Security Compliance Manager

London, London Thinking Search

Posted today

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international travel may be required Candidate Requirements ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards 5 years’ experience in IT or Security audits, assessments or compliance management Strong understanding of Cyber Essentials Plus, risk management, and security controls Sound technical understanding of systems, networks, and security architecture best practices Excellent written and verbal communication skills, with the ability to engage senior stakeholders High attention to detail, analytical capability and strong organisational skills Ability to work cross-functionally and influence internal and external stakeholders Familiarity with control design, vulnerability management, and third-party risk management This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment. Hybrid working and salary up to £95,000 Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided. Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit
This advertiser has chosen not to accept applicants from your region.

Security Compliance Manager

London, London Thinking Search

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS).


The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies.


Responsibilities

  • Serve as the primary liaison for client and internal security and compliance audits
  • Manage and maintain the firm’s ISO 27001 ISMS and related deliverables
  • Coordinate internal and external security assessments and certification schedules
  • Lead ISO 27001 audits and manage relationships with certification agencies
  • Manage client security assessments and responses to security questionnaires and RFPs
  • Collaborate with technical, risk and business teams to identify and remediate control gaps
  • Maintain documentation and reporting to ensure compliance with regulatory standards
  • Develop recommendations for control enhancements and process improvements
  • Represent the firm’s security posture to clients and partners
  • Occasional international travel may be required


Candidate Requirements

  • ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards
  • 5+ years’ experience in IT or Security audits, assessments or compliance management
  • Strong understanding of Cyber Essentials Plus, risk management, and security controls
  • Sound technical understanding of systems, networks, and security architecture best practices
  • Excellent written and verbal communication skills, with the ability to engage senior stakeholders
  • High attention to detail, analytical capability and strong organisational skills
  • Ability to work cross-functionally and influence internal and external stakeholders
  • Familiarity with control design, vulnerability management, and third-party risk management


This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment.


Hybrid working and salary up to £95,000


Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided.


Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit

This advertiser has chosen not to accept applicants from your region.

Security Compliance Manager

London, London Thinking Search

Posted today

Job Viewed

Tap Again To Close

Job Description

An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies. Responsibilities Serve as the primary liaison for client and internal security and compliance audits Manage and maintain the firm’s ISO 27001 ISMS and related deliverables Coordinate internal and external security assessments and certification schedules Lead ISO 27001 audits and manage relationships with certification agencies Manage client security assessments and responses to security questionnaires and RFPs Collaborate with technical, risk and business teams to identify and remediate control gaps Maintain documentation and reporting to ensure compliance with regulatory standards Develop recommendations for control enhancements and process improvements Represent the firm’s security posture to clients and partners Occasional international travel may be required Candidate Requirements ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards 5 years’ experience in IT or Security audits, assessments or compliance management Strong understanding of Cyber Essentials Plus, risk management, and security controls Sound technical understanding of systems, networks, and security architecture best practices Excellent written and verbal communication skills, with the ability to engage senior stakeholders High attention to detail, analytical capability and strong organisational skills Ability to work cross-functionally and influence internal and external stakeholders Familiarity with control design, vulnerability management, and third-party risk management This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment. Hybrid working and salary up to £95,000 Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided. Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit
This advertiser has chosen not to accept applicants from your region.

Security Compliance Engineer

£45000 - £85000 annum Kuba

Posted 616 days ago

Job Viewed

Tap Again To Close

Job Description

Permanent

The Security Compliance Engineer is a crucial member of our security team, responsible for ensuring our organisation's adherence to PCI standards and other relevant security regulations. This role involves implementing and maintaining secure payment environments, managing key encryption and decryption processes, and providing technical guidance for security compliance projects. The ideal candidate will have a strong understanding of PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and Amazon Web Services (AWS). They will also have excellent problem-solving skills, a hands-on approach to work, and the ability to communicate complex security concepts to a non-technical audience. Relevant certifications in information security and AWS are a plus.


About Kuba

We are a fast-growing SaaS company with offices in the UK, France, South Africa, Italy and the US. We believe that efficient public transport is key to delivering positive, sustainable change.

