24 Security Compliance jobs in the United Kingdom

Security Compliance Engineer

£45000 - £85000 annum Kuba

Posted 596 days ago

Job Viewed

Tap Again To Close

Job Description

Permanent

The Security Compliance Engineer is a crucial member of our security team, responsible for ensuring our organisation's adherence to PCI standards and other relevant security regulations. This role involves implementing and maintaining secure payment environments, managing key encryption and decryption processes, and providing technical guidance for security compliance projects. The ideal candidate will have a strong understanding of PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and Amazon Web Services (AWS). They will also have excellent problem-solving skills, a hands-on approach to work, and the ability to communicate complex security concepts to a non-technical audience. Relevant certifications in information security and AWS are a plus.


About Kuba

We are a fast-growing SaaS company with offices in the UK, France, South Africa, Italy and the US. We believe that efficient public transport is key to delivering positive, sustainable change.

Kuba is in the transport sector, but we are a technology provider that enables Ticketing-as-a-Service (TaaS). We offer cutting-edge ticketing technology coupled with broad practical sector experience.

It's an exciting time to work at Kuba as we are accelerating into an incredible period of growth, and you'll have a chance to grow with us.


Responsibilities
  • Implement and maintain secure payment environments, including data encryption, secure networks, and secure transaction systems in compliance with PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and AWS best practices.
  • Conduct regular audits to ensure secure handling of cardholder data and compliance with PCI, AWS, and other relevant security standards.
  • Develop and implement security policies and procedures related to data protection, network security, and incident management to ensure compliance with PCI standards, AWS best practices, and other relevant regulations.
  • Manage key encryption and decryption processes, ensuring secure key management.
  • Provide technical guidance and support for all security compliance projects.
  • Collaborate with various teams to ensure security standards are met across all projects.
  • Stay updated on the latest security standards, systems, and authentication protocols, including AWS security services and features.
  • Participate in the creation and or maintenance of the Information Security Management System.

Requirements

  • Proven experience in a technical role managing security compliance, preferably with a focus on PCI standards and AWS. Experience in roles such as Security Analyst, Security Engineer, or similar is preferred.
  • Strong knowledge of PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and AWS.
  • Expertise in key management, encryption/decryption processes, and AWS security services and features.
  • Familiarity with various network architectures, cloud services, system management practices, process improvement strategies, and AWS infrastructure.
  • Strong problem-solving skills and a hands-on approach to tackling challenges.
  • Excellent communication skills, with the ability to explain complex security concepts to non-technical team members.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or AWS Certified Security - Specialty are a plus.

Benefits

Salary and benefits commensurate with position

This advertiser has chosen not to accept applicants from your region.

