144 Cloud Security Specialist jobs in London

Information Security Manager - Rail Sector, URGENT HIRE

Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager.

The Role:

• Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management.
• Working alongside the DPO and Head of Technology to support on areas of data protection.
• Lead collaboration with key partners for train onboard systems cyber security assessments and risk management
• Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices
• Manage the information security incident response program
• Manage implementation and deployment of Information Security Management System (ISMS).
• Line management of the internal InfoSec specialists.

Requirements

• Extensive experience working with PCI-DSS and ISO27001
• Strong understanding on security tools such as IDS/IPS.
• Demonstrable experience of leading Information Security, Governance, Compliance teams.
• Ideally a form of cybersecurity qualification such as CISM or CISSP

Benefits:

• Salary between £55,000 - £70,000
• Hybrid working 3 days on site, 2 days at home.
• Working in Euston or Birmingham office.
• & more.

Sponsorship is not available for this position and the successful candidate will be subject to toxicology screening as standard for the rail industry.

We are looking for this hire ASAP so those will short (1 month or less) notice periods are encouraged to apply.

• Design and implement scalable and robust security architectures for cloud and on-premises environments.
• Develop and maintain security standards, blueprints, and best practices.
• Conduct security reviews of new applications, systems, and infrastructure designs.
• Identify security risks and vulnerabilities, and develop remediation plans.
• Provide technical leadership and guidance to security engineers and development teams.
• Evaluate and recommend security technologies and solutions.
• Develop and implement security policies and procedures.
• Lead threat modeling exercises and risk assessments.
• Ensure compliance with industry regulations and security frameworks (e.g., ISO 27001, NIST).
• Stay current with emerging security threats and technologies.

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Extensive experience as a Security Architect or in a similar senior security role.
• Proven experience designing and implementing security solutions in cloud environments (AWS, Azure, GCP).
• Strong knowledge of network security, cryptography, identity and access management (IAM), and application security.
• Experience with security tools such as SIEM, IDS/IPS, WAF, and vulnerability management systems.
• Familiarity with various security frameworks and compliance requirements.
• Excellent communication, presentation, and interpersonal skills.
• Relevant certifications such as CISSP, CCSP, or cloud security certifications are highly desirable.

• Conduct comprehensive information security risk assessments and audits.
• Develop and implement security policies, procedures, and guidelines.
• Advise on and ensure compliance with relevant security standards and regulations (e.g., ISO 27001, GDPR, NIST).
• Evaluate the effectiveness of existing security controls and identify areas for improvement.
• Assist in the development and execution of incident response plans.
• Provide expert advice on cybersecurity best practices and emerging threats.
• Conduct security awareness training for staff.
• Review and assess third-party vendor security.
• Contribute to the development of business continuity and disaster recovery plans.
• Collaborate with IT and business units to integrate security into all aspects of operations.
• Stay up-to-date with the latest security threats, vulnerabilities, and technologies.

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Minimum of 5 years of experience in information security consulting or a similar role.
• Proven expertise in information security risk management and compliance.
• Strong knowledge of cybersecurity frameworks and standards (ISO 27001, NIST, SOC 2).
• Experience with security assessment methodologies and tools.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong understanding of network security, application security, and data protection.
• Excellent written and verbal communication skills, with the ability to present complex information clearly.
• Relevant certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
• Ability to work independently and manage project deliverables effectively.

We are Vitesse – the treasury and payment partner of choice for insurance.  

Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA-regulated business providing global claim funds management and payment solutions. Operating one of the largest banking and payment settlement networks in the world, we give our customers direct access to 200 countries and currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds and deliver a superior claimant experience. Our market-leading treasury proposition provides insurers with transparency and control over their claim funds, even when delegated to third parties, allowing them to have their money in the right place, at the right time, to make that all-important payment when customers need it most. 
 
With over 260 employees across our London headquarters, Europe, and the US, $93m Series C funding secured, and exceeding £15bn in processed transactions, we are only just getting started. 
 
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd's of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference. As we continue to scale up, we want like-minded humans to join us on this exciting journey.  

Are you ready? 

Your Mission:

We are seeking a skilled and motivated Information Security Analyst to join our team, reporting into the CISO. You will play a crucial role in safeguarding our organisations digital assets and infrastructure from cyber threats. You will be responsible for analysing security measures, identifying vulnerabilities, and help implement effective solutions to mitigate risks.

This role has a requirement for the jobholder to be part of an out of hours call-out rota, which will usually be 1 in 4 or 5 weeks, in addition to being available for short-term assignments in the US to support our North American business.

