120 Information Security jobs in the United Kingdom
Information Security Manager
Posted 10 days ago
Job Viewed
Job Description
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now
Information Security Manager
Posted 19 days ago
Job Viewed
Job Description
At ZeroAvia, we're not just revolutionising aviation—we're securing the future of clean flight. As we pioneer hydrogen-electric propulsion systems that will transform commercial aviation, we need a visionary Information Security Manager to protect our groundbreaking technology, intellectual property, and operational infrastructure. This is your opportunity to shape cybersecurity strategy at the forefront of sustainable aviation while safeguarding systems that will decarbonise the skies.
Join us in building robust security frameworks that will enable ZeroAvia to achieve certification, scale operations, and maintain the trust of aviation authorities, partners, and passengers as we deliver zero-emission flight solutions.
We are seeking an experienced Information Security Manager to lead our comprehensive information security programme across our UK operations. In this critical role, you will develop and implement security strategies that protect ZeroAvia's hydrogen-electric propulsion technologies, certification data, and operational systems while ensuring compliance with aviation cybersecurity regulations including EASA EAR Part-IS, CAA requirements, and emerging aviation security standards.
This position requires deep expertise in cybersecurity frameworks, aviation security requirements, and the ability to balance innovation with robust risk management in our fast-paced, cutting-edge environment.
Requirements
Essential Experience:
- Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries
- Proven experience implementing and managing ISMS frameworks, preferably ISO 27001 certification
- Deep understanding of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards
- Experience with industrial control systems security, particularly in safety-critical environments
- Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments
Technical Expertise:
- Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, aviation-specific standards)
- Experience with security architecture design for complex technical systems
- Understanding of aviation safety management systems and their integration with cybersecurity programmes
- Familiarity with certification processes and regulatory compliance in aerospace or similar sectors
- Knowledge of threat detection, incident response, and security monitoring technologies
Leadership & Communication:
- Proven ability to lead security programmes in fast-paced, innovative technology companies
- Excellent stakeholder management skills, with ability to influence at all organisational levels
- Strong communication skills for presenting security strategies to technical and executive audiences
- Experience building security teams and developing cybersecurity culture within engineering organisations
Preferred Qualifications:
- Professional certifications such as CISSP, CISM, ISO 27001 Lead Auditor, or aviation security qualifications
- Experience with hydrogen infrastructure, electric propulsion systems, or clean energy technologies
- Knowledge of aviation certification processes (FAA, EASA, CAA)
- Background in aerospace, defence, or other safety-critical industries
- Degree in Cybersecurity, Engineering, or related field
Main Responsibilities
Security Strategy & Leadership:
- Develop and execute ZeroAvia's comprehensive information security strategy, aligning with aviation safety and certification requirements
- Establish and maintain an Information Security Management System (ISMS) compliant with ISO 27001 and aviation-specific cybersecurity standards
- Lead cross-functional security initiatives across engineering, operations, and certification teams
- Provide security expertise to support ZeroAvia's certification programmes with FAA, CAA, and EASA
Risk Management & Compliance:
- Conduct comprehensive cybersecurity risk assessments specific to aviation systems and hydrogen-electric propulsion technologies
- Ensure compliance with EASA EAR Part-IS regulations and UK aviation cybersecurity requirements
- Implement security controls for critical aviation systems, including propulsion control systems, flight test data, and certification documentation
- Manage security aspects of supplier relationships and third-party integrations
Security Architecture & Implementation:
- Design and implement security architectures for aviation systems, including industrial control systems and hydrogen infrastructure
- Establish security monitoring, threat detection, and incident response capabilities
- Oversee security measures for intellectual property protection, particularly around proprietary hydrogen-electric technologies
- Manage security requirements for certification and regulatory data integrity
Team Development & Governance:
- Build and lead a high-performing information security team aligned with ZeroAvia's mission
- Establish security awareness programmes and training for all staff, emphasising aviation-specific security requirements
- Develop security policies, procedures, and standards tailored to the aviation sector
- Collaborate with engineering teams to embed security by design principles in hydrogen-electric propulsion systems
Benefits
At ZeroAvia, we’re clean sky thinkers. For the world to achieve truly clean, guilt-free flight, we need a scalable solution; hydrogen-electric powertrains. As a leader in zero-emission aviation and a UK Jet Zero Council member, we’re designing and commercialising hydrogen-powered solutions that will positively impact the future of aviation, global connectivity, and the world.
Engineering designs our next-generation hydrogen electric engines. Working across Hydrogen, Propulsion and Integration divisions, they solve technical problems and help decarbonize aviation by finding solutions for electric propulsion, hydrogen storage, fuel cell technology, power distribution, thermal management and more.
