878 Sap Security Consultant jobs in the United Kingdom

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

• Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
• Lead the development and implementation of security policies, procedures, and controls
• Manage ISO27001 compliance, including internal and external audits
• Conduct risk assessments and oversee incident response planning
• Collaborate with technical teams to ensure security is embedded across services
• Advise on regulatory requirements and emerging threats

Candidate Profile:

• Extensive experience in information security within an MSP or MSSP
• CISSP certified
• Strong working knowledge of GRC frameworks, including ISO27001
• Demonstrated experience in a vCISO capacity
• Excellent stakeholder engagement and communication skills
• Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

• Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
• Lead the development and implementation of security policies, procedures, and controls
• Manage ISO27001 compliance, including internal and external audits
• Conduct risk assessments and oversee incident response planning
• Collaborate with technical teams to ensure security is embedded across services
• Advise on regulatory requirements and emerging threats

Candidate Profile:

• Extensive experience in information security within an MSP or MSSP
• CISSP certified
• Strong working knowledge of GRC frameworks, including ISO27001
• Demonstrated experience in a vCISO capacity
• Excellent stakeholder engagement and communication skills
• Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now

Job Summary: An Information Security Analyst protects an organization’s computer systems and data from cyber threats. They monitor networks, investigate security incidents, and implement safeguards to ensure compliance and minimize risks. Responsibilities: Monitor networks and systems for security breaches, vulnerabilities, and threats. Investigate and respond to cybersecurity incidents. Implement security measures such as firewalls, encryption, and access controls. Conduct risk assessments, audits, and compliance reviews. Develop and enforce IT security policies and procedures. Provide training and awareness programs for employees on cybersecurity best practices. Stay updated on emerging security technologies and threat landscapes. Required Skills & Qualifications: Bachelor’s degree in Cybersecurity, Information Technology, or related field. Knowledge of firewalls, intrusion detection systems, SIEM tools, and encryption. Familiarity with compliance standards (ISO 27001, NIST, GDPR, HIPAA). Strong analytical, problem-solving, and communication skills. Relevant certifications (e.g., CISSP, CISM, CEH, Security) preferred.

️ Information Security Analyst Location: City of London (Hybrid – 2 days/week in office) Salary: Competitive Benefits Industry: B2B Travel Tech / SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment and settlement solutions for travel operators. What You’ll Do ️ ️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. Security Implementation: Improve and implement security measures across systems and infrastructure. Compliance: Ensure alignment with GDPR and other relevant data protection laws and industry standards. Reporting: Deliver detailed reports on incidents, vulnerabilities, and security effectiveness. Threat Research: Stay ahead of emerging threats and technologies to proactively defend systems. Disaster Recovery: Develop and test contingency plans to ensure business continuity. Cross-Team Collaboration: Work closely with IT, Engineering, and other departments to enhance security posture. Training: Deliver cybersecurity awareness training across the organisation. Who You Are ️ 3 years’ experience as an Information Security Analyst in a commercial tech environment Degree in Computer Science, Information Systems, or related field Certifications such as CISSP, CISM, CEH, or CompTIA Security (desirable) Strong analytical mindset and attention to detail Proficient in operating systems, firewalls, encryption, VPNs, and SIEM tools ️ Excellent communicator, able to engage both technical and non-technical audiences Proactive, curious, and passionate about staying ahead of cyber threats Culture Snapshot Hybrid working (Tues & Thurs in-office, flexibility expected) No dress code – substance over style Flat structure, direct access to leadership Debt-free, cash-rich, consistently profitable Opportunity to shape a new function and drive real impact

Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform £60–70k base 10% bonus Hybrid in Coventry with monthly travel to London Security certification support & career development built-in Help shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards and BAU resilience. You’ll focus on third-party security assessments, metrics reporting, and supporting certification frameworks including ISO27001 and SOC2. Expect close collaboration across risk, technology and compliance stakeholders. All while operating at pace, with visibility and trust from the top down. What you’ll bring: 3 years in an InfoSec or IT security role within a regulated or financial firm Security certifications: SSCP, Security, or equivalent Strong GRC foundation: Able to interpret risk frameworks and speak the language of ISO, SOC2, NIST, etc. Comfortable with security tooling and metrics-driven reporting Confident communicator: Translate acronyms into action, and engage stakeholders with clarity and purpose Ethical mindset: understand when to escalate, when to challenge, and how to own your area What you’ll be doing: ISO27001 & SOC2 governance: day-to-day support of the ISMS, remediation tracking, risk reviews Third-party risk assessments: conduct supplier security reviews aligned to appetite and regulatory frameworks Security awareness training: drive phishing simulations and curate internal content via Proofpoint BAU InfoSec operations: ticket triage, KPI reporting, risk dashboards, vulnerability and patch monitoring Compliance tooling: operate and report using platforms like Protecht, Panorays, Rapid7, and Armis Banking enablement: key InfoSec input into a major new market launch Tech & tools you’ll use: Protecht – Enterprise risk & audit platform Panorays – Third-party risk management Rapid7, Armis – Vulnerability & asset visibility Proofpoint – Phishing simulations and awareness content Microsoft Purview – Data governance and policy enforcement Azure (beneficial) – Cloud IAM, logging, and security monitoring Why this role? High-impact GRC project work tied to new market expansion Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership A clear opportunity to stretch across awareness, compliance, and operational domains Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform

️ Information Security Analyst Location: City of London (Hybrid – 2 days/week in office) Salary: Competitive Benefits Industry: B2B Travel Tech / SaaS A high-growth, global B2B travel technology company is hiring an Information Security Analyst to join its newly formed InfoSec team. This is a hands-on role in a fast-paced SaaS environment, supporting millions of transactions daily across flights, hotels, and rail bookings. The company also offers direct payment and settlement solutions for travel operators. What You’ll Do ️ ️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. Security Implementation: Improve and implement security measures across systems and infrastructure. Compliance: Ensure alignment with GDPR and other relevant data protection laws and industry standards. Reporting: Deliver detailed reports on incidents, vulnerabilities, and security effectiveness. Threat Research: Stay ahead of emerging threats and technologies to proactively defend systems. Disaster Recovery: Develop and test contingency plans to ensure business continuity. Cross-Team Collaboration: Work closely with IT, Engineering, and other departments to enhance security posture. Training: Deliver cybersecurity awareness training across the organisation. Who You Are ️ 3 years’ experience as an Information Security Analyst in a commercial tech environment Degree in Computer Science, Information Systems, or related field Certifications such as CISSP, CISM, CEH, or CompTIA Security (desirable) Strong analytical mindset and attention to detail Proficient in operating systems, firewalls, encryption, VPNs, and SIEM tools ️ Excellent communicator, able to engage both technical and non-technical audiences Proactive, curious, and passionate about staying ahead of cyber threats Culture Snapshot Hybrid working (Tues & Thurs in-office, flexibility expected) No dress code – substance over style Flat structure, direct access to leadership Debt-free, cash-rich, consistently profitable Opportunity to shape a new function and drive real impact