163 Information Security Management jobs in London

As our Information Security Management Specialist (m/f/d) , you'll provide experienced support in the implementation and management of the Information Security Management System (ISMS) framework in alignment of current ISO 27001 standard and guidelines. With a focus on cybersecurity, this role involves leading risk assessments, ensuring alignment with industry standards and regulations, and following information security practices and policies.

What you will do

• Contribute to implementation, maintenance along with continuous improvement and associated instructional documentation of ISMS and its controls in line with the requirements of ISO 27001:2022 and similar standards.
li>Ensure compliance and maintenance of ISO 27001:2022 standard as well as all Information Security requirements with respect to laws, regulations, client requirements, NTT DATA and Group requirements including active participation in internal and external ISMS audits.
• Support in information security audits, performed by organization or third-party personnel.
• Ensure that IT systems are assessed against Information Security criteria and operate in compliance with the instructional Information Security documentation.
• Conduct company-wide gap assessment of ISMS clauses and control implementation.
• Ensure vulnerability management, tracking and reporting.
• Collaborate with the IT department to set Information security standard for Cyber Security 
li>Support in preparing management Information Security reports and dashboards.
• Review and respond to customer Service Agreements/RFPs/RFIs with respect to Information Security related clauses/questionnaires.
• Actively participate in Information Security External certification audits, internal audits, and gap assessments.
• Perform other security related task as required.

What we are looking for

• Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field.
< i>Information Security certifications such as ISO 27001 Lead Auditor/Implementer, CISM, CISA, CRISC, CISSP, CEH, COBIT or equivalent preferred.
• Fluent in English, Multilingual skills are an advantage.
• Skilled proficiency in conducting risk assessments, analyzing security controls, and policy management.
• Excellent communication and interpersonal skills for collaborating with various stakeholders.
• Strong project management skills for handling security initiatives.
• Strong familiarity with aspects related to information security.
• Strong knowledge of ISO 27001 and further relevant standards.

What we offer you

• An agile company culture with short decision-making paths and plenty of opportunities to show personal initiative
• Flexible working time models and mobile working (depending on your role)
• Allowance for the use of public transport and job bikes
• Allowance for the use of health and wellness
• Individual training and development opportunities
• Numerous other additional benefits such as birthday vouchers, employee advisory program, employee referral scheme, lunch allowance, company events, etc.

We look forward to hearing from you!

About the Global Data Centers division of NTT DATA
Global Data Centers is a division of NTT DATA. Our global platform is one of the largest in the world. NTT is ranked as one of the top three leaders worldwide by IDC in their Colocation and Interconnection Services MarketScape, spanning more than 20 countries and regions including North America, Europe, Africa, India and APAC. 

As a neutral operator, we offer access to multiple cloud providers, a large variety of Internet Exchanges and telecommunication network providers including our own IPv6 compliant, tier 1 global IP network. Our clients benefit from tailored infrastructure and experience consistent best practices in design and operations across all of our reliable, scalable and customizable data centers. 

Working at NTT Global Data Centers
At NTT Global Data Centers, we stand as one of the largest data center providers, dedicated to powering the digital infrastructure of tomorrow. Innovation is in our DNA. We thrive on pushing boundaries, exploring new possibilities, and embracing emerging technologies to continuously ensuring that every interaction, every solution, and every outcome exceeds our clients’ expectations. Our values are the guiding principles that shape our culture, define our identity, and propel us forward as one of the industry leaders. 

Interested in becoming part of an agile international team and actively shaping the digital infrastructure of tomorrow?
Join our team by submitting your application today!

