3,104 Security Compliance jobs in the United Kingdom

Head of Information Security & Compliance

CF10 1BS Cardiff, Wales £100000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a strategic and highly experienced Head of Information Security & Compliance to lead their cybersecurity initiatives. This is a fully remote, senior leadership role responsible for developing, implementing, and maintaining a comprehensive information security program that protects the company's assets, data, and reputation. You will oversee all aspects of cybersecurity operations, risk management, compliance, and incident response. This role requires a deep understanding of current and emerging threats, regulatory requirements, and best practices in information security. You will build and lead a high-performing security team, fostering a culture of security awareness throughout the organization.

Key responsibilities include:
  • Developing and executing a robust information security strategy aligned with business objectives.
  • Overseeing the implementation and management of security controls, technologies, and processes.
  • Establishing and maintaining comprehensive security policies, standards, and procedures.
  • Leading the information security risk management program, including assessments, vulnerability management, and threat intelligence.
  • Developing and managing the incident response plan, ensuring timely and effective mitigation of security incidents.
  • Ensuring compliance with relevant regulations and standards (e.g., ISO 27001, NIST, GDPR, PCI DSS).
  • Managing security awareness training programs for all employees.
  • Leading and mentoring the information security team.
  • Collaborating with IT, legal, and business units to integrate security into all aspects of operations.
  • Managing relationships with third-party security vendors and service providers.
  • Reporting on the organization's security posture and compliance status to executive leadership and the board.
  • Staying current with the evolving threat landscape and emerging cybersecurity technologies.

The ideal candidate will hold a Bachelor's or Master's degree in Computer Science, Information Security, or a related field. CISSP, CISM, or equivalent certifications are essential. A minimum of 10 years of experience in information security, with at least 5 years in a leadership or management role, is required. Proven experience in developing and implementing comprehensive security programs in complex environments is a must. Strong knowledge of various security domains, including network security, application security, cloud security, and data privacy, is crucial. Excellent leadership, communication, and strategic planning skills are necessary. This is a unique opportunity to lead security efforts for a dynamic company from a remote location.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Architect - Cloud Security & Compliance

CB2 1GA Cambridge, Eastern £80000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a rapidly growing technology firm at the forefront of digital innovation, is seeking a highly skilled Senior Information Security Architect to join their team on a completely remote basis. This is a critical role focused on designing, implementing, and managing robust cloud security strategies and ensuring compliance with global security standards. You will be responsible for defining the security architecture for our cloud infrastructure (AWS, Azure, GCP), encompassing network security, identity and access management (IAM), data protection, threat detection, and incident response. Developing and enforcing security policies, standards, and procedures that align with industry best practices (e.g., ISO 27001, NIST CSF, GDPR) will be a key part of your remit. You will evaluate and recommend security technologies and solutions, conduct security risk assessments, and lead vulnerability management programs. Collaboration with development, operations, and compliance teams to embed security throughout the software development lifecycle (DevSecOps) is essential. The ideal candidate will possess extensive experience in designing and securing cloud environments, with a deep understanding of microservices architectures, containerization (Docker, Kubernetes), and serverless computing. Strong knowledge of common security vulnerabilities, attack vectors, and mitigation techniques is required. Excellent analytical, problem-solving, and communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences, are paramount. A Bachelor's or Master's degree in Computer Science, Information Security, or a related field, along with significant industry certifications (CISSP, CISM, CCSP), is essential. This fully remote position offers the unique opportunity to shape the security posture of a leading tech company from Cambridge, Cambridgeshire, UK , or any location within the UK.
This advertiser has chosen not to accept applicants from your region.