Join us at Cotswold Airport, home to some of our aircraft and the workplace of many ZeroAvians. Located just outside the historic market town of Cirencester, you’ll experience a workspace built by engineers for engineers. This is a high-velocity and fast-paced environment with good links to the M4 and M5, so it’s fitting that it’s also our UK Head Office.
Why Join Us?
We want to help you be your best self, at work and at home, that’s why we provide our employees with…
- Private health and dental care – get access to services and support when you need them. Add your family members too*
- Mental health support – enjoy a culture where positive mental health is front of mind with our trained Mental Health First Aiders, Employee Assistance Programmes and wellbeing support.
- Free lunch and healthy snacks – keeping you fueled up so you can help us deliver the technology of the future**
- Sports, games and culture clubs – connect and keep fit with other ZeroAvians by joining one of our subsidised clubs – such as, running, cycling, padel, trivia, theatre and gardening.
We also offer:
- Stock options – so youcan share in our success.
- 5 hours of free flying lessons
- 25 days holiday, plus public holidays – to help you manage your work-life balance.
- Free EV Charging and membership in our EV Club.
- Salary Sacrifice Schemes for EV Club, Curry's Tech, Cycle to Work, and Ikea Furniture.
- Weekly Spot Bonuses to reward excellence.
- Income Protection and Legal Support for peace of mind.
- Relocation Support to make your move seamless.
As an emergent company shaping the aviation industry, we know that diversity fuels success and unlocks potential. We embrace being an equal-opportunity employer and actively seek individuals from diverse backgrounds. We value the multitude of skills, perspectives, and mindsets everyone can bring to the table. These experiences ignite creativity, originality, and growth. We proudly reject discrimination in all forms, including that based on race, religion, color, national origin, sex, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
Information Security Manager
Posted 448 days ago
Job Viewed
Job Description
INSTANDA - pushing the boundaries of Insurance Technology.
About us:
INSTANDA is the world’s first no-code cloud-based platform, we are changing the way Insurers can design and deliver insurance products to market, allowing them to configure new products at speed completely disrupting the legacy norms in the industry.
INSTANDA has grown significantly in recent years, and we are now a team of 180+ employees primarily based in the UK and US, with partnerships that operate worldwide. We're continuing to grow our business, and Client Delivery is at the forefront of our growth plans, with partnerships that operate worldwide.
Our company was built by looking at the world through a different lens and our culture today reflects that by encouraging you to be yourself, speak your mind, and share your opinions. We want people who want to push themselves, be part of something great, and be prepared to challenge themselves if they think there is a better way. Collaboration sits at the heart of how we operate, it has fuelled our growth enormously and our aim to be ‘world class’. People at INSTANDA not only have a real sense of shared ownership but are granted share options to benefit from our long-term success making everyone an owner of the business.
So if this sounds like the place you can thrive in and grow your career, please keep reading!
Follow us to learn more: Instanda.com | LinkedIn | Twitter | YouTube
About the role:
We’re looking for an experienced Information Security Manager who will lead, plan and execute our InfoSec strategy. You will play a key role in assuring the activities of INSTANDA and a number of our 3rd Party partners. Competent around technology, security frameworks and the cyber threat environment, you will own assurance processes, contribute to a multitude of projects and be involved in decision making.
Your input will be critical to the maintenance and development of Information Security compliance and assurance across the INSTANDA estate and across 3rd parties. A self-starter, you will be comfortable with ambiguity and a lack of detail and be someone who can develop concepts and work with a broad array of individuals and problems. Playing a leading role within InfoSec, with your reach and activity enabling security as a principal consideration across INSTANDA.
Responsibilities will include:
- Overseeing the INSTANDA information security management system (ISMS) including the implementation and maintenance of the ISMS across the business;
- Be a key member of the ISO27001 Steering Committee;
- Engage with external security service providers to ensure support is at the required standards and in line with our business needs;
- Create and maintain security documentation to support the sales process with our clients, and responding to their questions as a respected SME;
- Design and implement the internal security education and awareness programmes;
- Drive the maturity of existing security controls across multiple teams, and in collaboration with colleagues across INSTANDA;
- Proactively identify opportunities to mentor and develop colleagues on all aspect of InfoSec, and;
- Collaborate effectively within internal colleagues in security critical roles to ensure InfoSec is embedded and understood.
Requirements
You’ll have demonstrable, proven experience within the following areas:
You’ll be a proactive self-starter, with a proven track record of building and owning an InfoSec strategy; running your own projects. You’ll effectively manage stakeholders, demonstrating high levels of resilience as you seek to influence at all levels within our business whilst managing multiple simultaneous workstreams.