Kuba is in the transport sector, but we are a technology provider that enables Ticketing-as-a-Service (TaaS). We offer cutting-edge ticketing technology coupled with broad practical sector experience.

It's an exciting time to work at Kuba as we are accelerating into an incredible period of growth, and you'll have a chance to grow with us.


Responsibilities
  • Implement and maintain secure payment environments, including data encryption, secure networks, and secure transaction systems in compliance with PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and AWS best practices.
  • Conduct regular audits to ensure secure handling of cardholder data and compliance with PCI, AWS, and other relevant security standards.
  • Develop and implement security policies and procedures related to data protection, network security, and incident management to ensure compliance with PCI standards, AWS best practices, and other relevant regulations.
  • Manage key encryption and decryption processes, ensuring secure key management.
  • Provide technical guidance and support for all security compliance projects.
  • Collaborate with various teams to ensure security standards are met across all projects.
  • Stay updated on the latest security standards, systems, and authentication protocols, including AWS security services and features.
  • Participate in the creation and or maintenance of the Information Security Management System.

Requirements

  • Proven experience in a technical role managing security compliance, preferably with a focus on PCI standards and AWS. Experience in roles such as Security Analyst, Security Engineer, or similar is preferred.
  • Strong knowledge of PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and AWS.
  • Expertise in key management, encryption/decryption processes, and AWS security services and features.
  • Familiarity with various network architectures, cloud services, system management practices, process improvement strategies, and AWS infrastructure.
  • Strong problem-solving skills and a hands-on approach to tackling challenges.
  • Excellent communication skills, with the ability to explain complex security concepts to non-technical team members.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or AWS Certified Security - Specialty are a plus.

Benefits

Salary and benefits commensurate with position

This advertiser has chosen not to accept applicants from your region.

Information Security Manager - Compliance & Governance

EC2M 1BN London, London £70000 Annually WhatJobs

Posted 3 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking an experienced Information Security Manager to oversee their compliance and governance initiatives. This critical hybrid role, based in the heart of **London, England**, will ensure the organization adheres to relevant security standards, regulations, and best practices. The successful candidate will play a pivotal role in shaping and maintaining a robust security posture.

Responsibilities:
  • Develop, implement, and manage information security policies, procedures, and standards.
  • Oversee compliance with relevant regulations such as GDPR, ISO 27001, SOC 2, and other industry-specific mandates.
  • Conduct regular security risk assessments and vulnerability management activities.
  • Manage internal and external security audits, ensuring timely remediation of findings.
  • Develop and maintain the organization's business continuity and disaster recovery plans.
  • Oversee the security awareness training program for all employees.
  • Manage third-party risk by assessing the security posture of vendors and partners.
  • Liaise with legal, compliance, and internal audit teams to ensure integrated security governance.
  • Lead incident response planning and coordination efforts.
  • Stay informed about evolving security threats and regulatory landscapes.
  • Provide expert advice on security best practices and risk mitigation strategies to senior management and business units.
  • Manage and develop a team of security professionals focused on governance and compliance.
Qualifications:
  • Bachelor's degree in Information Security, Computer Science, or a related field. Master's degree or advanced certifications are a plus.
  • Minimum of 7 years of progressive experience in information security, with a strong focus on governance, risk, and compliance (GRC).
  • Proven experience in implementing and managing security frameworks like ISO 27001, NIST CSF, or similar.
  • In-depth knowledge of data privacy regulations (e.g., GDPR).
  • Experience with security audit processes and vulnerability management tools.
  • Strong understanding of risk assessment methodologies and business continuity planning.
  • Excellent leadership, communication, and stakeholder management skills.
  • Ability to work effectively in a hybrid work environment, balancing remote work with essential office presence.
  • Relevant certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
  • Ability to translate complex technical security concepts into business terms.
This hybrid role in **London, England**, offers a dynamic work environment where you can lead crucial security governance functions. Our client is committed to fostering a culture of security excellence and provides ample opportunities for professional growth.
This advertiser has chosen not to accept applicants from your region.