Security Compliance Senior Analyst

Coinbase

Posted today

Job Viewed

Tap Again To Close

Job Description

Ready to be pushed beyond what you think you're capable of?
At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system.
To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems.
Our is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be.
While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.
Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to expand our compliance advisory program and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive second line of defense technology compliance initiatives across our crypto derivatives services and drive risk reduction through 'controls by design' and ongoing monitoring.
*What you'll be doing (ie. job duties):*
* *Control Assessment:* Lead technical deep dive control assessments into crypto derivatives products, services and supporting systems (including perpetual swaps, futures, and options) to assess risk and control design, identify areas of weakness and control failures, and recommend risk reduction initiatives within a high-frequency, low-latency trading environment
* *SOX Compliance*: Assess *SOX, SOC 2 and ISO27001* implications of crypto derivatives services and assess their compliance posture against those frameworks and certifications
* *Compliance Advisory:* Translate complex regulatory requirements into actionable engineering and business requirements, ensuring systems for collateral management, market data, and trade settlement are demonstrably compliant
* *Stakeholder Collaboration: *Build close relationships with stakeholder teams including Security, Engineering, and Product to advise on technology and security requirements and ensure excellence in control ownership
* *Incident Evaluation:* Lead incident impact analysis procedures for Consumer products and services
* *Metrics and Reporting: *Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management
* *Process Improvement:* Identify opportunities to address systemic program challenges, recommend solutions and drive issue resolution
* *Documentation and Training: *Develop and maintain comprehensive control and testing requirement documentation and deliver training to owners over control implementation, maintenance and remediation plans
* *Risk Mitigation:* Develop creative solutions to prove risk mitigation and solve for complex regulatory problems faced by the crypto industry
* *Maintain an industry pulse*: Maintain awareness of international regulation, emerging threats, forecasts, policies, and benchmarks
*What we look for in you (ie. job requirements):*
* *6+ years of experience* working in a technical controls or GRC engineering function, or equivalent experience
* *Control domain knowledge and best practices:* Familiarity with standards and frameworks e.g. ISO 27001/5, NIST CSF, SOX, SOC, COBIT
* *Strong technical acumen: *Ability to analyze and map complex, crypto-native technical processes to traditional control objectives (e.g., mapping on-chain collateral movements to SOX controls for financial reporting integrity).
* *Navigating ambiguity and complexity: *Ability to manage a queue against strategic priorities and shows expertise in being able to handle multiple assessments at a time. You are comfortable operating on an unpaved road and dealing with ambiguity.
* *Clear/concise communicator and writer:* Experience drafting/operationalizing project plans across stakeholders, holding teams accountable, and documenting deliverables to varying levels of junior and senior stakeholder audiences. Ability to translate controls/risk standards out of compliance speak and into functional requirements and across varying levels of technical stakeholders.
* *Regulatory familiarity: *Understanding of financial derivatives is essential. Must have a strong grasp of products like futures, options, and perpetuals, as well as core exchange functions such as order matching, risk engines, margining, and clearing.
* *Drive for continuous learning:* You are willing to learn and apply processes unique to the challenges at Coinbase. You have a willingness to embrace a steep learning curve and stretch opportunities to learn new skills.
* *Excellent organization and project management skills: *Able to perform effectively in a fast-moving and demanding environment
* *Clear cross-functional communication:* Ability to communicate with technical and non-technical stakeholders to align on shared outcomes
*Nice to haves:*
* FinTech, TradFi, consulting, business operations technical program management or other customer-facing disciplines.
* Strong knowledge of risk/control issues in relation to evolving technology (e.g., crypto,cloud, data lakes, machine learning).
* Certification is a plus, but not a requirement: information security risk management qualifications like CISA, CISSP, CISM
* Demonstrated beginner/intermediate knowledge of crypto/blockchain/web3
*BA or BS in a technical field or equivalent experience*
* Experience working with MiFiD requirements
Position ID: P72517
#LI-Remote
*Pay Transparency Notice: *The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision).
Pay Range:
£127,080-£141,200 GBP
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
Commitment to Equal Opportunity
Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the in certain locations, as required by law.
Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations Data Privacy Notice for Job Candidates and Applicants
Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available Disclosure
For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.
For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.
*The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations(at)coinbase.com
This advertiser has chosen not to accept applicants from your region.

Aviation Security Compliance Officer

NR3 1 Norwich, Eastern £38000 Annually WhatJobs

Posted 22 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a key player in the aviation industry, is looking for a meticulous and knowledgeable Aviation Security Compliance Officer to join their team in **Norwich, Norfolk, UK**. This role is crucial in ensuring that all operations adhere to stringent national and international aviation security regulations and standards. You will be responsible for developing, implementing, and maintaining comprehensive security policies and procedures. Your duties will include conducting regular security audits and risk assessments, investigating security breaches or incidents, and implementing corrective actions. You will also play a vital role in training staff on security protocols and ensuring compliance across all airport operations. The ideal candidate will possess a strong understanding of aviation security legislation, including aviation acts, transport security regulations, and international civil aviation organization (ICAO) standards. Experience in security management, risk assessment, and compliance within the aviation sector is highly desirable. Excellent analytical, observational, and reporting skills are essential, as is the ability to work effectively both independently and as part of a team. You should be proficient in using security management systems and have strong communication skills to liaust with regulatory bodies and internal stakeholders. This position will involve a combination of on-site presence at **Norwich** Airport for inspections and operational oversight, and remote work for policy development, analysis, and reporting. A relevant certification in aviation security or a related field is advantageous. This is a critical role for ensuring the safety and security of air travel, offering a stable and challenging career in a vital sector.
This advertiser has chosen not to accept applicants from your region.