Would you like to join a profitable, Series B HealthTech scaleup that’s putting privacy and AI at the heart of their product offering?nPackage includes £120-130k salary, private health, 3 days in London office, 31 holidays, and loads more.nThey’re a tech-first, consumer business that is looking for their first DPO who will lead the business as they enter their next stage of growth.nAI products are already integrated into their platform. You’ll lead how they scale this responsibly for customersnThe jobnA strategic leadership role, you’ll work with product and tech teams to innovate at speed whilst protecting the rights of the users.nYou’ll be known as a great team leader, developing an existing function of DP superstars, mentoring and coaching when needed.nYou’ll standout by demonstrating true data privacy and AI governance leadership, bringing non-technical and technical minds with you along the way.nYou’ll strengthen the privacy framework and embed a product-led, privacy-by-design culture that supports trust and innovation.nPackage includes £120-140k salary, shares, private health, 3 days in London office, 31 holidays, and loads more.

#J-18808-Ljbffrn

OverviewnJoin to apply for the

Data Protection Officer

role at

Kindred Group plc .

As a Data Protection Officer, you will act as the right hand of the Legal Director on all privacy-related matters within OBG and oversee privacy-related matters across OBG, ensuring regulatory compliance while enabling responsible and sustainable business growth.

In this role, you will assess and mitigate privacy risks, design and implement solutions, and provide expert guidance to stakeholders across the business. You will also lead a team of three professionals while reporting to the OBG Legal Director. The position operates under the functional oversight of the FDJ United Group DPO, based in Paris, France, and is part of a wider legal team located across Europe within a dynamic, fast-paced industry.

We are looking for a hands-on Data Protection Officer who thrives in operational environments and is not afraid to get involved in the day-to-day implementation of privacy practices. Beyond strategic oversight, the DPO will actively support teams in designing compliant processes, resolving complex data protection issues, and embedding privacy into product development cycles. This role requires a pragmatic mindset, strong execution capabilities, and the ability to translate legal requirements into actionable solutions across the business.

What you will do

Oversee and ensure the protection of personal data across our platforms and operations

Provide strategic advice to business stakeholders on a broad range of data privacy matters, with a focus on the EU, UK and Australia.

Interpret and apply data protection laws (including GDPR, UK GDPR, and other global privacy frameworks) to business operations.

Monitor and advise on global developments in privacy and data protection law.

Develop, implement, and maintain privacy policies and procedures to ensure compliance across jurisdictions.

Collaborate with Procurement, Security, IT teams and Internal Audit to perform supplier audits and due diligence under the supplier risk management framework.

Design and deliver privacy training and awareness programs across the business.

Lead investigations into data breaches, prepare reports to regulators where required, and manage regulatory or customer complaints.

Contribute to enhancing group-wide data governance frameworks.

Promote and embed data protection by design and default into business processes.

Oversee and handle data subject requests (access, rectification, erasure, objection, etc.) in a timely and compliant manner.

Maintain and update the Record of Processing Activities (RoPA) in collaboration with business units.

Define and track privacy KPIs, and report regularly to senior management on compliance status and risk exposure.

Staying compliant in your role

Ensure that you adhere to the Governance, Risk & Compliance (GRC) obligations for your role.

Identify and raise any non-compliance incidents promptly to your line manager.

Challenge processes, policies and projects that will negatively impact compliance within the Group.

Complete all mandatory compliance training assigned to you.

Reach out to the Compliance Teams if unsure of any of your compliance obligations or the requirements are unclear.

How will success be measured in this role

Acting in line with FDJ UNITED values

Successful completion of all relevant training and other compliance activities that support FDJ's sustainable and responsible growth

Your experience

Law degree.

7–10 years' experience also with global data protection laws from the data controller's perspective and Artificial Intelligence.

Proven managerial and leadership experience.

Background in B2C and digital industries, with experience leading cross-functional, international projects.

Strong understanding of online technologies and their privacy implications.

Excellent communication and collaboration skills, with the ability to build trusted relationships with legal and business stakeholders.

Skilled at translating complex legal and regulatory requirements into practical, risk-based recommendations.

Strong organisational skills with the ability to prioritise multiple projects.

Proactive and independent working style.

Fluency in English is essential;

proficiency in French is a strong asset .

Our Way Of WorkingnOur world is hybrid.

A career is not a sprint. It’s a marathon. One of the perks of joining us is that we value you as a person first. Our hybrid world allows you to focus on your goals and responsibilities and lets you self-organise to improve your deliveries and get the work done in your own way.