Security and Compliance Manager (London)

London, London Deskpro

Posted 244 days ago

Job Viewed

Tap Again To Close

Job Description

Permanent

Deskpro, a leading provider of help desk software, is seeking a Security and Compliance Manager to join our team. As a Security and Compliance Manager at Deskpro, you will be responsible for ensuring the security and compliance of our software and systems, as well as implementing and enforcing policies and procedures to safeguard sensitive data.

We take security seriously, and we work with many enterprise and government clients. In this role, you will have the opportunity to make an impact and contribute to the continued success of Deskpro as a trusted provider of secure help desk solutions.

Responsibilities:

  • Manage all existing security and compliance security policies, practices, procedures and systems
  • Where required, develop and implement additional security policies, practices and procedures
  • Ensure compliance with relevant industry standards and regulations
  • Monitor and assess potential security risks and vulnerabilities
  • Design and implement security controls, including authentication, encryption, and access controls
  • Perform regular security audits and vulnerability assessments
  • Engage with customers and prospects regarding custom security and compliance requests
  • Conduct security incident response and investigations
  • Educate and train employees on security best practices
  • Maintain awareness of emerging security threats and solutions
  • Collaborate with cross-functional teams to implement security measures
  • Stay up-to-date with industry trends and best practices in security and compliance

Requirements

  • Proven experience in a similar role, with a focus on security and compliance
  • Deep knowledge of relevant industry standards and regulations (e.g., SOC 2, ISO 27001, GDPR, HIPAA)
  • Strong understanding of security principles, technologies, and best practices
  • Experience in developing and implementing security policies and procedures
  • Familiarity with security tools and technologies, such as intrusion detection systems, firewalls, and data encryption
  • Ability to assess and mitigate security risks
  • Excellent communication and interpersonal skills
  • Ability to work independently and collaboratively in a fast-paced environment
  • Attention to detail and strong analytical skills
  • Relevant certifications (e.g., CISSP, CISM, CRISC) are a plus

Benefits

Competitive benefits package including stock options. Specifics will be dependent on location (either London, UK or Austin, TX, USA).

This advertiser has chosen not to accept applicants from your region.