Head of Aviation Security Compliance

G2 1DU Glasgow, Scotland £70000 Annually WhatJobs

Posted 18 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a leading international airport operator, is seeking an experienced and highly qualified Head of Aviation Security Compliance to lead their security assurance and regulatory affairs team. This is a critical leadership position responsible for ensuring the airport's adherence to all national and international aviation security regulations and standards. You will develop, implement, and oversee comprehensive security compliance programs, conduct risk assessments, and manage audits and inspections. The successful candidate will possess a deep understanding of aviation security legislation, best practices, and emerging threats. Strong leadership, strategic planning, and stakeholder management skills are essential for success in this role.

Key Responsibilities include:
  • Developing and maintaining the airport's aviation security compliance framework.
  • Ensuring adherence to regulations set forth by authorities such as the CAA, DfT, and international bodies (e.g., ICAO, TSA).
  • Leading and managing the aviation security compliance team, fostering a culture of security excellence.
  • Conducting regular internal and external audits and inspections to identify areas for improvement.
  • Developing and delivering security awareness training programs for all airport staff and stakeholders.
  • Investigating security incidents and breaches, implementing corrective actions.
  • Staying abreast of evolving security threats and regulatory changes, adapting strategies accordingly.
  • Liaising with government agencies, law enforcement, and other aviation stakeholders.

This role requires a minimum of 7 years of progressive experience in aviation security, with at least 3 years in a senior management or leadership capacity. A relevant degree in aviation management, security management, or a related field is highly desirable. Professional certifications in aviation security are a significant asset. Excellent analytical, problem-solving, and decision-making abilities are required. Strong communication and presentation skills are necessary for effectively conveying complex security information to diverse audiences. This is a hybrid role, requiring a balance of on-site presence for critical operational oversight and strategic meetings in Glasgow, Scotland, UK , with the flexibility for remote work on other days.

This is a challenging and rewarding opportunity to shape the security posture of a major aviation hub and contribute to the safety and security of millions of passengers and employees. The position demands a high level of integrity, discretion, and commitment to upholding the highest security standards. A proven ability to lead and inspire teams in high-pressure environments is essential.
This advertiser has chosen not to accept applicants from your region.

Head of Blockchain Security & Compliance (Remote)

BT1 1 Belfast, Northern Ireland £80000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is a pioneering force in the decentralized finance (DeFi) space and is seeking a highly specialized Head of Blockchain Security & Compliance to lead their efforts in ensuring the integrity and safety of their blockchain operations. This is a fully remote position, empowering you to shape the security posture of cutting-edge blockchain protocols from anywhere. You will be responsible for developing and implementing robust security strategies, identifying potential vulnerabilities, and ensuring compliance with evolving regulatory landscapes within the cryptocurrency and blockchain industry. The ideal candidate will possess a deep technical understanding of blockchain technologies, smart contract security, cryptography, and network security principles. You will lead a team of security analysts and compliance officers, fostering a culture of vigilance and continuous improvement. Key responsibilities include conducting thorough security audits of smart contracts and blockchain infrastructure, developing incident response plans, and overseeing penetration testing. You will stay abreast of emerging threats and vulnerabilities specific to the blockchain ecosystem and implement proactive measures to mitigate risks. Compliance is a critical aspect of this role; you will ensure adherence to relevant AML (Anti-Money Laundering), KYC (Know Your Customer), and other regulatory frameworks impacting digital assets. You will liaise with legal and regulatory bodies, providing expert guidance and representing the company in compliance matters. Experience in developing and managing security policies, procedures, and best practices is essential. This remote role requires exceptional leadership, communication, and problem-solving skills, enabling you to effectively manage a distributed team and collaborate with various internal and external stakeholders. If you are passionate about securing the future of blockchain technology and possess a strong track record in cybersecurity and regulatory compliance within the crypto space, this is an unparalleled opportunity. We are looking for a visionary leader who can build and maintain a secure and compliant blockchain ecosystem, protecting our assets and user trust. Your ability to navigate complex technical challenges and regulatory environments will be crucial for success.
Responsibilities:
  • Develop and implement comprehensive security strategies for blockchain platforms and protocols.
  • Lead security audits of smart contracts, decentralized applications (dApps), and blockchain infrastructure.
  • Identify and mitigate potential security vulnerabilities and threats.
  • Oversee incident response planning and execution for security breaches.
  • Ensure compliance with relevant regulations (e.g., AML, KYC) for the cryptocurrency industry.
  • Develop and maintain security policies, standards, and best practices.
  • Manage penetration testing and vulnerability assessment programs.
  • Liaise with legal teams and regulatory authorities on compliance matters.
  • Lead and mentor a team of security and compliance professionals.
  • Stay current with emerging blockchain security trends and technologies.
Qualifications:
  • Proven experience in blockchain security, cybersecurity, or a related field.
  • Deep understanding of blockchain technology, smart contracts, cryptography, and network security.
  • Experience with security auditing tools and methodologies.
  • Knowledge of regulatory frameworks relevant to cryptocurrencies and digital assets (AML, KYC).
  • Strong leadership and team management skills, particularly in a remote setting.
  • Excellent analytical, problem-solving, and decision-making abilities.
  • Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field.
  • Relevant security certifications (e.g., CISSP, CISM) are a plus.
This advertiser has chosen not to accept applicants from your region.