Accreditation in at least one of the following:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
Security Frameworks: you’ll have experience delivering and/or maintaining the following key frameworks: ISO 27001, Cyber Essentials, PCI DSS and SOC2. You'll have an excellent understanding of InfoSec best practice in these areas.
Audits: You have experience of working with internal and external auditors during audits for relevant frameworks and client audits;
Assurance Principles: y ou will play a central role in the maintenance of 3rd party assurance, providing InfoSec guidance to Project Managers; Account Managers and individuals who are looking to work with external firms to drive INSTANDA business operations forward.
Stakeholder Management: your ability to influence and educate others on InfoSec principals and best practice is fundamental to this role. You’ll be engaging laterally and vertically with multiple internal stakeholders within INSTANDA to Executive level.
Cyber Threats: you will have proven knowledge around industry developments and adjustments to the nature and character of cyber threats.
Networking Principles: at times, you’ll need to influence decisions on the design and implementation of changes to the INSTANDA networks, based on your understanding of data flows and network principles, as well as your grasp of security frameworks and controls in place.
Benefits
- Competitive salary
- Generous 28 days holiday allowance, in addition to public holidays.
- For every year of service you complete, we’ll give you an additional days holiday (max. 5 days)
- One Dynamic Day per month on top of your holiday allowance to spend time doing the things you want to do or simply catching up with life admin.
- Remote & Hybrid approach varying with the nature of your role.
- Life cover; income protection and participation in the company pension scheme
- £100 per month to put towards wellness activities.
- Annual learning & development allowance of £1,250
- Free access to LinkedIn learning and Microsoft ESI learning platforms
Additional Information:
This is a UK based role, you must be eligible to live and work in the UK without restriction. We are unable to offer sponsorship.
Please apply directly online
We are not working with any agencies or staffing firms for this role - please do not contact us.
Information Security Manager (JR100691)
Posted 558 days ago
Job Viewed
Job Description
At Clarion, our people are at the absolute heart of what we do. We’re proud that our core values of PASSION , CARE , IMAGINATION , and TRUST define the way we carry out our work across all of our exhibitions and conferences.
If you share our values and want to be a part of a successful, dynamic, and creative global business then we want to hear from you.
The Opportunity:
We have an exciting new role for an Information Security Manager who will be responsible for implementing operational cyber security throughout a dynamic, global, commercial organisation. The role will involve collaboration with numerous internal departments and businesses across the Group organisation.
We are looking for a highly experienced Information Security Manager with extensive technical security knowledge and expertise.
Key Responsibilities:
- Lead a team monitoring and responding to cyber incidents.
- Being a subject matter expert on all aspects of operational information security and cyber risk.
- Define, develop, and implement operational information security processes.
- Identify, assess, and make recommendations on emerging security threats and vulnerabilities.
- Develop and oversee Security Operations Centre (SOC) activities, SIEM, IDS/IPS, threat and incident responses.
- Manage the cyber security vulnerability programme.
- Manage and oversee security penetration testing activities.
- Implement information security policies, processes, governance standards and frameworks.
- Advise departments on security requirements and controls, providing information security guidance across IT operations and new projects.
- Coordinate and manage information security activities, implementing solutions to improve information security, IT infrastructure and cyber security.
- Identify breaches in information security architecture, standards, and best practice.
- Manage and complete information security reviews, including due diligence of third parties.
- Monitor the development of relevant industry standards and best practices (NIST CSF, CIS, ISO etc.), assess and advise on compliance with these standards.
Requirements
Knowledge, Skills & Behaviours:
- Expertise and proficiency on information security management.
- A degree in cyber risk would be advantageous.
- Recognised security qualifications such as CISSP/CISM are desirable.
- Track record of achievement and delivery within various operational information security roles.
- Previous experience of SOC operations and management.
- Extensive knowledge of technical security issues and solutions.
- Extensive knowledge of cyber threats, penetration testing and vulnerability assessments.
- Experience of Cyber Essentials, ISO27001 compliance and leveraging NIST CSF and CIS benchmarks.
- Excellent communication skills both verbal and written, articulate, organised and diligent.
- Willing to join a shift-based call-out rota (this will incur an additional bonus payment).
About Clarion Events
Clarion Events is one of the world’s leading event organisers, producing and delivering innovative and market-leading events since 1947. ( )
Clarion Events embrace diversity and equal opportunities in all that we do. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
Clarion is private equity backed and owned by Blackstone. Blackstone is one of the world’s leading global investment funds, investing capital for the long term in order to build successful, resilient businesses. ( )
Our purpose is to deliver exceptional customer outcomes and experiences, by making every connection count.
