434 Information Risk jobs in the United Kingdom

***This role is hybrid and will require some office attendance at our Chester hub. Please only apply if you are able to attend this location regularly***

About GBG

GBG is the leading expert in global identity and location. In an increasingly digital world, GBG helps businesses grow by giving them intelligence to make the best decisions about their customers, when it matters most.

Every second, our global data, agile technology, and expert teams, power over 20,000 of the world's best-known organisations to reach and trust their customers.

Learn more at   and follow us on LinkedIn  and X @gbgplc

Why you should

• We make the world a safer place
• We trust each other and win together
• We are local experts in a global business
• We want you to be yourself
• We grow when you grow

About the team

GBG’s Information Security team of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

• Governance, Risk and Compliance
• Cyber Defence
• Product Security
• Security Architecture

The role

Support of GBG’s Information Security Risk programme, making sure It Is implemented properly with minimal risk to GBG, our customers and stakeholders.

What you will do

• Support the delivery of the GBG information security strategy including advanced and technical projects globally
• Support with raising awareness of risk identification and management within the business to align to ‘think risk first’
• Manage and maintain the information security risk register to ensure risks are managed in line with policy
• Create, manage and analyse risk management information to ensure risks are understood within the business and managed in line with expectations
• Engage with leaders within the business to manage risks in line with policy
• Develop information security risk education and awareness training within the organisation
• Conduct risk assessments of new projects
• Conduct supplier risk management activities including contract reviews
• Create, manage and maintain the Operation Resilience and Redundancy programme
• Create, manage and analyse operational resilience and redundancy information to ensure outcomes are captured and reported In line with policy
• Plan annual testing of operational resilience and support the business functions to deliver in line with expectations
• Lead and conduct annual business impact analysis activity
• Support customer and supplier requests for information security risk and operational resilience information, these could be in the form of audits or questionnaires

Requirements

• An Individual with a passion for risk management, who can translate risk to all levels of the organisation.
• Able to converse at all levels to achieve the aim of managing risk within GBG
• A team player who works well with others, who also can work well on their own
• Business risk management experience
• Risk management experience within an information security role
• Experienced with the following standards/frameworks: ISO27001. ISO22301, ISO31000, Cyber Essentials+, NIST, PCI/DSS
• Experience of using; Microsoft Lists, Jira, Power BI
• Qualified to or working towards Certified Risk Information Security Controls (CRISC)
• Qualified to Certified Information Security Management Principles (CISMP)

Behaviours we'd like to see

Benefits

Next steps

Click here to see more about what’s important to us, including our hybrid working policy, our commitment to ESG, I&D and much more.

To chat to the Talent Attraction team and find out more about our benefits, drop an email to and we’ll be in touch!

Make work for you.

Cyber Security & Information Assurance Consultants (eDV Cleared)

Salary: £50,000 – £85,000 (DOE)

Location: Manchester or Cheltenham (Hybrid Working)

Clearance Required: Existing eDV (Enhanced Developed Vetting)

Join a Leading Consultancy Driving National Security Innovation

FR Secure is partnering with a rapidly expanding consultancy that delivers cutting-edge cyber and information assurance solutions for high-security government and industry clients. We’re looking for multiple Cyber Security & Information Assurance Consultants at junior to senior levels to support long-term, mission-critical programmes in the National Security sector.

Your Role

As a Cyber Security & Information Assurance Consultant, you will:

• Deliver expert security advice for BAU, technical refresh, and new project initiatives.
• Implement and improve governance models aligned with client business needs.
• Identify cyber risks and propose risk-based mitigation strategies.
• Conduct compliance assessments across systems and processes to evaluate cyber and information assurance posture.
• Develop, refine, or review security policies and procedures to align with corporate and regulatory standards.
• Build strong relationships with clients and internal teams to enhance the value of Cyber Security & Information Assurance services delivered.

What You Bring

We’re looking for people who can make a real impact. You should have:

• Proven experience in Cyber Security & Information Assurance within Defence or UK Government environments.
• Strong understanding of risk management frameworks and secure-by-design principles.
• Familiarity with government and defence security standards such as:
• HMG/NCSC IA Policies and Guidelines
• JSP440 and other MoD IA standards
• Cyber Essentials
• NIST, NIS-D
• ONR SyAPs (Security Assessment Principles)
• Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and non-technical audiences.

Security Clearance

eDV clearance is essential. Due to the highly sensitive nature of the work, all applicants must currently hold valid eDV clearance.