Senior Aviation Security Compliance Manager - Remote

NR1 1QB Norwich, Eastern £60000 Annually WhatJobs

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a leading international aviation services provider, is seeking a highly experienced Senior Aviation Security Compliance Manager to join their dedicated team. This is a fully remote position, offering the flexibility to work from your home office anywhere in the UK. You will be responsible for ensuring that all aviation security operations and procedures meet stringent national and international regulatory requirements, including those set by the CAA, EASA, and ICAO. Your core duties will involve developing, implementing, and maintaining comprehensive aviation security compliance programs, conducting regular audits and risk assessments, and managing security-related training initiatives. The ideal candidate will possess a deep understanding of aviation security legislation, threat assessment methodologies, and best practices in security management. You will liaise with regulatory bodies, airport authorities, airlines, and other stakeholders to ensure continuous compliance and identify areas for improvement. This role requires exceptional analytical and problem-solving skills, meticulous attention to detail, and the ability to manage complex compliance frameworks. You will lead investigations into security breaches, develop corrective action plans, and promote a robust security culture throughout the organisation. Experience in developing security policies, procedures, and contingency plans is essential. Strong leadership, excellent communication, and report-writing skills are vital for this position. You will play a critical role in safeguarding aviation operations against security threats, ensuring the highest standards of safety and security are upheld globally, all while working remotely.
Responsibilities:
  • Develop, implement, and manage aviation security compliance programs.
  • Ensure adherence to national and international aviation security regulations (CAA, EASA, ICAO).
  • Conduct regular internal and external audits of security procedures and facilities.
  • Perform risk assessments and develop mitigation strategies for security threats.
  • Manage security-related training programs for staff and contractors.
  • Investigate security incidents and breaches, recommending and implementing corrective actions.
  • Liaise with regulatory authorities, airports, and airlines on security matters.
  • Develop and update aviation security policies, procedures, and contingency plans.
  • Promote and foster a strong security-conscious culture within the organisation.
  • Prepare detailed reports on compliance status, audit findings, and security performance.
Qualifications:
  • Extensive experience (7+ years) in aviation security management and compliance.
  • In-depth knowledge of international aviation security regulations and standards.
  • Proven experience in developing and implementing security management systems.
  • Strong understanding of risk assessment and threat analysis methodologies.
  • Experience in conducting audits and investigations.
  • Excellent leadership, communication, and stakeholder management skills.
  • Proficiency in developing security policies and procedures.
  • Ability to work independently and manage projects in a remote environment.
  • Relevant professional certifications in aviation security (e.g., ASIS, ICAO/IATA).
  • Bachelor's degree in Aviation Management, Security Management, or a related field is desirable.
This advertiser has chosen not to accept applicants from your region.