Our vision is we want every one of our products to be a market leader in customer satisfaction and delight.
Benefits
- 25 days’ holiday plus bank holidays
- End of year wellbeing shutdown (closed for the last week of the year)
- Celebration day off (e.g. birthday, Diwali, Eid, etc)
- Summer Hours in August (3pm finish on Fridays)
- Helping Our World (HOW) Days – one paid day per quarter to carry out charity work
- Pension Scheme
- Private Medical Insurance
- Health Cash Plan
- Wellbeing Library (MYNDUP)
- Mentoring Programme
- Subsidised Café
- Season Ticket Loan
- Cycle to Work Schemes
- Free on-site gym and shower facilities
- Free eyesight tests
- Free flu vaccination – offered on site once a year for all employees
Information Security, Assistant Manager
Posted 20 days ago
Job Viewed
Job Description
MAIN OBJECTIVES
The Assistant Manager Information Security will play a critical role in safeguarding the bank’s information assets, infrastructure, and customer data against evolving cyber threats. This role is responsible for driving and managing information security operations, ensuring continuous monitoring, identification, and timely remediation of security vulnerabilities to uphold a resilient security posture, and provide management with up-to-date reports on the bank’s security posture.
The role will proactively support the bank’s compliance with UK regulatory requirements, industry standards, and best practices, while contributing to the development and enhancement of security frameworks, policies, and controls. Using strong analytical skills, deep knowledge of cyber security methodologies, and understanding of security infrastructure, including AWS cloud environments, the role will ensure the bank maintains cyber resilience, protects against financial and reputational risks, and fosters a culture of sound security across the organization.
MAIN DUTIES
Strategic Responsibilities
- Provide proactive security oversight and assurance for new initiatives and ongoing projects, ensuring that information security and regulatory requirements are embedded from design through implementation.
- Collaborate with senior stakeholders, regulators, and external partners to align on security standards, communicate risks, and deliver solutions that balance business objectives with compliance obligations.
- Actively participate in governance forums and internal committees, presenting emerging risks, security trends, and strategic recommendations to strengthen resilience and maintain the bank’s security posture.
- Advise on regulatory compliance requirements, data protection obligations, and breach notification processes, ensuring the bank meets FCA, PRA, PSR, and other applicable regulatory expectations.
Operational Responsibilities
- Lead and conduct comprehensive information security risk assessments to identify, evaluate, and prioritize threats, ensuring effective controls are implemented and maintained.
- Establish, document, and enforce security controls that safeguard information flows across internal systems, third parties, and public networks.
- Develop, maintain, and execute incident response and crisis management procedures, ensuring swift and effective mitigation of security events while minimizing business disruption.
- Monitor security operations to identify anomalies, investigate incidents, and coordinate timely remediation with internal teams and external providers.
- Keep up-to-date with evolving threat intelligence, security breaches, and industry developments, recommending proactive remediation measures and best practices to protect the bank’s systems and data.
Assurance & Compliance Responsibilities
- Partner with auditors, regulators, and payment schemes by preparing evidence, delivering subject matter expertise, and supporting internal and external audits, certifications, and reviews.
- Evaluate and enhance the effectiveness of the bank’s information security policies, procedures, and controls, driving continuous improvement and compliance with internal standards and regulatory frameworks.
- Support management reporting by providing timely, accurate, and risk-focused updates on security posture, incidents, and compliance activities.
GENERAL
- Be the primary point of contact for all information security alerts and breaches within the Bank and coordinate responses via incident management protocols.
- Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
- Maintain security records and documents of controls, security dashboards and reports.
- Assist in conducting reviews and assessments to identify and report potential vulnerabilities, weaknesses and threats.
- Implement, manage and monitor security controls to protect the bank’s data, systems and network.
- Ensure that the organization’s data and infrastructure are protected by enabling the appropriate security controls.
CONDUCT RULES
The conduct rules reflect the core standards expected of employees working at iFAST Global Bank Limited.
- CONDUCT RULE 1: You must act with integrity.
- CONDUCT RULE 2: You must act with due skill, care and diligence.
- CONDUCT RULE 3: You must be open and cooperative with the FCA, the PRA and other regulators.
- CONDUCT RULE 4: You must pay due regard to the interests of customers and treat them fairly.
- CONDUCT RULE 5: You must observe proper standards of market conduct.