Security & Compliance Specialist

Complexio

Posted today

Job Viewed

Tap Again To Close

Job Description

Description Complexio is Foundational AI. This works to automate business activities by ingesting whole company data – both structured and unstructured – and making sense of it. Using proprietary models and algorithms Complexio forms a deep understanding of how humans are interacting and using it. Automation can then replicate and improve these actions independently. Complexio is a joint venture between Hafnia, in partnership with Marfin Management, C Transport Maritime, Trans Sea Transport and BW Epic Kosan and Símbolo We are looking for a Security & Compliance Speciallist to own and drive our security and compliance requirements. This role is hands-on and strategic, balancing day-to-day operations with long-term initiatives to ensure our organisation remains secure, resilient, and compliant. You will work closely with engineering, product, and leadership teams to embed security into everything we do, while also representing our security and compliance posture to customers, partners, and auditors. Requirements Security Governance & Compliance Lead the company’s efforts to achieve and maintain ISO 27001 (and other frameworks as needed, e.g., SOC 2, EU AI Act readiness). Establish, document, and evolve security and compliance policies, ensuring they meet company needs and regulatory requirements. Drive security and compliance initiatives across business functions, engaging senior stakeholders. Monitor changes in relevant compliance frameworks (e.g., CIS Benchmarks, EU AI Act, GDPR) and adapt processes accordingly. Operational Security Oversee day-to-day security operations, including vulnerability management, access reviews, and incident response readiness. Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM). Work hands-on to perform internal security assessments or penetration testing. Manage relationships with external pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company’s security, privacy, and data protection posture in customer and partner discussions. Provide clear and confident explanations of controls, certifications, and processes during due diligence. Contribute to security documentation for customer-facing materials. Risk Management & Strategy Perform regular risk assessments and maintain the company’s risk register. Translate technical risks into business context to enable leadership decisions. Proactively identify emerging security and compliance risks (including AI-related risks) and propose mitigation strategies. Qualifications Proven experience in a security engineering, compliance, or security leadership role. Strong understanding of security standards and frameworks (ISO 27001, SOC 2, CIS, NIST, GDPR, EU AI Act). Hands-on technical skills in areas such as penetration testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure/AWS/GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. Experience working with auditors, external assessors, and customer security teams. Nice-to-Have Prior experience building security functions in a fast-growing SaaS or AI/ML-driven company. Knowledge of AI-specific compliance and risk frameworks (NIST AI RMF, EU AI Act). Benefits Join a pioneering joint venture at the intersection of AI and industry transformation. Work with a diverse and collaborative team of experts from various disciplines. Opportunity for professional growth and continuous learning in a dynamic field.
This advertiser has chosen not to accept applicants from your region.

Security & Compliance Specialist

Complexio

Posted today

Job Viewed

Tap Again To Close

Job Description

Description


Complexio is Foundational AI. This works to automate business activities by ingesting whole company data – both structured and unstructured – and making sense of it. Using proprietary models and algorithms Complexio forms a deep understanding of how humans are interacting and using it. Automation can then replicate and improve these actions independently.


Complexio is a joint venture between Hafnia, in partnership with Marfin Management, C Transport Maritime, Trans Sea Transport and BW Epic Kosan and Símbolo


We are looking for a Security & Compliance Speciallist to own and drive our security and compliance requirements. This role is hands-on and strategic, balancing day-to-day operations with long-term initiatives to ensure our organisation remains secure, resilient, and compliant.


You will work closely with engineering, product, and leadership teams to embed security into everything we do, while also representing our security and compliance posture to customers, partners, and auditors.


Requirements


  • Security Governance & Compliance
  • Lead the company’s efforts to achieve and maintain ISO 27001 (and other frameworks as needed, e.g., SOC 2, EU AI Act readiness).
  • Establish, document, and evolve security and compliance policies, ensuring they meet company needs and regulatory requirements.
  • Drive security and compliance initiatives across business functions, engaging senior stakeholders.
  • Monitor changes in relevant compliance frameworks (e.g., CIS Benchmarks, EU AI Act, GDPR) and adapt processes accordingly.
  • Operational Security
  • Oversee day-to-day security operations, including vulnerability management, access reviews, and incident response readiness.
  • Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM).
  • Work hands-on to perform internal security assessments or penetration testing.
  • Manage relationships with external pentest providers, auditors, and assessors.
  • Secure Development Lifecycle (SDLC)
  • Partner with engineering teams to embed security in the SDLC and DevSecOps practices.
  • Advise and guide on secure coding practices, threat modeling, and architectural reviews.
  • Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement.
  • Customer & External Engagement
  • Represent the company’s security, privacy, and data protection posture in customer and partner discussions.
  • Provide clear and confident explanations of controls, certifications, and processes during due diligence.
  • Contribute to security documentation for customer-facing materials.
  • Risk Management & Strategy
  • Perform regular risk assessments and maintain the company’s risk register.
  • Translate technical risks into business context to enable leadership decisions.
  • Proactively identify emerging security and compliance risks (including AI-related risks) and propose mitigation strategies.
Qualifications


  • Proven experience in a security engineering, compliance, or security leadership role.
  • Strong understanding of security standards and frameworks (ISO 27001, SOC 2, CIS, NIST, GDPR, EU AI Act).
  • Hands-on technical skills in areas such as penetration testing, application security, or infrastructure hardening.
  • Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure/AWS/GCP).
  • Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences.
  • Experience working with auditors, external assessors, and customer security teams.