Ready to advance your career in national security?

Apply today and be part of a team that’s shaping the future of secure government and defence technology.

Cyber Security Consultant

Location: Remote
Salary: 60k + excellent benefits
Type: Permanent

An excellent opportunity to join a renowned Microsoft Managed Security Service Provider (MSSP) as a Cyber Security Consultant with a strong emphasis on Governance, Risk & Compliance (GRC). The role involves working with enterprise clients to navigate complex regulatory requirements, enhance their security posture, and align with industry standards using the Microsoft security ecosystem.

Responsibilities:

• Delivering GRC consultancy across varied client environments
• Conducting risk assessments, compliance audits, and control gap analyses
• Advising on security frameworks including ISO 27001, NIST, and GDPR
• Supporting implementation and optimisation of Microsoft Security solutions such as Defender, Sentinel, and Purview
• Translating compliance requirements into actionable security controls
• Building and maintaining strong client relationships through strategic guidance and clear communication

Experience required:

• Proven experience in cyber security consultancy with a GRC focus
• Strong understanding of security frameworks and regulatory obligations
• Familiarity with the Microsoft Security stack (Defender, Sentinel, Entra, etc.)
• Excellent communication and stakeholder engagement skills
• CISSP certification (or working towards) considered highly desirable
• Capable of working independently and collaboratively within a high-performing team

This role offers the chance to work with a top tier Microsoft MSSP, benefit from ongoing professional development and certification support, enjoy a flexible hybrid working arrangement, and gain exposure to high-profile security projects within an inclusive and forward-thinking culture.

Must be eligible for SC clearance

Must be eligible to work in UK.

Paying up to 60k, depending on experience.

Cyber Security Manager
Croydon, South London
Hybrid working - 2 days per week in the office

Cyber Security Manager needed for a leading organisation based in Croydon, who are looking to employ an experienced Cyber Security Manager with an in-depth knowledge of Cybersecurity frameworks, tools, and technologies, ISO27001 adoption, Incident management and Change management.

This role involves the development and implementation of security strategies, policies, and procedures to protect against cybersecurity threats, as well as actively monitoring and responding to security incidents.

Salary expectation:

* Salary: 70,000 per annum
* 25 day's annual holiday
* Pension Plan
* Flexible working
* Hybrid working - Office 2 days per week

Some of the main duties of the Cyber Security Manager will include:

* Security Strategy & Implementation: Design, implement, and maintain comprehensive cybersecurity policies, procedures, and controls
* Threat Detection & Response: Continuously monitor the digital environment for potential vulnerabilities and security breaches
* Incident Management : Lead incident response activities, coordinating with IT teams to mitigate risks and minimise damage. Responsible for writing incident reports, gathering input across the technical and business teams to then share the report and project management of any improvement change actions
* Security Integration & System Management: Collaborate with IT and development teams to ensure security is embedded in all new and existing applications, systems, and network infrastructure
* Risk Management & Compliance: Ensure compliance with industry regulations and data protection laws (e.g. GDPR, PCI-DSS)
* Continuous Improvement: Stay informed of the latest cybersecurity threats, trends, and technologies, recommending and implementing improvements to enhance security defences
* Change Management: Establish and lead a Change Advisory Board (CAB) to assess and approve changes

In order to be the successful Cyber Security Manager and have a chance to gain such an exciting opportunity you will ideally need to have experience in the following :

* In-depth knowledge of cybersecurity frameworks, tools, and technologies
* Strong understanding of networking protocols, cloud security, and secure software development principles
* Experience with incident response, risk management, and vulnerability assessment
* Familiarity with regulatory compliance and standards (e.g. GDPR, ISO 27001)
* Experience in an organisation running or being part of an ISO27001 adoption project
* Incident management & change Management
* Certifications such as a Certificate in Cyber Security Practices, BCS Professional Certifications, Certificate in Information Security Management Principles (CISMP) or a Government Security Cyber Apprenticeship
* ITIL certifications
* Proven experience in a cybersecurity role, with a track record of successfully managing security risks and incidents

This really is a fantastic opportunity for a Cyber Security Manager to progress their career. If you are interested please apply as soon as possible as this position will be filled quickly so don't miss out!

Services advertised by Gold Group are those of an Agency and/or an Employment Business.
We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.