Security Engineer, Compliance

London, London Zebedee

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Security Engineer, Compliance

Application Deadline:

12 October 2025nDepartment:

EngineeringnEmployment Type:

Full TimenLocation:

Remote

Description

The ZBD app lets users jump into a universe of games and apps, connect with friends and earn Bitcoin while having fun. ZBD also empowers developers to embed bitcoin payments into video games and applications, such as podcasting and music streaming. ZBD’s unique proposition enables these partner developers to better monetize their games and apps by allowing users to receive micro-rewards for actions taken in the game or app. ZBD provides this functionality by leveraging Bitcoin and the Lightning Network protocol.nThe business comprises almost 70 employees - across business development, marketing, compliance, operations, engineering, customer success and customer support - from Los Angeles to New York, London, Amsterdam and São Paulo.nZBD is a fully remote company. We hire, retain and develop the best talent from around the world. As a result, every member of the ZBD team must demonstrate an ability to work independently and thrive in a remote environment.

ZBD is seeking a Security Compliance Engineer to design, implement, and maintain our organization's security compliance framework and risk management programs. This role bridges technical security implementation with regulatory compliance and risk assessment. You should be comfortable working in a

growth-stage startup , with comfort navigating ambiguity and fast-paced environments. Come build, secure, automate, and monitor with the ZBD team!

Key Responsibilities

Design, implement, and maintain security solutions to address vulnerabilities and risks within ZBD systemsnWork closely with the software engineers and developers to establish and keep a strong security compliance posturenDevelop and enforce technical security standards, patterns, and best practices to establish and maintain a consistent and robust security posture across ZBD systemsnProactively identify and address security & policy gaps in existing systems and architectures, recommending and implementing enhancements to strengthen ZBD’s overall security posturenContribute to the development and maintenance of security documentation, including policies, procedures, and technical guidesnBring and keep ZBD systems, processes, and procedures into compliance with relevant compliance frameworks (SOC 2, DORA, GDPR, PCI DSS, etc.)nDevelop and maintain cloud recovery and backup solutions to ensure availability and business continuitynParticipate in an On-Call rotationnDocument processes & procedures

Skills, Knowledge and Expertise

3+ years of experience in security governance, cloud and application security assessments, risk management, and/or third party risk.nThorough understanding of cybersecurity principles, cloud security, and identity and access managementnFirm grasp on cloud computing principlesnDemonstrated experience with Infrastructure as Code using Terraform/OpenTofu.nWorking knowledge of Linux.nExperience with metrics gathering, alerting, reporting.nExperience with CI/CD pipelines.nAbility to design, implement, and improve cybersecurity solutions.nAbility to balance cybersecurity initiatives with business initiatives.nAbility to identify and analyze potential methods of attack.

Bonus

Setup Gitlab CI/CD pipelines.nExperience with AWS Organizations and Multi Accounts.nHas participated in efforts to keep compliance with SOC 2 controlsnExperience in developing or working with SIEM or log management solutions.nKnowledge of, and experience working with Bitcoin and Lightning Network software.

#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security compliance Jobs in United Kingdom !

HTA IT Cyber & Security Compliance Manager- Human Tissue Authority

Care Quality Commission

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

HTA IT Cyber & Security Compliance Manager- Human Tissue Authority Sa lary: Grade 2: £30,000 - £42,000 per annum, successful candidates can be expected to be appointed at the minimum of the band

Contracte d Hours: Full time - 36 hours per week

Contract Type: Permanent

Location: Homebased or Hybrid working (London-based office)

Closing Date: Monday 20th October 2025 at 11.59pm

Telephone Interviews: TBC

Final Interview: TBC

Please note CQC are advertising this role on behalf of the Human Tissue Authority

This role is NOT open to applications from those who will require sponsorship under the points-based system. Should you apply for this role and be found to require sponsorship, your application will be rejected, and any provisional offer of employment withdrawn.