Application ProcessnWe believe talent knows no boundaries. Our hiring process focuses solely on your skills, experience, and potential to contribute to our team. We welcome applicants from all backgrounds and evaluate each candidate based on merit, regardless of personal characteristics as the age, gender, origin, religion, sexual orientation, neurodiversity or disability.

Seniority levelnMid-Senior level

Employment typenFull-time

Job functionnLegal

IndustriesnGambling Facilities and Casinos

#J-18808-Ljbffrn

Overview

We’re a fast-growing data product business seeking a

hands-on fractional DPO

to steer our privacy and compliance strategy. You’ll not only advise on regulations but also embed a privacy by design culture across teams.nResponsibilities

Act as our designated DPO.nEmbed a culture of privacy by design.nGuide the business on GDPR, PECR & upcoming AI regulations.nQualifications

An experienced DPO / Head of Privacy / Senior Privacy Counsel.nStrong background in AI or data analytics.nSkilled at making privacy practical and cultural.nSenioriy level

DirectornEmployment type

ContractnJob function

Information TechnologynIndustries

Software Development and IT Services and IT Consulting

#J-18808-Ljbffrn

What's the role about?



We're looking for a proactive and delivery-focused Data Protection Project Manager to lead the implementation of a robust governance and compliance framework across the organisation. This is a hands-on role, ideal for someone who's ready to roll up their sleeves and deliver meaningful, tangible outputs.



The role will focus on foundational data protection work, embedding key operational procedures and processes aligned to the ICO Accountability Framework, with immediate impact across the business. You'll also support broader compliance areas including PCI-DSS, carbon reporting, and audit readiness.



Initially, this role is a 3-month fixed-term contract.



Who you are




A data protection and compliance specialist with hands-on experience implementing governance frameworks, not just managing them.


Strong ability to operate independently and deliver at pace in a project environment with tight timelines.


Experienced in interpreting regulatory requirements (e.g. GDPR, UK DPA, ICO) and translating them into real-world, operational processes.


Skilled in documenting policies, responding to incidents, and managing subject access and vendor risk requests.


Confident in working with senior stakeholders and cross-functional teams to define and implement compliance policies and procedures.


A natural problem-solver with excellent communication and stakeholder engagement skills.


Experienced in audits, data mapping, DPIAs, and tools that support compliance functions.


Ideally familiar with data protection regulations in the UK, EU, and US.





What you'll be doing




Deliver and embed the core data protection governance framework, working closely with business leaders and the Group Data Protection Officer to align with the ICO Accountability Framework and embed it into daily operations.


Support the wider compliance function by collaborating with the Group-level Senior Compliance Officer to ensure consistent application of standards.


Draft and implement essential data protection policies, operational procedures, and incident response plans, including clear protocols for escalation, investigation, and reporting. Ensure all documentation meets both legal and Group-level requirements.


Own and manage incoming compliance and audit queries, coordinating responses to internal and external audits. Work cross-functionally with Legal, People, IT, Retail, Sourcing, and Operations teams to gather evidence and deliver responses accurately and on time.


Establish and manage the Data Protection Mailbox, clearing existing backlogs, setting up an efficient triage and escalation process, and tracking all activity for audit-readiness.


Learn and document existing business processes from internal stakeholders, identifying gaps and opportunities for improvement. Translate these into practical, privacy-aligned procedures that are clear, repeatable, and easy to follow.


Lead the delivery of key compliance activities, including Data Protection Impact Assessments (DPIAs), data subject access requests (DSARs), vendor and third-party reviews, and data mapping updates. Maintain records such as ROPA, asset registers, and audit trails to evidence compliance.





What we offer




Competitive salary.


Up to 65% employee discount.


Access to exclusive sample sales.


Aviva DigiCare+ wellbeing services.


Medicash health support plan.


Workplace pension contributions.


Enhanced parental leave policies.


Cycle to Work programme.