** Cyber Security Specialist **

Location: London/Hybrid (2 days in office)

Rate: A highly competitive salary is available for suitable candidates

Role Profile

As a Cyber Security Specialist, you will be the go-to Subject Matter Expert (SME) for various projects, offering your insights and recommendations to enhance our security posture. With a strong technical background, you will work independently while leveraging the support of a tight-knit team. Your primary focus will be on providing expert advice and guidance on security solutions, particularly in cloud environments, especially Azure.

Key Responsibilities:

• Provide expert security advice and guidance on a range of projects.
• Act as the security SME, ensuring security considerations are integrated into project plans and deliverables.
• Collaborate with project teams to identify and mitigate security risks effectively.

• Conduct comprehensive security assessments and reviews of systems, applications, and processes.
• Identify vulnerabilities and recommend appropriate security measures.
• Ensure compliance with security policies, standards, and regulations, contributing to the ongoing maturity of organisational security.

• Promote security awareness across the organisation.
• Develop and deliver engaging security training and awareness programmes.
• Stay current with the latest security trends, threats, and technologies.

• Advise on securing cloud-based solutions, focusing on Azure security tooling (e.g., configuring Azure Policy).
• Provide guidance on best practises for cloud security architecture and design.
• Assist in the development and implementation of cloud security policies and procedures.

Skills & Experience:

• Strong understanding of information and cyber security principles and practises.
• Experience with security assessment and risk management methodologies.
• Proficiency in cloud security, particularly with Azure security tools and services.
• Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS).
• Knowledge of security technologies such as firewalls and web proxies; experience with ZTNA, CTI, and threat modelling is beneficial.

• Excellent communication and interpersonal skills.
• Ability to work effectively in a team-oriented environment.
• Strong problem-solving and analytical skills.
• Capacity to manage multiple projects and priorities simultaneously.
• Proactive and self-motivated with a keen attention to detail.
• Ability to align security outcomes with business objectives.

• Bachelor's degree in Information Security, Computer Science, or a related field, or relevant industry experience.

Candidates will need to show evidence of the above in their CV in order to be considered.

If you feel you have the skills and experience and want to hear more about this role 'apply now' to declare your interest in this opportunity with our client. Your application will be observed by our dedicated team.

We will respond to all successful applicants ASAP however, please be advised that we will always look to contact you further from this time should we need further applicants or if other opportunities arise relevant to your skillset.

Adecco is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.

The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements.

The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance.

* Endpoint monitoring and analysis.

* Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team.

* Monitor and administer Security Information and Event Management (SIEM).

* Malware analysis and forensics research.

* Understanding/ differentiation of intrusion attempts and false positives.

* Investigation tracking and threat resolution.

* Vulnerability identification & mitigation / remediation.

* Compose security alert notifications.

* Advise incident responders & other teams on threat.

* Triage security events and incidents apply containment and mitigation/remediation strategies.

* Generate reports and document security incidents / events.

* Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems.

* Act as the point of escalation for the Service desk for security related tickets.

* Analysis of weekly vulnerability scans and update relevant records.

* A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results.

* An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development.

* Credible knowledge/experience in Microsoft Windows Operating Systems.

* Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server.

* Capable of effectively multi-tasking, prioritizing work, and handling competing interests

* Capable of analysing information technology logs and events sources preferred

* Working knowledge of data storage systems, data backup and restoration methods.

* Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs)

* Ability to work independently while managing support to a high standard

* Contribute credibly to IT department's delivery of SLAs and other support targets

* Self-motivated to advance own knowledge & gain formal qualifications

* Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence

* Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing

* Knowledge of Cloud computing, computer network defence, identity management, incident management and network security.

* Significant experience within a SOC environment.

* Incident response experience

* Qualification / Certification in Cyber Security

* IT Qualifications / Certifications such as CompTIA A+, Network+, Security+

* IT Helpdesk experience or knowledge

* Cyber Security Operation Centre experience

* Qualification / Certification in Cyber Security

* Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels.

* Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results.

* Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources

* Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions

You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education.

Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.

Hayley Dexis has an exciting opportunity available for a driven Cyber Security Engineer to support the busy team at our headquarters in Halesowen. You will join us on a full time, permanent basis and in return, you will receive a competitive salary.

Hayley Dexis is the largest independent distributor of engineering products and consumables in the UK.  With a commitment to innovation and excellence, we provide cutting-edge solutions to our clients across various industries, ensuring the efficient and reliable operation of fluid power systems.  We are an equal opportunities employer, currently employing over 1,200 people who continue to be a cornerstone of our business and are fundamental to providing industry-leading customer service.

About the Cyber Security Engineer role.