The role will require at least 2 days onsite in our London office.

The ideal candidate will have a strong understanding of information security principles, excellent analytical skills, and the ability to adapt to evolving threats in the cybersecurity landscape.

Your Responsibilities:

Governance: Risk / Compliance / Assurance:

• Monitor security systems including intrusion detection, firewalls, and SIEM. Collaborate with our external SOC to detect and respond to security incidents in a timely manner.
• Participate in incident response activities, including incident triage, containment, eradication, and recovery efforts.
• Conduct thorough investigations of security incidents and provide detailed reports on findings and recommendations for remediation.

• Help contribute to regular security assessments and audits to identify vulnerabilities and weaknesses in systems, networks, devices, and applications.
• Serve as a subject matter expert on security-related matters, providing guidance and support to other teams and departments as needed, and as reported through the help desk system.
• Collaborate with IT teams and other stakeholders, contributing to the design and implementation of security controls and measures to protect against cyber threats.
• Stay up to date with the latest security trends, technologies, and best practices, and provide recommendations for continuous improvement.
• Assist with the management of security awareness training and workshops for employees to educate them about security risks and best practices for maintaining a secure work environment.
• Participate in the development and maintenance of disaster recovery plans to ensure the organisation's ability to respond to and recover from security incidents.
• Collaborate with internal teams during due diligence exercises to ensure that key security controls are documented as part of each submission.

Requirements

• Certifications such as CISSP, CISM, or CompTIA Security+, certifications are highly desirable.

• Proven experience working in information security, with a good understanding of security principles, protocols, and technologies.
• Experience with information security standards including ISO 27001, NIST and Cyber Essentials.
• Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing.
• Good understanding of Microsoft Azure, Office 365 and Microsoft E5 security tooling.
• Strong analytical and problem-solving skills, with the ability to analyse complex systems and identify security risks and vulnerabilities.
• Excellent communication and interpersonal skills, with the ability to effectively convey technical information to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment, with a strong sense of accountability and attention to detail.
• Sound judgment and decision-making abilities, especially in high-pressure situations requiring quick and accurate assessments.
• High ethical standards and a commitment to maintaining confidentiality.

Benefits

• 25 days Holiday per year (increasing by 1 day per years' service, up to 30 days) + Bank Holidays  
• Hybrid working arrangements – minimum 2 days in the office, Tuesday - Thursday 
• Contributory pension scheme  
• Enhanced Parental leave   
• Cycle to Work Scheme  
• Private Medical Insurance with AXA 
• Unlimited access to therapy sessions through our partner, Oliva   
• Discounted Gym membership through Gympass 
• Financial Coaching with Octopus Wealth  
• 2 days of volunteering leave per year  
• Sabbatical after 5 years’ service   
• Life Assurance - MetLife (UK employees only)
• Ongoing Learning and Development to support you reach your career goals  

We are Vitesse – the payment provider of choice for the insurance and treasury industry.  

Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA regulated payments business that is driven to be the payment partner of choice for the insurance market, by providing global payment services and treasury optimisation.  Operating one of the largest domestic banking and payment settlement networks in the world, we give our customers direct access to more than 170 countries and territories, covering over 110 currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds, delivering a better customer experience to their claimants.  Our market-leading treasury optimisation service brings complete control and transparency to insurers and allows them to have their money in the right place, at the right time, to make that all important payment - fast, and when their customers need it most.   

With now over 160 employees across Europe and our London headquarters, $26m series B funding in 2022 in the bag and approaching £8bn in processed transactions, we are only just getting started.     

We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd’s of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference.   

As we continue to scale up, we want like-minded humans to join us on this exciting journey.  Are you ready?  

Vitesse at our best – our values 

The Vitesse values are a true reflection of what it takes to thrive in our business, so it’s important to us that any employee who joins our business is aligned with these 3 attributes 

Confident Humility 

We don’t do ego and we know that unless we all win, none of us win. We admit when we’re wrong, ask for help and always think about the wider business before ourselves.

Driven to Succeed 

We see the opportunity ahead of us and we won’t stop until we fulfil the potential we know we have. We hold ourselves to high standards and deliver high quality outcomes for Vitesse and our customers.  

Tenacious Responsibility 

We take ownership for our actions and decisions, and face into the challenges that come our way. We are committed to seeing things through to completion, even in the face of adversity. 