Plus further workplace benefits.





If you want to start your story at Reiss as our Data Protection Project Manager, don't miss out - apply now!



#WeAreReiss



We recognise the importance and power of diversity within our business and, as such, we ensure that our people processes are fair, transparent and promote equality of opportunity for all candidates.



It is our pledge that candidates will not be discriminated against on the grounds of gender, gender identity or expression, pregnancy, marital status, age, race, colour, ethnic background, nationality, disability, sexual orientation, religion, religious or similar belief. Every individual will be treated with respect.



We know that some people won't apply for a role unless they feel they meet all of the requirements listed. We want you to know that finding people who will add to our inspirational culture and have a learning mindset is incredibly important to us. Even if you feel you don't tick all the boxes, we'd still like to hear from you.

What's the role about?



We're looking for a proactive and delivery-focused Data Protection Project Manager to lead the implementation of a robust governance and compliance framework across the organisation. This is a hands-on role, ideal for someone who's ready to roll up their sleeves and deliver meaningful, tangible outputs.



The role will focus on foundational data protection work, embedding key operational procedures and processes aligned to the ICO Accountability Framework, with immediate impact across the business. You'll also support broader compliance areas including PCI-DSS, carbon reporting, and audit readiness.



Initially, this role is a 3-month fixed-term contract.



Who you are




A data protection and compliance specialist with hands-on experience implementing governance frameworks, not just managing them.


Strong ability to operate independently and deliver at pace in a project environment with tight timelines.


Experienced in interpreting regulatory requirements (e.g. GDPR, UK DPA, ICO) and translating them into real-world, operational processes.


Skilled in documenting policies, responding to incidents, and managing subject access and vendor risk requests.


Confident in working with senior stakeholders and cross-functional teams to define and implement compliance policies and procedures.


A natural problem-solver with excellent communication and stakeholder engagement skills.


Experienced in audits, data mapping, DPIAs, and tools that support compliance functions.


Ideally familiar with data protection regulations in the UK, EU, and US.





What you'll be doing




Deliver and embed the core data protection governance framework, working closely with business leaders and the Group Data Protection Officer to align with the ICO Accountability Framework and embed it into daily operations.


Support the wider compliance function by collaborating with the Group-level Senior Compliance Officer to ensure consistent application of standards.


Draft and implement essential data protection policies, operational procedures, and incident response plans, including clear protocols for escalation, investigation, and reporting. Ensure all documentation meets both legal and Group-level requirements.


Own and manage incoming compliance and audit queries, coordinating responses to internal and external audits. Work cross-functionally with Legal, People, IT, Retail, Sourcing, and Operations teams to gather evidence and deliver responses accurately and on time.


Establish and manage the Data Protection Mailbox, clearing existing backlogs, setting up an efficient triage and escalation process, and tracking all activity for audit-readiness.


Learn and document existing business processes from internal stakeholders, identifying gaps and opportunities for improvement. Translate these into practical, privacy-aligned procedures that are clear, repeatable, and easy to follow.


Lead the delivery of key compliance activities, including Data Protection Impact Assessments (DPIAs), data subject access requests (DSARs), vendor and third-party reviews, and data mapping updates. Maintain records such as ROPA, asset registers, and audit trails to evidence compliance.





What we offer




Competitive salary.


Up to 65% employee discount.


Access to exclusive sample sales.


Aviva DigiCare+ wellbeing services.


Medicash health support plan.


Workplace pension contributions.


Enhanced parental leave policies.


Cycle to Work programme.


Plus further workplace benefits.





If you want to start your story at Reiss as our Data Protection Project Manager, don't miss out - apply now!



#WeAreReiss



We recognise the importance and power of diversity within our business and, as such, we ensure that our people processes are fair, transparent and promote equality of opportunity for all candidates.



It is our pledge that candidates will not be discriminated against on the grounds of gender, gender identity or expression, pregnancy, marital status, age, race, colour, ethnic background, nationality, disability, sexual orientation, religion, religious or similar belief. Every individual will be treated with respect.



