Architecture. Knowledge of Secure Software Development Life Cycle and frameworks like TOGAF or SABSA. Understanding of Information Security risk management tools and techniques. Familiarity with cybersecurity frameworks like ISO27001, PCI-DSS, CIS Benchmarks, and Cloud Platform Well Architected Frameworks. Designing and implementing enterprise security controls following industry best practices. Security governance and compliance across public, private, and government More ❯
recommend processes and procedures, which have an equally important role in limiting risk. We support our clients to achieve and maintain information security standards and frameworks, including ISO 27001, PCIDSS, NIST Cyber Security Framework (CSF), and data protection regulations. What you'll be doing: Engaging confidently with clients and colleagues, delivering consultative and advisory expertise, within a … pre-sales and delivery capacity. Providing hands-on PCIDSS compliance and consultancy services across a range of requirements for clients. Operating as a subject matter expert and engaging confidently with clients relating to solving Information Security Governance, Risk, and Compliance problems. Supporting the growth of PGI's consultancy services in the UK and internationally in line with … best practices, On day one you will bring: Proven people and relationship management skills. Demonstrable experience providing Information Assurance consultancy. Experience as a current Qualified Security Assessor (QSA). PCI SSC Qualified Security Assessor expertise and experience. Experience in or knowledge of the PCIDSSstandard, NIST CSF, DORA, GDPR/DPA. ISO 27001 Lead Auditor, ISO More ❯
received• Clear and consistent communication skills across a variety of channels, fostering productive and strong working relationships Critical competencies - technical fit • Good understanding of at least one audit framework; PCIDSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, Microsoft 365 Certification, etc.• Ability to deliver, without supervision/support, at least one Cyber Practice GRC service• Aptitude … Cyber Securityindustry• Take own initiative to expand information security knowledge• Ability to write concise, accurate and timely reports Desirable competencies • Exposure to multiple industry audit/compliance frameworks; PCIDSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, etc.• Exposure to Amazon AWS, Microsoft Azure or Google GCPs cloud platforms• Data Privacy Experience, e.g. GDPR, DPA2018 More ❯
CompTIA Security+, CEH, GCIH, GCIA CISSP etc) Experience with Microsoft O365 Security solutions and network security operations. Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ? SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ? SOAR (Rapid7 ICON, MS Sentinel) ? Endpoint Detection and Response (Microsoft Defender) ? Email More ❯
fraud Onboard key customer-facing and payment systems into the security monitoring platform Perform threat hunting and detection engineering to identify and address emerging risks Support security audits, compliance (PCI-DSS), and post-incident reviews Mentor junior team members and contribute to a culture of continuous improvement Participate in the on-call rotation to ensure fast, effective incident More ❯
related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCIDSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work More ❯
security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. More ❯
security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. More ❯
SIEM tools, firewalls, and intrusion detection systems Work with engineering teams to ensure secure code and deployment pipelines (CI/CD) Ensure compliance with industry standards (e.g., ISO 27001, PCIDSS, SOC 2) Requirements: 5+ years in cyber/information security roles Deep understanding of cloud infrastructure (AWS, GCP, or Azure) Strong knowledge of security protocols, encryption, and More ❯
SIEM tools, firewalls, and intrusion detection systems Work with engineering teams to ensure secure code and deployment pipelines (CI/CD) Ensure compliance with industry standards (e.g., ISO 27001, PCIDSS, SOC 2) Requirements: 5+ years in cyber/information security roles Deep understanding of cloud infrastructure (AWS, GCP, or Azure) Strong knowledge of security protocols, encryption, and More ❯
Newcastle Upon Tyne, Tyne And Wear, United Kingdom
DXC Technology Inc
related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCIDSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work More ❯
anomalies. Collaborate with penetration testers and vulnerability management teams to validate findings and ensure resolution. Partner with GRC and compliance teams to align network controls with standards such as PCI-DSS, ISO 27001, etc. Requirements: Technical Skills & Experience: 5+ years of experience in network security engineering roles. Strong hands-on expertise with hybrid networks, including on-prem, cloud More ❯
Salford, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
AJ BELL BUSINESS SOLUTIONS LIMITED
risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCIDSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯
team, account team & Client stakeholders. Review the outcomes of the transition projects to capture learnings & disseminate across organization Technical Skills – Basic Knowledge on security models such as ITIL, ISO27002, PCIDSS and Cobit 5 Experience on Security tools & Technologies Integration of testing mechanisms with industry best practices such as OWASP & NIST Good Understanding of IT security policy, procedure More ❯
Liverpool, Lancashire, United Kingdom Hybrid / WFH Options
B&M Retail Limited
roles Strong understanding of business continuity and disaster recovery Hands-on experience with security risk assessments, audits, and incident response Familiarity with key standards and regulations (e.g. ISO 27001, PCIDSS, GDPR) Excellent stakeholder management and communication skills And desirable would be: Certifications such as CISSP, CISM, CRISC, CBCI, or ISO 27001 Lead Auditor Experience in the retail More ❯
Loughton, Essex, England, United Kingdom Hybrid / WFH Options
Profile 29
a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCIDSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCIDSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … to work in the UK unrestricted for at least the next 5 years. Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidsspcidsspci-dss soar loughton Debden essex London More ❯
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
Maidenhead, Royal Borough of Windsor and Maidenhead, Berkshire, United Kingdom
Kensington Mortgages
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
will have: Proven senior leadership experience in information security within large, complex organizations. Deep knowledge of information security standards and frameworks (e.g., CIS, NIST, ISO-27001). Experience managing PCI-DSS compliance across multiple payment channels. Strong understanding of GDPR and experience leading a privacy team. Experience leading and developing teams of specialists. Exceptional communication skills to influence More ❯
and implementation of frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Program and project manage GRC delivery engagements • Participate in strategic risk management and regulatory compliances transition and transformation engagements. • Develop knowledge … technical capabilities around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Allianz Popular SL
existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Supporting compliance activities with the Group Information Security Framework, Cyber Essentials, and PCIDSS attestation. Facilitating regular reviews and updates of control and risk management processes to remain effective and responsive to emerging threats and changes in the organizational landscape. Essential … of security transformation and delivery of security projects, particularly within a federated organisation. Desirable Skills Knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCIDSS, and DORA, and the ability to design controls that align with these standards. Good awareness of risk methodologies and ability to analyse data for report generation. Skills More ❯
Collaborate with penetration testing and vulnerability scanning teams to validate vulnerabilities and verify implemented remediations. Work with GRC and compliance teams to align network configurations with regulatory frameworks like PCI-DSS, ISO 27001 , etc. Preferred Skills and Experience: Extensive hands-on experience in securing hybrid infrastructure (on-prem + cloud). Strong understanding of network protocols, firewalls, IDS More ❯