Information Security Governance, Risk, and Compliance (GRC) Specialist

London, London Janus Henderson Investors

Posted 19 days ago

Job Viewed

Tap Again To Close

Job Description

Why work for us?
A career at Janus Henderson is more than a job, it's about investing in a brighter future together.
Our Mission at Janus Henderson is to help clients define and achieve superior financial outcomes through differentiated insights, disciplined investments, and world-class service. We will do this by protecting and growing our core business, amplifying our strengths and diversifying where we have the right.
Our Values are key to driving our success, and are at the heart of everything we do:
Clients Come First - Always | Execution Supersedes Intention | Together We Win | Diversity Improves Results | Truth Builds Trust
If our mission, values, and purpose align with your own, we would love to hear from you!
Your opportunity
Policy Development and Management :
+ Develop and maintain comprehensive cybersecurity policies and procedures.
+ Ensure these policies align with industry standards and regulatory requirements.
+ Assist in the integration of security practices and control across various technical and non-technical departments, enhancing workflow and operational processes.
Risk Management:
+ Conduct regular risk assessments to help identify vulnerabilities and threats.
+ Collaborate and oversee the implementation of risk mitigation strategies.
+ Monitor emerging threats and evolving technologies to continuously refine risk assessment protocols.
+ Ability to design and evaluate control metrics for assessing the effectiveness of cybersecurity measures.
+ Collaborate with Enterprise risk management to embed cyber risk into broader risk registers and board-level reporting.
Compliance Management:
+ Monitor and ensure compliance with internal policies, industry standards, and regulatory requirement.
+ Engage with required stakeholders in Technology, Legal, Compliance and Internal Audit as required
+ Compile and deliver detailed compliance reports to senior management
+ Monitor upcoming regulations and prepare compliance roadmaps.
Training and Awareness:
+ Support and enhance engaging cybersecurity awareness training programs.
+ Foster a company-wide culture of cybersecurity awareness.
+ Keep current with the latest cybersecurity trends and best practices to inform training content and security measures
+ Train and guide wider Tech team members on best practices in cybersecurity risk management.
Incident Management:
+ Actively participate in the response to security incidents.
+ Support post-incident evaluations and reporting.
+ Collaborate with relevant stakeholders to devise and enforce corrective measures aimed at bolstering defences against future incidents.
Stakeholder Engagement:
+ Maintain clear and effective communication with stakeholders at all levels.
+ Provide expert guidance on cybersecurity best practices.
+ Work collaboratively with Technology and other departments to achieve comprehensive security objective
Must have skills
+ Bachelor's Degree in Information Technology, Cybersecurity, or a related field; equivalent work experience also considered.
+ 3 to 5 years of professional experience in information security.
+ Certification such as Certified Information Systems Security Professional (CISSP) strongly preferred.
+ Deep understanding of cybersecurity principles, frameworks (such as NIST, ISO/IEC 27001), and compliance standards.
+ Experience with financial service regulations and regulations such as FCA, SEC, MAS, DORA.
+ Proficient knowledge of network security principles and controls such as Firewalls, IPS/IPD, TCP/IP, DHCP, and DNS
+ Extensive experience in securing Operating Systems such as Windows, UNIX/Linux and Mac systems. This includes security access rights, implementing configuration best practices
+ Knowledge of cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid, community) and experience in implementing and managing cloud security best practices.
+ In-depth knowledge of IAM principles and technologies to manage digital identities and control user access and experience with Single Sign-On (SSO), Multi-Factor Authentication (MFA), and role-based access control (RBAC) systems to enhance security and operational efficiency.
+ Understanding of Secure DevOps / CI/CD pipeline governance
Supervisory responsibilities
+ No
You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role.
At Janus Henderson Investors we're committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from candidates from all backgrounds. Don't worry if you don't think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can't accommodate every flexible working request we're happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at
#LI-LN2 #LI-HYBRID
Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee's job functions (as determined by Janus Henderson at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants' past political contributions or activity may impact applicants' eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security compliance Jobs in London !

Information Security Manager

London, London Lawrence Harvey

Posted today

Job Viewed

Tap Again To Close

Job Description

Information Security Manager - Rail Sector, URGENT HIRE Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems cyber security assessments and risk management Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices Manage the information security incident response program Manage implementation and deployment of Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification such as CISM or CISSP Benefits: Salary between £55,000 - £70,000 Hybrid working 3 days on site, 2 days at home. Working in Euston or Birmingham office. & more Sponsorship is not available for this position and the successful candidate will be subject to toxicology screening as standard for the rail industry. We are looking for this hire ASAP so those will short (1 month or less) notice periods are encouraged to apply.
This advertiser has chosen not to accept applicants from your region.

Information Security Manager

London, London Lawrence Harvey

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

Information Security Manager - Rail Sector, URGENT HIRE


Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager.


The Role:

  • Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management.
  • Working alongside the DPO and Head of Technology to support on areas of data protection.
  • Lead collaboration with key partners for train onboard systems cyber security assessments and risk management
  • Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices
  • Manage the information security incident response program
  • Manage implementation and deployment of Information Security Management System (ISMS).
  • Line management of the internal InfoSec specialists.


Requirements

  • Extensive experience working with PCI-DSS and ISO27001
  • Strong understanding on security tools such as IDS/IPS.
  • Demonstrable experience of leading Information Security, Governance, Compliance teams.
  • Ideally a form of cybersecurity qualification such as CISM or CISSP


Benefits:

  • Salary between £55,000 - £70,000
  • Hybrid working 3 days on site, 2 days at home.
  • Working in Euston or Birmingham office.
  • & more.


Sponsorship is not available for this position and the successful candidate will be subject to toxicology screening as standard for the rail industry.


We are looking for this hire ASAP so those will short (1 month or less) notice periods are encouraged to apply.

This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Compliance Jobs View All Jobs in London