We know that some people won't apply for a role unless they feel they meet all of the requirements listed. We want you to know that finding people who will add to our inspirational culture and have a learning mindset is incredibly important to us. Even if you feel you don't tick all the boxes, we'd still like to hear from you.

Overview

Join a global leader as Senior Data Protection Manager, reporting to the Chief Privacy Officer. You’ll lead privacy compliance across multiple regions, with a key focus on Germany, the Middle East, and the UK.nResponsibilities

Act as SME for German data protection law, GDPR & ePrivacy.nDrive privacy culture through training & stakeholder engagement.nCollaborate with senior leadership and global teams.nQualifications

MUST be fluent in German & English.n8+ years’ privacy/data protection experience in a global environment.nStrong stakeholder management up to C-Suite.nOneTrust experience essential.nHybrid: 3 days in London office.nCompensation

Competitive salary + discretionary bonus. Note: The pay range is provided by Lawrence Harvey; your actual pay will be based on your skills and experience.nSeniority level

Mid-Senior levelnEmployment type

Full-timenJob function

ManagementnIndustries

Staffing and Recruiting

#J-18808-Ljbffrn

OverviewnPureGym is the No.1 gym operator in the UK, and the 4th largest gym operator worldwide. With 600+ gyms and over 2 million members across the UK, Europe & the US, we are the gym where Everybody is Welcome. We champion diversity and are committed to providing a workplace where everyone feels free to be. We’re proud to be recognised as a

Top Institute Employer , reflecting our commitment to excellence in employee experience and workplace culture.

We offer:

Free nationwide gym membership for you + 1

A truly flexible working culture

Life insurance x4

Company pension contribution

25 days annual leave, plus 1 personal day

Option to purchase additional holiday (up to 5 days)

Great learning & development resources

Enhanced maternity pay, paternity and adoption leave

About the TeamnThe Data Protection Support Officer and Data Compliance Specialist will make up the Data Protection team for the organisation. The team provide expertise to ensure that the business is protected and remains compliant in all practices whilst remaining agile and being able to operate and make risk based commercial decisions.

The RolenLocation: London; 2 days in the office (ability to travel internationally)

Type: Full Time

Contract type: Perm

The Data Protection Support Officer will support the Data Compliance Specialist in ensuring that the organisation is compliant in all Data Protection Regulation across the PureGym Group including UK, Denmark, USA and Switzerland.

Responsibilities

Act as first point of contact for all emails sent to the Data Protection mailboxes

Review, categorise, prioritise and respond to incoming external data protection requests and queries

Escalate complex or high-risk issues to the DPO

Track and conduct all member and employee Subject Access Requests and maintain Subject Access Request log. Coordinate with teams to gather requested information, complete redactions for SARs and maintain accurate records of all requests received.

Action and maintain a log Right to Erasure requests, and send out responses to requestors

Complete and log Data Breach reports and mitigating actions for low-medium risk breaches, and escalate high risk breaches immediately

Supply monthly reports of mailbox activity

Support training and awareness initiatives alongside the Data Compliance Specialist based on mailbox trends

Support the Data Compliance Specialist with other Data Protection compliance activities as required

The Person

Have demonstrable experience and knowledge within Data Protection work from a similar position, with a particular focus on handling Data Rights Request and Data Sharing with third parties

Are collaborative and dialogue-oriented with a can do attitude

Well organized and a practical problem solver with a keen attention to detail

Disciplined, is calm under pressure, and thrives working at pace

Strong diligence, prioritization, and organizational skills, and is an initiative taker

Educational background is desirable, but it is a prerequisite that you have experience working with data protection compliance in the UK and Europe

Highly proficient in Microsoft tools (Word, Excel, PowerPoint)

Experienced in building strong & credible relationships with a wide stakeholder group

A dedicated and hard-working team player with high energy, and who communicates effectively and works collaboratively

Lives and breathes our values in everything they do

Hybrid working with a minimum of 2 days a week in the office and willingness to travel internationally as required

PureGym is proud to be an equal opportunities employer. Our company mantra is ‘Everybody Welcome’ and we are dedicated to promoting a diverse and inclusive place to work. From a hiring standpoint, we welcome applicants from all backgrounds and are committed to ensuring that our PureGym colleagues reflect the diversity of the nation as well as our millions of gym members we serve.