We are an Equal Opportunity Employer   We are committed to creating an inclusive environment that enables everyone to perform at their best, where we recognise the rights of all individuals to mutual respect and where there is an unbiased acceptance of others. Our policies and practices aim to promote an environment that is free from all forms of Unfair discrimination and values the diversity of all people. At the heart of our policy, we seek to treat people fairly and with dignity and respect.  

• Develop and enforce information security policies, standards, and procedures.
• Conduct regular security risk assessments and vulnerability scans.
• Lead the incident response process, including investigation, containment, and recovery.
• Implement and manage security technologies such as firewalls, intrusion detection/prevention systems, and SIEM.
• Provide security awareness training and guidance to staff.
• Collaborate with IT teams on secure system architecture and deployment.
• Stay current with evolving cybersecurity threats and regulatory requirements.
• Monitor security alerts and respond to potential threats promptly.
• Maintain and improve security documentation and reporting.

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Proven experience in information security roles, with a focus on risk management and incident response.
• In-depth knowledge of security frameworks (e.g., ISO 27001, NIST).
• Experience with security tools and technologies.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.

• Develop, implement, and maintain comprehensive information security strategies and policies.
• Lead the information security team, providing guidance, mentorship, and technical direction.
• Conduct regular security risk assessments, vulnerability scans, and penetration tests to identify and remediate potential weaknesses.
• Design, deploy, and manage security technologies such as firewalls, IDS/IPS, SIEM, and endpoint detection and response (EDR) solutions.
• Develop and manage incident response plans, leading the investigation and remediation of security breaches.
• Ensure compliance with relevant security regulations and standards (e.g., GDPR, ISO 27001, PCI DSS).
• Provide security awareness training to employees across the organization.
• Collaborate with IT and other departments to ensure security is integrated into all systems and processes.
• Monitor security alerts and events, responding promptly to potential threats.
• Stay current with the latest cybersecurity threats, trends, and technologies, and proactively adapt security measures.
• Manage security vendor relationships and evaluate new security products and services.
• Develop and maintain security documentation, including policies, procedures, and runbooks.
• Lead security architecture reviews and provide recommendations for infrastructure improvements.
• Contribute to the development and execution of business continuity and disaster recovery plans.
• Act as a subject matter expert on information security matters for the organization.

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• Minimum of 8 years of experience in information security, with at least 2 years in a lead or management role.
• Proven experience in developing and implementing security policies and procedures.
• In-depth knowledge of security frameworks, threat landscapes, and common attack vectors.
• Hands-on experience with SIEM, vulnerability management tools, and network security technologies.
• Strong understanding of incident response methodologies and forensics.
• Excellent leadership, communication, and analytical skills.
• Relevant certifications such as CISSP, CISM, or GIAC are highly desirable.
• Experience in the financial services sector is a plus.
• Ability to work independently and as part of a team, managing multiple priorities in a dynamic environment.

• Develop, implement, and maintain information security policies, procedures, and standards.
• Monitor security systems (e.g., SIEM, IDS/IPS, firewalls) for threats and anomalies, conducting in-depth investigations.
• Respond to security incidents, including containment, eradication, and recovery, and provide post-incident analysis.
• Conduct regular vulnerability assessments and penetration testing, and manage remediation efforts.
• Oversee the configuration and management of security technologies, ensuring optimal performance and effectiveness.
• Participate in security awareness training programs for employees and provide guidance on security best practices.
• Evaluate and recommend new security technologies and solutions to enhance the organization's defenses.
• Collaborate with IT and business units to ensure security requirements are integrated into system design and development lifecycles.
• Maintain up-to-date knowledge of emerging threats, vulnerabilities, and security technologies.
• Prepare regular reports on security status, incidents, and compliance for management.

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• Minimum of 5 years of progressive experience in information security, with a focus on security analysis and incident response.
• In-depth knowledge of security frameworks (e.g., ISO 27001, NIST) and best practices.
• Proficiency with SIEM tools (e.g., Splunk, QRadar), IDS/IPS, firewalls, and endpoint security solutions.
• Experience with vulnerability scanning tools (e.g., Nessus, Qualys) and penetration testing methodologies.
• Strong understanding of network protocols, operating systems (Windows, Linux), and cloud security principles (AWS, Azure).
• Relevant certifications such as CISSP, CISM, or CEH are highly desirable.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to communicate technical concepts to non-technical audiences.
• This hybrid role requires presence in our London office a few days a week, offering a competitive salary, excellent benefits, and the chance to work within a dynamic and secure environment.