The role of our Cyber Security Engineer involves discovering system vulnerabilities via penetration testing or threat modelling, working with DevOps, IT and compliance teams to enforce policies, responding to security incidents, and evolving defences to meet shifting risks. Key responsibilities include:

• Monitor Networks and Systems:  Continuously monitor the organisation’s networks and systems for security breaches or intrusions.
li>Threat Detection and Response:  Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. li>Security Audits:  Perform regular audits to ensure that systems and networks are operating securely. li>Security Tools Implementation:  Recommend and implement security tools to enhance network and system security. li>Penetration Testing:  Work with 3rd Parties to conduct penetration testing to identify vulnerabilities in the system. li>Technical Advice:  Provide technical advice to colleagues and staff to ensure secure network environments. li>Stay Updated:  Stay updated on the latest intelligence, including hackers’ methodologies, to anticipate security breaches. Reporting:  Prepare reports that document security breaches and the extent of the damage caused. li>Cyber Security Incident Response:  Coordinate with the IT department to maintain and update cyber incident response plans and procedures. li>Conduct Security Attack Simulations: Undertake security assessments such as Phishing attacks.
• Change Management:  Participate in the change management process, advising on possible security risks.
li>Training:  Train staff in security awareness and procedures.

Working hours:

Monday to Friday, working 40 hours per week. This is an on-site role based at our headquarters in Halesowen.

What we’re looking for in our Cyber Security Engineer:

Education:  Bachelor’s degree in Computer Science, Information Technology, or a related field. Experience:  Minimum of 2-3 years of experience in IT Infrastructure including security. li>Strong understanding of network protocols and security technologies.
• Proficiency in using security tools such as firewalls, antivirus, and intrusion detection systems.
• Excellent analytical and problem-solving skills.
• Ability to work under pressure and handle multiple tasks simultaneously.
• Strong communication and interpersonal skills.

What you’ll get in return.

< i>From 23 days annual leave (plus public/bank holidays) increased with length of service.
• Training provided through our own Hayley Academy.
• Company pension (if eligible). 
li>Life Assurance cover (x2 salary).
• Invitation to healthcare schemes.
• Wellness programmes.
• Uniform and PPE provided. 
li>Excellent opportunities and career prospects available.
 

The recruitment process.

Adverts will close on Sunday 31st August (we will extend should this be required)

Interviews will take place on a date TBC and will be held at our offices in Halesowen.

Candidates selected for interview will be asked to prepare for an interview lasting 1 hour focused on skills, knowledge, experience and motivations.

Finally.

We know sometimes you might feel that you don't meet the criteria or have a burning question - we're here to help so please ask us! You can contact us here; (url removed)

We aim to get back to everyone that applies and are super keen to speak to talented people for upcoming positions.

Please inform our careers team if you require any adjustments throughout the recruitment process.

Don’t miss out on this fantastic opportunity to join the team at Hayley Group – please click ‘apply’ now to become our Cyber Security Engineer - we'd like to hear from you!

We are seeking an experienced Cyber Security Architect to join a major MOD project focused on the evolution and security of the New Style of IT (NSOIT) platform. This is a contract role based in Corsham with hybrid working available. The role sits inside IR35 and requires active SC clearance as a minimum.

• Collaborate with the Solution Design Authority to provide expert security input into the NSOIT roadmap and High-Level Design (HLD).

• Analyse interoperability, dependencies, and system interactions from a security perspective across infrastructure, platforms, and software environments.

• Develop and document Intermediate Level Design (ILD) security architectures, ensuring alignment with MOD standards and solution coherence.

• Review and approve Low-Level and Detailed-Level Designs (LLD/DLD), ensuring compliance with security policies and best practices.

• Identify and assess vulnerabilities in proposed or existing designs and propose effective mitigation strategies.

• Evaluate third-party services for alignment with MOD security policy and industry best practices.

• Contribute to the definition of the security architecture runway, influencing the direction for platform and cyber teams. This includes areas such as:

  • Logging

  • Antivirus (AV)

  • Cyber defence tooling

  • Firewall configuration

  • Other key security infrastructure components

• Proven experience in cyber security architecture within secure/government environments.

• Strong understanding of MOD security standards and policies.

• Experience designing secure IT systems across all architecture layers.

• Ability to communicate complex security concepts to technical and non-technical stakeholders.

• Active SC Clearance (minimum).

• Experience working on MOD projects, especially NSOIT or similar.

• Knowledge of architectural frameworks such as TOGAF or SABSA.