Join us on our mission is to bring high quality, affordable fitness to everyone, everywhere.

Please note: Applications will be reviewed on a rolling basis, and the advert may be withdrawn at any time. Early application is encouraged.

#J-18808-Ljbffrn

We are a global leader in providing cutting-edge identity verification and digital KYC solutions. Our AI-powered platform helps thousands of businesses worldwide to onboard customers securely, prevent fraud, and ensure regulatory compliance. Trust, security, and privacy are at the core of everything we do, and we are committed to upholding the highest standards of data protection for our clients and their users.

Role Summary

We are seeking a highly experienced and qualified Data Protection Officer (DPO) to join our team in the UK. This is a critical leadership role with primary responsibility for overseeing our data protection strategy and implementation to ensure compliance with UK GDPR, EU GDPR, and other global data privacy regulations.

The ideal candidate will be an expert in data privacy laws, possess impeccable integrity, and have the professional stature to advise and monitor compliance at the highest levels of the organisation. You will act as an independent advisor, ensuring that our company processes the personal data of our employees, customers, and end-users in full compliance with the applicable laws.

Key Responsibilities

• Compliance Oversight:  Monitor and advise on the company’s compliance with UK GDPR, EU GDPR, DPA 2018, and other relevant global data protection laws.
• Policy Development:  Develop, implement, and maintain the company’s data protection policies, procedures, and guidelines, ensuring they are embedded into all operational areas.
• Advisory Function:  Serve as the primary point of contact and provide expert, pragmatic advice to all business units on data protection impact assessments (DPIAs), legitimate interest assessments (LIAs), and records of processing activities (ROPAs).
• Training & Culture:  Develop and deliver comprehensive data protection training programmes to employees at all levels, fostering a culture of data privacy and security awareness throughout the organisation.
• Internal Audit:  Conduct regular audits and monitoring of data processing activities to identify and mitigate risks, ensuring corrective actions are implemented.
• Point of Contact:  Act as the primary contact for data subjects and supervisory authorities, including the Information Commissioner's Office (ICO). Manage and document data subject requests and breach incidents.
• Risk Management:  Proactively identify and evaluate the company’s data processing activities to identify risks and provide strategic guidance to mitigate them.
• Vendor Management:  Oversee data protection aspects of vendor and third-party processor agreements to ensure compliance throughout the supply chain.

Essential Skills & Qualifications

• Certified Information Privacy Professional (CIPP/E, CIPT or similar) and/or a relevant legal qualification is highly desirable.
• Proven experience (5+ years) in a dedicated Data Protection Officer or similar privacy leadership role,  preferably within a B2B SaaS, technology, or financial services environment.
• Expert knowledge of UK and EU data protection laws and practices (GDPR, DPA 2018),  with a strong understanding of how they apply to AI, biometric data, and cloud-based technology platforms.
• Demonstrable experience in conducting DPIAs, managing data subject access requests (DSARs), and handling data breach incidents.
• Excellent communication, interpersonal, and influencing skills, with the ability to translate complex legal requirements into clear, actionable business guidance for technical and non-technical teams.
• Ability to operate independently with a high degree of integrity and professional ethics.

Desirable Skills

• Experience in the identity verification, fraud prevention, or fintech sector.
• Familiarity with global privacy frameworks outside of Europe (e.g., CCPA, PIPL).
• Understanding of cybersecurity principles and standards (e.g., ISO 27001, SOC 2).

What We Offer

• A competitive salary and comprehensive benefits package.
• The opportunity to play a pivotal role in a globally recognised technology leader.
• A critical and highly visible role at the heart of the company's mission to build trust.
• Continuous professional development opportunities.