testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS ). AMRT1_UKTJ ... More ❯
testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to More ❯
testing (AWS, Azure, or Google Cloud). * Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. * Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to More ❯
of supplier policies and procedures, current security controls, third party pen testing reports, vulnerability management reports, and information security reports such as SOC2 Reports, NIST or ISO 27001 reports, PCIDSS etc). Manage relationships with large third-party suppliers involved in transformative, high-impact projects and Business as usual activities. This included facilitating collaboration between key business More ❯
experience: You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCIDSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. Knowledge of security compliance standards … relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. Experience of external penetration testing scopes. Experience securing code reviews and security approvals Experience in Cryptography management & enhancements We value teamwork, collaboration & technical excellence – the company are heavily weighted toward technical staff (as you would hope, for a Software company!) so you must be comfortable within More ❯
Central London, London, England, United Kingdom Hybrid / WFH Options
hireful
experience: You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCIDSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. Knowledge of security compliance standards … relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. Experience of external penetration testing scopes. Experience securing code reviews and security approvals Experience in Cryptography management & enhancements We value teamwork, collaboration & technical excellence – the company are heavily weighted toward technical staff (as you would hope, for a Software company!) so you must be comfortable within More ❯
Broad knowledge of cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities and software security. Strong knowledge of regulatory requirements (e.g. GDPR, ISO27001, PCI-DSS) and experience in regulatory reporting. 3-5 years of experience in GRC, risk management, or compliance. A bachelor's degree in computer science, Cyber Security or similar More ❯
Liverpool, Lancashire, United Kingdom Hybrid / WFH Options
Techwaka
practices Provide specialist security support to IT teams, including infrastructure, development, and database teams Work with stakeholders to maintain compliance with industry standards such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role More ❯
containerization technologies like Docker and Kubernetes. • In-depth understanding of cybersecurity principles, best practices, and common attack vectors. • Knowledge of security compliance frameworks and regulations such as GDPR, HIPAA, PCIDSS, and SOC 2. • Ability to conduct risk assessments, vulnerability assessments, and penetration testing. • Proficiency in scripting languages like Python, PowerShell, or Bash for automation and orchestration tasks. More ❯
e.g., Python, Bash) for automation and custom scan configurations is a plus. Experience with SIEM tools and incident response is a bonus. Knowledge of regulatory compliance standards such as PCIDSS, HIPAA, NIST, ISO 27001, and SOC 2. Excellent analytical and problem-solving skills with a strong attention to detail. Ability to translate technical findings into understandable and More ❯
industry knowledge. Ability to motivate the team to achieve excellence, while giving credit and recognition where it is due. Knowledge of General Data Protection Regulation (GDPR), PaymentCardIndustry (PCI), National Institute of Standards (NIST), International Standards Organization (ISO) and other relevant regulations and frameworks. Additional Qualifications Proven trustworthiness and history of acting with integrity, taking pride in work More ❯
received• Clear and consistent communication skills across a variety of channels, fostering productive and strong working relationships Critical competencies - technical fit • Good understanding of at least one audit framework; PCIDSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, Microsoft 365 Certification, etc.• Ability to deliver, without supervision/support, at least one Cyber Practice GRC service• Aptitude … Cyber Securityindustry• Take own initiative to expand information security knowledge• Ability to write concise, accurate and timely reports Desirable competencies • Exposure to multiple industry audit/compliance frameworks; PCIDSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, etc.• Exposure to Amazon AWS, Microsoft Azure or Google GCPs cloud platforms• Data Privacy Experience, e.g. GDPR, DPA2018 More ❯
CompTIA Security+, CEH, GCIH, GCIA CISSP etc) Experience with Microsoft O365 Security solutions and network security operations. Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ? SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ? SOAR (Rapid7 ICON, MS Sentinel) ? Endpoint Detection and Response (Microsoft Defender) ? Email More ❯
related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCIDSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work More ❯
Newcastle Upon Tyne, Tyne And Wear, United Kingdom
DXC Technology Inc
related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCIDSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work More ❯
Salford, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
AJ BELL BUSINESS SOLUTIONS LIMITED
risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCIDSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯
team, account team & Client stakeholders. Review the outcomes of the transition projects to capture learnings & disseminate across organization Technical Skills – Basic Knowledge on security models such as ITIL, ISO27002, PCIDSS and Cobit 5 Experience on Security tools & Technologies Integration of testing mechanisms with industry best practices such as OWASP & NIST Good Understanding of IT security policy, procedure More ❯
Liverpool, Lancashire, United Kingdom Hybrid / WFH Options
B&M Retail Limited
roles Strong understanding of business continuity and disaster recovery Hands-on experience with security risk assessments, audits, and incident response Familiarity with key standards and regulations (e.g. ISO 27001, PCIDSS, GDPR) Excellent stakeholder management and communication skills And desirable would be: Certifications such as CISSP, CISM, CRISC, CBCI, or ISO 27001 Lead Auditor Experience in the retail More ❯
key risks and control weaknesses, providing practical and strategic recommendations for remediation. Evaluate compliance with internal policies, industry best practices, and regulatory requirements (e.g., FCA, PRA, GDPR, ISO 27001, PCI-DSS). Collaborate with business and IT stakeholders to understand operational processes and system architecture. Prepare detailed audit reports and present findings to senior management. Support external auditors More ❯
Loughton, Essex, England, United Kingdom Hybrid / WFH Options
Profile 29
a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCIDSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCIDSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … to work in the UK unrestricted for at least the next 5 years. Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidsspcidsspci-dss soar loughton Debden essex London More ❯
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
Maidenhead, Royal Borough of Windsor and Maidenhead, Berkshire, United Kingdom
Kensington Mortgages
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
will have: Proven senior leadership experience in information security within large, complex organizations. Deep knowledge of information security standards and frameworks (e.g., CIS, NIST, ISO-27001). Experience managing PCI-DSS compliance across multiple payment channels. Strong understanding of GDPR and experience leading a privacy team. Experience leading and developing teams of specialists. Exceptional communication skills to influence More ❯
Architecture. Knowledge of Secure Software Development Life Cycle and frameworks like TOGAF or SABSA. Understanding of Information Security risk management tools and techniques. Familiarity with cybersecurity frameworks like ISO27001, PCI-DSS, CIS Benchmarks, and Cloud Platform Well Architected Frameworks. Designing and implementing enterprise security controls following industry best practices. Security governance and compliance across public, private, and government More ❯