related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCIDSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work More ❯
security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. More ❯
security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing, or software security engineering. More ❯
SIEM tools, firewalls, and intrusion detection systems Work with engineering teams to ensure secure code and deployment pipelines (CI/CD) Ensure compliance with industry standards (e.g., ISO 27001, PCIDSS, SOC 2) Requirements: 5+ years in cyber/information security roles Deep understanding of cloud infrastructure (AWS, GCP, or Azure) Strong knowledge of security protocols, encryption, and More ❯
SIEM tools, firewalls, and intrusion detection systems Work with engineering teams to ensure secure code and deployment pipelines (CI/CD) Ensure compliance with industry standards (e.g., ISO 27001, PCIDSS, SOC 2) Requirements: 5+ years in cyber/information security roles Deep understanding of cloud infrastructure (AWS, GCP, or Azure) Strong knowledge of security protocols, encryption, and More ❯
Newcastle Upon Tyne, Tyne And Wear, United Kingdom
DXC Technology Inc
related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCIDSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work More ❯
anomalies. Collaborate with penetration testers and vulnerability management teams to validate findings and ensure resolution. Partner with GRC and compliance teams to align network controls with standards such as PCI-DSS, ISO 27001, etc. Requirements: Technical Skills & Experience: 5+ years of experience in network security engineering roles. Strong hands-on expertise with hybrid networks, including on-prem, cloud More ❯
Salford, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
AJ BELL BUSINESS SOLUTIONS LIMITED
risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCIDSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯
team, account team & Client stakeholders. Review the outcomes of the transition projects to capture learnings & disseminate across organization Technical Skills – Basic Knowledge on security models such as ITIL, ISO27002, PCIDSS and Cobit 5 Experience on Security tools & Technologies Integration of testing mechanisms with industry best practices such as OWASP & NIST Good Understanding of IT security policy, procedure More ❯
Liverpool, Lancashire, United Kingdom Hybrid / WFH Options
B&M Retail Limited
roles Strong understanding of business continuity and disaster recovery Hands-on experience with security risk assessments, audits, and incident response Familiarity with key standards and regulations (e.g. ISO 27001, PCIDSS, GDPR) Excellent stakeholder management and communication skills And desirable would be: Certifications such as CISSP, CISM, CRISC, CBCI, or ISO 27001 Lead Auditor Experience in the retail More ❯
Loughton, Essex, England, United Kingdom Hybrid / WFH Options
Profile 29
a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCIDSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCIDSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … to work in the UK unrestricted for at least the next 5 years. Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidsspcidsspci-dss soar loughton Debden essex London More ❯
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
Maidenhead, Royal Borough of Windsor and Maidenhead, Berkshire, United Kingdom
Kensington Mortgages
Lambda, Elastic Search, Kibana and Kinesis. AWS certification. Knowledge of AWS Workforce Management tools including Quality Monitoring scorin Experience with working in a regulated financial services environment including ISO27001, PCI-DSS and Sarbanes Oxley. Experience with Microsoft technologies including Microsoft Teams direct routing, Microsoft 365 and Azure Entra ID. Experience with Avaya Aura solutions/Verint WFM Applications More ❯
will have: Proven senior leadership experience in information security within large, complex organizations. Deep knowledge of information security standards and frameworks (e.g., CIS, NIST, ISO-27001). Experience managing PCI-DSS compliance across multiple payment channels. Strong understanding of GDPR and experience leading a privacy team. Experience leading and developing teams of specialists. Exceptional communication skills to influence More ❯
and implementation of frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Program and project manage GRC delivery engagements • Participate in strategic risk management and regulatory compliances transition and transformation engagements. • Develop knowledge … technical capabilities around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Allianz Popular SL
existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Supporting compliance activities with the Group Information Security Framework, Cyber Essentials, and PCIDSS attestation. Facilitating regular reviews and updates of control and risk management processes to remain effective and responsive to emerging threats and changes in the organizational landscape. Essential … of security transformation and delivery of security projects, particularly within a federated organisation. Desirable Skills Knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCIDSS, and DORA, and the ability to design controls that align with these standards. Good awareness of risk methodologies and ability to analyse data for report generation. Skills More ❯
Collaborate with penetration testing and vulnerability scanning teams to validate vulnerabilities and verify implemented remediations. Work with GRC and compliance teams to align network configurations with regulatory frameworks like PCI-DSS, ISO 27001 , etc. Preferred Skills and Experience: Extensive hands-on experience in securing hybrid infrastructure (on-prem + cloud). Strong understanding of network protocols, firewalls, IDS More ❯
Information Security Management System), ensuring it remains fit for purpose as we scale. Maintain and advance compliance across ISO 27001, SOC2, Cyber Essentials, GDPR, and any emerging frameworks (e.g. PCIDSS, AI governance), ensuring we are audit-ready. Identify, assess, and mitigate security risks across infrastructure, systems, and vendors - flagging and resolving vulnerabilities before they become problems. Own … Essential Experience as an InfoSec expert - ideally within a high-growth SaaS or B2B tech environment. Strong working knowledge of compliance frameworks (e.g. ISO 27001, SOC2Cyber Essentials) and ideally PCI DSS. Working knowledge of GDPR, with experience supporting or overseeing data protection practices. Hands-on experience with security tooling and SaaS security systems. Confident in managing compliance audits, access More ❯
account relationships and identifies upsell and cross sell opportunities and escalates to sales. Travel 25-50%. Ability to be successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA) One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required … ISMS Auditor or higher, or ISO 27001 Lead Auditor. Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Strong knowledge of the PCI-DSSsecurity standards. 5+ years of experience in an IT Security Audit and/or Compliance role. Experience preparing and presenting Tier 1 and Tier 2 Reports on More ❯
M5, Salford, Greater Manchester, United Kingdom Hybrid / WFH Options
AJ Bell Business Solutions Limited
risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCIDSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯
Manchester, Lancashire, England, United Kingdom Hybrid / WFH Options
AJ Bell
risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCIDSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯
SRE methodologies oAnalyze service stack performance and recommend improvements oUnderstand SLA requirements, high availability architectures, and performance optimization techniques Security & Compliance oKnowledge of security best practices, networking protocols, firewalls, PCI compliance, and maintaining confidentiality of processed information Communication & Documentation oStrong problem-solving, analytical, and technical troubleshooting skills oClear and precise verbal and written communication oCommunicate effectively across development and More ❯