KEY RELATIONSHIPS
Internal Relationships:
- Information Technology
- Risk and Compliance
- Business departments, and
- Internal forums, groups and committees
External Relationships / Contacts:
- Suppliers and Vendors
- Regulators
- Authorities and focused groups
CONFIDENTIAL INFORMATION
The holder of this job must sign a Data Confidentiality agreement. He/she shall not, directly or indirectly, disclose, allow to access to, transmit or transfer the confidential information to a third party without prior written consent.
He/she may only disclose the confidential information to employees on a "need to know" basis. He/she shall, prior to disclosing the Confidential Information to such employees issue appropriate written instructions to them to satisfy its obligations herein and to receive and use the confidential Information on a confidential basis on the same conditions as contained in the agreement.
WORKING CONDITIONS
This is an office based role, hours are 37.5 hours per week Monday to Friday with an unpaid 60-minute break each day. The standard working pattern is 9.00am to 5.30pm.
MENTAL DEMANDS & JOB COMPLEXITY
The job holder is required to plan and organise related activities, reports and ad hoc requests, so as to accomplish the assigned task in a timely efficient manner. Planning and prioritising are the key factors in this role .
Requirements
EDUCATION & TRAINING
- Bachelor’s degree in Information / Cyber Security; equivalent professional experience may be considered.
- Relevant and specialized certifications in cybersecurity and information security. Technology-centric training and certification is an advantage.
EXPERIENCE AND SKILLS
- 3+ years of proven experience in information security management, covering risk management, incident response, threat intelligence, and cyber security solutions.
- Strong knowledge of security technologies and controls (e.g., firewalls/WAF, SIEM, anti-malware, mobile application security, IAM/PAM) with exposure to cloud security (AWS).
- Experience conducting vulnerability assessments, penetration testing, and security evaluations, with the ability to analyse events and deliver effective remediation.
- Solid understanding of the cyber threat landscape, incident/breach management, and industry frameworks such as ISO27001, NIST CSF, PCI-DSS and the likes.
- Excellent analytical, communication, and stakeholder engagement skills, with the ability to influence decision-making across technical and non-technical teams.
- Committed to continuous learning, keeping up-to-date with evolving threats, technologies, and regulatory requirements.
Benefits
- 25 days annual leave entitlement plus 8 bank holidays
- Pension scheme, 4% employer contribution
- Private Medical Insurance
- 60-40 Hybrid working after successful probation period
- Training and development
- Free gym access in the building
Information Security Analyst
Posted 18 days ago
Job Viewed
Job Description
We are Vitesse – the treasury and payment partner of choice for insurance.
Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA-regulated business providing global claim funds management and payment solutions. Operating one of the largest banking and payment settlement networks in the world, we give our customers direct access to 200 countries and currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds and deliver a superior claimant experience. Our market-leading treasury proposition provides insurers with transparency and control over their claim funds, even when delegated to third parties, allowing them to have their money in the right place, at the right time, to make that all-important payment when customers need it most.
With over 260 employees across our London headquarters, Europe, and the US, $93m Series C funding secured, and exceeding £15bn in processed transactions, we are only just getting started.
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd's of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference. As we continue to scale up, we want like-minded humans to join us on this exciting journey.
Are you ready?
Your Mission:
We are seeking a skilled and motivated Information Security Analyst to join our team, reporting into the CISO. You will play a crucial role in safeguarding our organisations digital assets and infrastructure from cyber threats. You will be responsible for analysing security measures, identifying vulnerabilities, and help implement effective solutions to mitigate risks.
This role has a requirement for the jobholder to be part of an out of hours call-out rota, which will usually be 1 in 4 or 5 weeks, in addition to being available for short-term assignments in the US to support our North American business.
The role will require at least 2 days onsite in our London office.
The ideal candidate will have a strong understanding of information security principles, excellent analytical skills, and the ability to adapt to evolving threats in the cybersecurity landscape.
Your Responsibilities:
Governance: Risk / Compliance / Assurance:
- Monitor security systems including intrusion detection, firewalls, and SIEM. Collaborate with our external SOC to detect and respond to security incidents in a timely manner.
- Participate in incident response activities, including incident triage, containment, eradication, and recovery efforts.
- Conduct thorough investigations of security incidents and provide detailed reports on findings and recommendations for remediation.
- Help contribute to regular security assessments and audits to identify vulnerabilities and weaknesses in systems, networks, devices, and applications.
- Serve as a subject matter expert on security-related matters, providing guidance and support to other teams and departments as needed, and as reported through the help desk system.
- Collaborate with IT teams and other stakeholders, contributing to the design and implementation of security controls and measures to protect against cyber threats.
- Stay up to date with the latest security trends, technologies, and best practices, and provide recommendations for continuous improvement.
