conduct proactive threat hunting and reactive incident response. Provide regular reports on security status, including incidents, vulnerabilities, and overall health of OT systems. Collaborate with cross-functional teams, including network engineers, system administrators, and external cybersecurity teams. What you'll need: At least 3 years of experience in OT security engineering, incident response, or a related field. Ability More ❯

Overview Make The Connection. Vix Technology, a global leader in automatic fare collection, transit information, and transit analytics solutions, is seeking a highly skilled and experienced Field Engineer. With a presence in over 200 city and regional transport authorities worldwide, Vix has been at the forefront of transforming fare collection for more than 35 years. At Vix, we are … our overall success. We invite you to share your perspectives, cultural backgrounds, and innovative ideas; we look forward to your contributions. Join the Vix team as an experienced Cloud Security Engineer! This on-site position in Manchester involves collaborating with our Cloud Operations team and the Security team to maintain robust security protocols. You'll play a … crucial role in guiding our technical teams to meet security standards, successfully passing security audits, and safeguarding both company and customer data. As the first point of contact for security incidents, your expertise will be essential in keeping our systems secure. We regret that this position is only available for UK citizens/Residents with indefinite leave More ❯

About Us Our Information & Technology (I&T) Digital Security organisation is on a mission to deliver scalable, flexible, and effective security services that support the evolving needs of our business. We operate as a centralised team, providing strategic security architecture and assurance across all business units, assets, and change initiatives. Our goal is to proactively mitigate … externally with our technology partners. Our team is committed to maintaining a secure digital environment that aligns with regulatory requirements and industry best practices. About the Role As an Information Security Architect, you will play a key role in shaping and maintaining our enterprise security architecture. You’ll work closely with enterprise architects, functional area specialists, and … security experts to ensure that all IT systems and platforms are designed with robust, scalable, and compliant security solutions. Your responsibilities will include: Developing and maintaining security architectural models, standards, and procedures. Advising on security strategies to manage risks and ensure compliance with internal policies and external regulations. Supporting the creation of reference architectures and artefacts More ❯

About the role Here at DS Smith, a multi-national sustainable packaging provider, we are looking for a Security Assurance Analyst to join our growing Security Team. The mission of the I&T Digital Security organisation is to deliver an efficient and effective service that has scalability and flexibility to support the demands of a FTSE … business.Supporting Head of Information Security Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and relevant security policies and best … practices.In this position you will provide assurance and guidance that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policies.Visibility and the ability to build close working relationships with Information & Technology (I&T) team members, business stakeholders as well as external partners is essential. This will require some More ❯