About the Human Tissue Authority.
The Human Tissue Authority's (HTA's) primary goal is to protect public and professional confidence in the safe and ethical use of human tissue.
We are the national independent regulator for organisations that remove, store and use tissue for research, medical treatment, post-mortem examination, teaching and public display. We also approve organ and bone marrow donations from living people. With the interests of the public and those we regulate at the centre of our work, we aim to maintain confidence by ensuring that human tissue is used safely and ethically, with proper consent.

Why this could be a great role for you.
An opportunity has become available within HTA's Data, Technology & Development team for an experienced IT professional to join the team. The role will be responsible for ensuring best practices against Cyber Security Frameworks, identifying and managing cyber security threats and maintaining a strong IT security posture. This role is hands-on with the successful candidate being able to generate accurate reporting and bring proposed solutions to the Head of IT to mitigate any identified threats. This role will also work closely with our third-party to support the delivery of a safe and secure network infrastructure.What you will bring.
To succeed in the role, you will have experience as an IT professional (or similar) with working experience and technical expertise, strong data analytical knowledge and application, with a passion for Cyber Security.
You will be an effective communicator who is willing to make challenging and fair decisions about potential risk identified in our Cyber Landscape, produce evidential based reporting to back up the identification and present suitable mitigation solutions to manage the potential risk.
As the role is varied, you will also be able to manage multiple tasks and workstreams simultaneously, ensuring effective prioritisation in line with emerging needs.
Your role is vital in ensuring the HTA remains secure and that our people, data and technology are protected from Cyber Threats and potential Attack.

In summary you will:
  • Complete daily proactive checks of our core essential functions, recording any potential threats and advising the Head of IT on mitigations and remediations.
  • Guide, inform and support the submission of compliance-based assessments mandated by the Government such as the Cyber Assessment Framework.
  • Attend and engage as an advocate for the HTA in forums and conferences to help gauge knowledge and experiences across other ALB organisations.
  • Proactively analyse and report against potential third-party threats from external sources.
    Maintain and record potential risks against the IT Risk Register, escalating these to the Head of IT where appropriate.
  • Support other business leaders within the organisation around their security posture. Aid and support their development in enhancing their knowledge.
    Supporting on the reporting mechanisms for the Director of Data, Technology and Development, Head of IT and ARAC.
  • Identify and implement new security measures to improve the Cyber Security posture of the HTA.
  • Analyse and monitor inbound and outbound mail flow to identify any potential risks and escalate accordingly.
    Work closely with our Third-Party support on all aspects of IT in collaboration with the IT Business Systems and Operations Manager.
  • Lead on the annual Penetration and Vulnerability Assessment, working with potential stakeholders and suppliers to ratify any potential threats.
  • In conjunction with the IT Business Systems and Operations Manager provide support, guidance and cover as necessary to maintain the provision of a core IT service.
  • Evaluate and analyse tools that operate within an Artificial Intelligent framework. Looking at tools that will provide early warning to potential threats.
  • Contribute as instructed in the review and implementation of HTA IT policies to ensure compliance and adherence across all policies
  • Lead on the development and implementation of a programme of regular Cyber Security and wider system spot checks reviewing the resilience and reliability of systems, analysing access controls and elevated security rights.
  • Analyse and review the usage of our Data across all HTA Core Systems to ensure that data is stored, managed and transmitted in line with GDPR and HTA policies.
  • Gather and maintain working evidence of good security management to align with the requirements and assurances within the Cyber Assessment Framework.
  • Lead on the development of a programme to perform regular recovery validation exercises to analyse the validity of our backups and ensure that these are fit for purpose.
  • Monitor activity user account activity to provide assurance on adherence to policies and respond to any activity that may appears suspicious.
  • Manage any Cyber Security Incident working with any associated third parties, reporting these through the business hierarchy.
  • Work closely with our Third-Party on any Respond to an NHS Cyber Alert (RTANCA) notification.