Nice-to-Have

  • Prior experience building security functions in a fast-growing SaaS or AI/ML-driven company.
  • Knowledge of AI-specific compliance and risk frameworks (NIST AI RMF, EU AI Act).
Benefits


  • Join a pioneering joint venture at the intersection of AI and industry transformation.
  • Work with a diverse and collaborative team of experts from various disciplines.
  • Opportunity for professional growth and continuous learning in a dynamic field.


This advertiser has chosen not to accept applicants from your region.

Security Compliance Manager

London, London Thinking Search

Posted today

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international travel may be required Candidate Requirements ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards 5 years’ experience in IT or Security audits, assessments or compliance management Strong understanding of Cyber Essentials Plus, risk management, and security controls Sound technical understanding of systems, networks, and security architecture best practices Excellent written and verbal communication skills, with the ability to engage senior stakeholders High attention to detail, analytical capability and strong organisational skills Ability to work cross-functionally and influence internal and external stakeholders Familiarity with control design, vulnerability management, and third-party risk management This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment. Hybrid working and salary up to £95,000 Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided. Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit
This advertiser has chosen not to accept applicants from your region.

Security Compliance Manager

London, London Thinking Search

Posted today

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international travel may be required Candidate Requirements ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards 5 years’ experience in IT or Security audits, assessments or compliance management Strong understanding of Cyber Essentials Plus, risk management, and security controls Sound technical understanding of systems, networks, and security architecture best practices Excellent written and verbal communication skills, with the ability to engage senior stakeholders High attention to detail, analytical capability and strong organisational skills Ability to work cross-functionally and influence internal and external stakeholders Familiarity with control design, vulnerability management, and third-party risk management This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment. Hybrid working and salary up to £95,000 Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided. Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit
This advertiser has chosen not to accept applicants from your region.

Security Compliance Manager

London, London Thinking Search

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS).


The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies.


Responsibilities

  • Serve as the primary liaison for client and internal security and compliance audits
  • Manage and maintain the firm’s ISO 27001 ISMS and related deliverables
  • Coordinate internal and external security assessments and certification schedules
  • Lead ISO 27001 audits and manage relationships with certification agencies
  • Manage client security assessments and responses to security questionnaires and RFPs
  • Collaborate with technical, risk and business teams to identify and remediate control gaps
  • Maintain documentation and reporting to ensure compliance with regulatory standards
  • Develop recommendations for control enhancements and process improvements
  • Represent the firm’s security posture to clients and partners
  • Occasional international travel may be required


Candidate Requirements

  • ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards
  • 5+ years’ experience in IT or Security audits, assessments or compliance management
  • Strong understanding of Cyber Essentials Plus, risk management, and security controls
  • Sound technical understanding of systems, networks, and security architecture best practices
  • Excellent written and verbal communication skills, with the ability to engage senior stakeholders
  • High attention to detail, analytical capability and strong organisational skills
  • Ability to work cross-functionally and influence internal and external stakeholders
  • Familiarity with control design, vulnerability management, and third-party risk management


This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment.


Hybrid working and salary up to £95,000


Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided.


Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit

This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security compliance Jobs in United Kingdom !

Security Compliance Manager

Thinking Search

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS).


The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies.


Responsibilities

  • Serve as the primary liaison for client and internal security and compliance audits
  • Manage and maintain the firm’s ISO 27001 ISMS and related deliverables
  • Coordinate internal and external security assessments and certification schedules
  • Lead ISO 27001 audits and manage relationships with certification agencies
  • Manage client security assessments and responses to security questionnaires and RFPs
  • Collaborate with technical, risk and business teams to identify and remediate control gaps
  • Maintain documentation and reporting to ensure compliance with regulatory standards
  • Develop recommendations for control enhancements and process improvements
  • Represent the firm’s security posture to clients and partners
  • Occasional international travel may be required


Candidate Requirements

  • ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards
  • 5+ years’ experience in IT or Security audits, assessments or compliance management
  • Strong understanding of Cyber Essentials Plus, risk management, and security controls
  • Sound technical understanding of systems, networks, and security architecture best practices
  • Excellent written and verbal communication skills, with the ability to engage senior stakeholders
  • High attention to detail, analytical capability and strong organisational skills
  • Ability to work cross-functionally and influence internal and external stakeholders
  • Familiarity with control design, vulnerability management, and third-party risk management


This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment.


Hybrid working and salary up to £95,000


Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided.


Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit

This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Compliance Jobs