- Assist with the management of security awareness training and workshops for employees to educate them about security risks and best practices for maintaining a secure work environment.
- Participate in the development and maintenance of disaster recovery plans to ensure the organisation's ability to respond to and recover from security incidents.
- Collaborate with internal teams during due diligence exercises to ensure that key security controls are documented as part of each submission.
Requirements
- Certifications such as CISSP, CISM, or CompTIA Security+, certifications are highly desirable.
- Proven experience working in information security, with a good understanding of security principles, protocols, and technologies.
- Experience with information security standards including ISO 27001, NIST and Cyber Essentials.
- Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing.
- Good understanding of Microsoft Azure, Office 365 and Microsoft E5 security tooling.
- Strong analytical and problem-solving skills, with the ability to analyse complex systems and identify security risks and vulnerabilities.
- Excellent communication and interpersonal skills, with the ability to effectively convey technical information to non-technical stakeholders.
- Ability to work independently and collaboratively in a fast-paced environment, with a strong sense of accountability and attention to detail.
- Sound judgment and decision-making abilities, especially in high-pressure situations requiring quick and accurate assessments.
- High ethical standards and a commitment to maintaining confidentiality.
Benefits
- 25 days Holiday per year (increasing by 1 day per years' service, up to 30 days) + Bank Holidays
- Hybrid working arrangements – minimum 2 days in the office, Tuesday - Thursday
- Contributory pension scheme
- Enhanced Parental leave
- Cycle to Work Scheme
- Private Medical Insurance with AXA
- Unlimited access to therapy sessions through our partner, Oliva
- Discounted Gym membership through Gympass
- Financial Coaching with Octopus Wealth
- 2 days of volunteering leave per year
- Sabbatical after 5 years’ service
- Life Assurance - MetLife (UK employees only)
- Ongoing Learning and Development to support you reach your career goals
We are Vitesse – the payment provider of choice for the insurance and treasury industry.
Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA regulated payments business that is driven to be the payment partner of choice for the insurance market, by providing global payment services and treasury optimisation. Operating one of the largest domestic banking and payment settlement networks in the world, we give our customers direct access to more than 170 countries and territories, covering over 110 currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds, delivering a better customer experience to their claimants. Our market-leading treasury optimisation service brings complete control and transparency to insurers and allows them to have their money in the right place, at the right time, to make that all important payment - fast, and when their customers need it most.
With now over 160 employees across Europe and our London headquarters, $26m series B funding in 2022 in the bag and approaching £8bn in processed transactions, we are only just getting started.
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd’s of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference.
As we continue to scale up, we want like-minded humans to join us on this exciting journey. Are you ready?
Vitesse at our best – our values
The Vitesse values are a true reflection of what it takes to thrive in our business, so it’s important to us that any employee who joins our business is aligned with these 3 attributes
Confident Humility
We don’t do ego and we know that unless we all win, none of us win. We admit when we’re wrong, ask for help and always think about the wider business before ourselves.
Driven to Succeed
We see the opportunity ahead of us and we won’t stop until we fulfil the potential we know we have. We hold ourselves to high standards and deliver high quality outcomes for Vitesse and our customers.
Tenacious Responsibility
We take ownership for our actions and decisions, and face into the challenges that come our way. We are committed to seeing things through to completion, even in the face of adversity.
We are an Equal Opportunity Employer We are committed to creating an inclusive environment that enables everyone to perform at their best, where we recognise the rights of all individuals to mutual respect and where there is an unbiased acceptance of others. Our policies and practices aim to promote an environment that is free from all forms of Unfair discrimination and values the diversity of all people. At the heart of our policy, we seek to treat people fairly and with dignity and respect.
Information Security Analyst
Posted 159 days ago
Job Viewed
Job Description
The Information Security Analyst will be responsible for assuring information security and managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes. They will be responsible for the collection, processing, preservation, analysis, and presentation of evidence in support of information security activities.