Essential Criteria
A degree or equivalent qualification in IT.
A minimum of 3 yrs work experience in IT and within a Cyber Security based role.
Excellent communication and interpersonal skills to write and verbalise potential complex issues and reports.
Ability to work independently and across multi-functional teams in a homeworking environment, with collaboration to help deliver secure services.
Excellent written and oral communication skills, including the ability to communicate complex information and key messages to stakeholders at a range of levels and with varying expertise.
Strong interpersonal skills, including the ability to influence and collaborate with stakeholders and establish good working relationships.
Demonstrably identifies and understands the value / contribution of stakeholders and effectively creates open, creative, constructive, timely and inclusive engagement.
Experience of being able to effectively prioritise and organise work, including while under pressure.

Desirable criteria
Knowledge of the NHS digital frameworks and being a member of the CAN
Understanding on project management methodologies and previous experience of project delivery and support
Previous delivery of the Data Protection Security Toolkit and understanding of compliance-based frameworks.

What we can offer you.
Your health and wellbeing is important to us and we support you through generous annual leave (32.5 days, plus eight Bank Holidays), a cycle to work scheme, a subsidised gym membership and an eye care initiative. We also offer membership of the NHS pension scheme.
While our office is based in Stratford, London, we offer a flexible office-based contract (requiring a minimum of 1 day a week in the office) or a remote-working home-based contract (requiring you to attend the office when there is a business need). We ensure that our home-based workers are also kitted out with what they need to comfortably work from home.
We welcome candidates from all backgrounds, and especially welcome individuals from underrepresented groups.

Individual adjustments.
We are committed to being open and transparent around our processes and we endeavour to offer every candidate the opportunity to perform at their best throughout the recruitment process. We seek to support candidates to identify potential challenges and work with them to identify and facilitate reasonable adjustments as appropriate. Should you require assistance and/or would like to request a reasonable adjustment at any stage of the recruitment process, please contact a member of the team via email:

A Note on AI
AI tools can be great for research and refining ideas, but we want to learn about you. If you use AI or Chatbots to help you with your application, keep these points in mind:
  • AI can support research, structuring and refining your writing, but your application must reflect your real skills and experience.
  • Spell-checking and condensing word counts are great ways to use AI effectively.
  • Do not copy and paste AI generated answers. These will not help you stand out; remember we want to hear about your skills and experience.
  • Providing false and insincere examples goes against our core values of honesty and integrity and may lead to your application being withdrawn or termination of your employment.


For further information please download the job description: JD - IT & Cyber Security Compliance Officer - FINAL.docx
This advertiser has chosen not to accept applicants from your region.

Information Security and Compliance Lead

Derbyshire, East Midlands £50000 - £60000 Annually Hays Technology

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

permanent

Information Security & Compliance Lead

Chesterfield

50,000 to 60,000+ Excellent Benefits


Your new company

Hays Technology are recruiting for an Information Security & Compliance Lead to join a large public sector organisation based in the Chesterfield area. You will be reporting to the Head of Digital, Data & Technology. This is a new role to establish and make your own.


Your new role

In your new role, you will be responsible for ensuring the security and protection of the organisation's information systems, networks, and data, whilst playing a critical role in developing and implementing information security strategies, policies, and procedures to safeguard the organisation's digital assets and mitigating potential risks.
You will oversee information security, compliance, and risk management practices based on industry-accepted information security and risk management frameworks, whilst establishing and maintaining an incident response plan, including incident detection, response, investigation, and resolution, to minimise the impact of security incidents.


What you'll need to succeed

  • Demonstrable experience of implementing and maintaining information security frameworks e.g. ISO27001 within a medium/large sized public sector organisation
  • Solid stakeholder management and mentoring skills
  • Information Security,Cyber Security, Assurance and vulnerability management would be ideal
  • Comprehensive knowledge of Information Security Management Systems with the ability to scope, design, and implement such systems
  • Strong ICT infrastructure, application, and cloud technical skills would be advantageous
  • Evidenced knowledge and understanding of ISO(phone number removed), ITIL, and Prince 2 management practices
  • Ability to lead the workforce, increasing their skills and knowledge in relation to information security


What you'll get in return

This exciting position is paying between 50,000 and 60,000 and offers an excellent work life balance including: generous annual leave, hybrid working, a public sector employer contribution pension scheme, flexibility, training, and development opportunities.

What you need to do now


If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Compliance Jobs