Main tasks:
Maintains and improves information security solutions for organization systems and products that comply with all applicable security policies, standards, and regulatory framework
Establishes, implements, and maintains information assurance programs, requirements, and standards based on the analysis of user, policy, regulatory, and resource demands
uthors and updates security documentation to include, but not limited to, standards, policy, system security plans, contingency plans, standard operating procedures, and configuration management plans
nalyzes information assurance-related technical problems and provides engineering and technical support for solving these problems
dentifies, reports, and resolves security violations while also proactively seeks to uncover indicators of compromise
acilitates, performs analysis, and stores appropriate artifacts to respond to audits to comply with regulatory frameworks
nsures employees and third parties understand, acknowledge, and fulfill all applicable information security policies
onducts computer forensic analysis, data recovery, eDiscovery, and other IT investigative work while collaborating with fraud examiners, legal counsel, human resources (HR), and other IT technical personnel in investigations
ompiles and analyzes data for management reporting and metrics
nalyzes potential impact of new threats and communicates risks to relevant business units by monitoring information security related websites to stay up to date on current attacks and trends
Requirements
1. Bachelor's degree or relevant professional certification with less than 1 year relevant work experience OR 1 year relevant work experience
2. Self-motivated and possessing of a high sense of urgency and personal integrity
3. Instinctive and creative with the highest ethical standards and values
4. Excellent investigative skills, problem-solving, insatiable curiosity, and an innate drive to win
5. Technical knowledge of system security vulnerabilities and remediation techniques for identity, authentication, authorization, data, and access controls
6. An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
7. An ability to identify and assesses the severity and potential impact of risks and communicate to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance
8. Technical expertise in following industry best practices and standards in digital evidence acquisition, handling, and documentation
Benefits
- Competitive salary and bonus scheme
- Hybrid working
- Rentokil Initial Reward Scheme
- 23 days holiday, plus 8 bank holidays
- Employee Assistance Programme
- Death in service benefit
- Healthcare
- Free parking
At Rentokil Initial, our customers and colleagues represent diverse backgrounds and experiences. We take pride in being an equal opportunity employer, actively encouraging applications from individuals from all walks of life. Our belief is that everyone irrespective of age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs, has the potential to thrive and contribute.
We embrace the differences that make each of our colleagues unique, fostering an inclusive environment where everyone can be their authentic selves and feel a sense of belonging. To ensure that your journey with us is accessible if you have any individual requirements we invite you to communicate any specific needs or preferences you may have during any stage of the recruitment process. Our team is available to support you; feel free to reach out to ( ) if you need anything
Be Yourself in Your Application! At Rentokil Initial, we value innovation, but we want to see the real you! While AI can help with structure and grammar, make sure your application shows your true passion and understanding of the role. A personal touch will help you stand out.
Be The First To Know
About the latest Information security Jobs in United Kingdom !
Information Security Engineer
Posted 27 days ago
Job Viewed
Job Description
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for security controls in the enterprise. They will be responsible for the collection, processing, preservation, analysis, and presentation of evidence in support of vulnerability mitigation and information security incident investigations. Engineers will proactively seek out indicators of compromise to track threats and campaigns aimed at our company.
Main Responsibilities:
● Researches, designs, and implements information security solutions for organization systems and products that comply with all applicable security policies and standards
● Analyzes and makes recommendations to improve the security posture of network, system, cloud, and application architectures
● Assists in the review and update of information security policies, architectures, and standards
● Facilitates and performs penetration tests, vulnerability assessments, and responses to audits
● Maintains incident response plans and processes to coordinate efforts among multiple business units during security incident response efforts
● Compiles and analyzes data for management reporting and metrics
● Analyzes potential impact of new threats and communicates risks to relevant business units by monitoring information security related websites to stay up to date on current attacks and trends
● Conducts computer forensic analysis, data recovery, eDiscovery, and other IT investigative work while collaborating with fraud examiners, legal counsel, human resources (HR), and other IT technical personnel in investigations
● Examines network, server, and application logs to determine trends
Requirements
● 2-8 years of relevant experience
● Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
● Self-motivated and possessing of a high sense of urgency and personal integrity
● Instinctive and creative with the highest ethical standards and values
● Excellent investigative skills, problem-solving, insatiable curiosity, and an innate drive to win
● Technical expertise in system security vulnerabilities and remediation techniques, network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.)
● Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, Cloud, intrusion detection, application security, and wireless security
● Deep familiarity with relevant penetration and intrusion techniques, attack vectors, and hacker culture
● An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
● A team-focused mentality with the proven ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
Benefits
- Competitive salary and bonus scheme
- Hybrid working
- Rentokil Initial Reward Scheme
- 23 days holiday, plus 8 bank holidays
- Employee Assistance Programme
- Death in service benefit
- Healthcare
- Free parking
At Rentokil Initial, our customers and colleagues represent diverse backgrounds and experiences. We take pride in being an equal opportunity employer, actively encouraging applications from individuals from all walks of life. Our belief is that everyone irrespective of age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs, has the potential to thrive and contribute.
We embrace the differences that make each of our colleagues unique, fostering an inclusive environment where everyone can be their authentic selves and feel a sense of belonging. To ensure that your journey with us is accessible if you have any individual requirements we invite you to communicate any specific needs or preferences you may have during any stage of the recruitment process. Our team is available to support you; feel free to reach out to ( ) if you need anything
Be Yourself in Your Application! At Rentokil Initial, we value innovation, but we want to see the real you! While AI can help with structure and grammar, make sure your application shows your true passion and understanding of the role. A personal touch will help you stand out.
Head of Information Security
Posted 6 days ago
Job Viewed
Job Description
Compensation: £Competitive (Financial Services)
About TradingHub
Founded in 2010, we have grown from a united vision shared between two people to a team of over 140 across London, Toronto, New York and Singapore. We have achieved scale by building the best-in-class surveillance tooling, where our analytics bring the front office risk mindset to the compliance function.
Though we have developed in the trade surveillance arena, we have always been more than that. At heart, we are a finance-focused big data firm. Our goal is to continue creating the world’s leading financial markets analytics platform.
The Role
We are seeking a Head of Information Security to join our team in London and lead our cybersecurity strategy and manage risk across our corporate estate. You can expect to work closely with our Engineering and Infrastructure teams to effect change through our organisation, as well as customer facing teams such as Relationship Management to enable new customer acquisition. Responsibilities will cover both the physical office and our cloud estate, with a primary focus on the cloud estate.
Responsibilities:
- Take ownership of the firm’s Information Security function and maintain/improve its security posture
- Take the lead in responding to customer security questionnaires or audit follow-ups
- Oversee our regular ISO27001 and SOC 2 Type II audits
- Research and choose technical tools to proactively detect and respond to weaknesses, threats and potential compromises
- Lead the development, implementation, and continuous improvement of information security practices across all teams
- Manage regular pentests by external consultants and coordinate with internal resources to remediate issues
- Information security risk assessment of third-party service providers
- Offer guidance, direction and approval on security solutions and approaches
- Advocate for secure engineering best practices throughout the company
- Manage the standards, policies and guidelines of the InfoSec frameworks
- Maintain an on-going information security awareness program
- Monitor our SIEM, and maintain useful reports and alerts in the system
Requirements
Main Skills/Competencies:
- Significant industry experience in a technical security role (Security Engineering or Application Security Engineering)
- Experience speaking to customers and establishing a good working relationship with infosec counterparts at major financial institutions
- Strong technical intuition, with an ability to partner with engineering to evaluate and develop good security standards
- Take a risk-based approach when suggesting improvements, or proposing fixes
- Ability to perform design reviews and/or technical assessments of software and infrastructure
- Excellent knowledge of InfoSec, risk management and governance, data protection
- Programming/scripting experience, especially to automate repetitive tasks
- Used to multi-tasking and working in a fast-paced environment
- Proven ability to identify and articulate information security requirements, risks and issues, and to make clear decisions / recommendations
- Ability to understand business drivers and risk appetite and align information security compliance accordingly
- Strong ability to communicate clearly and simply, both verbally and in writing
Benefits
Life at TradingHub is a rewarding journey within a fast-growing company that thrives on innovation and collaboration. By combining the best of both tech and finance, we’re able to solve complex problems together and deliver meaningful results to our customers. Everybody has value to bring, and we welcome individuality as a key driving force behind our collective success.
Rooted in everything that we do are our core values: Accountability, Ambition, Partnership and Trust. These provide the foundation for a sustainable workplace culture and the platform for you to harness your unique experience and become the best version of yourself. We believe in our people and invest in their growth, and together, we can sit on the right side of history.
Employee Benefits:
- Annual discretionary performance bonus
- Hybrid working policy
- Office lunches twice a week
- Aviva private medical insurance + Unum dental cover
- Extended parental leave (up to 6 months of fully paid maternity leave)
- 25 days annual leave + bank holidays
- Enhanced company pension plan
- Salary sacrifice scheme
- 5 days study leave towards professional qualifications
- Cycle to Work & Techscheme
- Death in service coverage
Don’t tick every single requirement? Research shows that candidates from under-represented groups are less likely to apply unless they meet all the criteria. We are dedicated to building a diverse, equitable and inclusive workplace, so if this role excites you, please don't let our specification hold you back. Get in touch!
TradingHub is an equal opportunities employer. We do not discriminate based on race, religion, ethnic or national origins, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, socio-economic background, responsibilities for dependants, physical or mental disability or other applicable legally protected characteristics. TradingHub selects candidates for interview based solely on their skills, experience and qualifications.
We are committed to making our recruitment process accessible to all and we encourage candidates to inform us of any required adjustments. A full copy of our diversity, equity and inclusion policy will be made available to you upon request.
The demand for Information Security professionals is on the rise, reflecting the increasing importance of