70 Security Leadership jobs in the United Kingdom
Head of Security Strategy and Performance
Telford, West Midlands
HMRC
Posted today
Job Viewed
Job Description
To apply direct for this role please visit Civil Service Jobs and quote ref no.
HMRC Security helps protect HMRC by demonstrating statutory compliance, responding to complex threats and ensure we maintain revenue to the state. In particular, inspiring public trust by protecting citizens' data and assets from harm. Our aims are:
- Protect HMRC from security risk.
- Defend against security incidents.
- Improv.
This advertiser has chosen not to accept applicants from your region.
0
Head of Security Strategy and Performance
Manchester, North West
HMRC
Posted today
Job Viewed
Job Description
To apply direct for this role please visit Civil Service Jobs and quote ref no.
HMRC Security helps protect HMRC by demonstrating statutory compliance, responding to complex threats and ensure we maintain revenue to the state. In particular, inspiring public trust by protecting citizens' data and assets from harm. Our aims are:
- Protect HMRC from security risk.
- Defend against security incidents.
- Improv.
This advertiser has chosen not to accept applicants from your region.
1
Sr. Manager, Security Risk Management
Paisley, Scotland
ThermoFisher Scientific
Posted 1 day ago
Job Viewed
Job Description
**Work Schedule**
Standard (Mon-Fri)
**Environmental Conditions**
Office
**Job Description**
When you're part of Thermo Fisher Scientific, you'll do challenging work, and join a team that values performance, quality and innovation. As part of a successful, growing global organization you will be encouraged to perform at your best. With revenues of more than $40 billion and the largest investment in R&D in the industry, we give our people the resources and chances to create significant contributions to the world.
**Sr. Manager, Security Risk Management**
Based in Paisley, Scotland.
**Job Description:**
This outstanding role focuses on safeguarding our world-class team and assets at Thermo Fisher Scientific. As the Sr. Manager, Risk Management, you will be identifying, analyzing, and implementing solutions to protect our personnel, information, and property. Your validated expertise in physical security, risk assessment, investigations, and threat management will be essential in preventing workplace violence.
**The Sr. Manager must:**
+ Collaborate effectively with various collaborator groups and in a cross-functional capacity.
+ Identify gaps and risks in the Global Security program and build action/mitigation plans.
+ Handle real-time risk assessment and mitigation of threats in both traditional and virtual environments.
+ Develop global security policies, standards, procedures, training, and awareness programs.
+ Conduct M&A due diligence assessments while maintaining confidentiality.
+ Assess and update the current security site inspection program, including inspecting locations, working with on-site teams, and tracking mitigation actions.
+ Apply the security case management system for tracking and logging investigations, site inspections, and action items.
+ Support the training of employees and locations regarding security protocols.
+ Maintain and leverage technical tools to handle wireless threats.
+ Investigate security violations, crises, unsafe acts, and coordinate mitigation strategies.
+ Work closely with the Global Security Operations Center (GSOC), EHS, and other collaborators on crisis response.
+ Liaison with external industry resources such as law enforcement and emergency responders.
+ Coordinate logistics for Executive Protection travel.
+ Develop travel security protocols and training for high-risk destinations.
**Qualifications**
+ 12+ years of experience in security, risk management, travel security, workplace violence management, and executive protection.
+ Prior corporate security experience preferred.
+ Prior Law Enforcement experience preferred.
+ Strong understanding of Duty of Care laws and concepts.
+ Vendor management experience strongly preferred.
+ Knowledge and certification in Threat Assessment methodology strongly preferred.
**Education**
+ Bachelor's degree or equivalent experience in Criminal Justice, Information Systems, Security Management, or a related field strongly preferred.
+ Former Law Enforcement experience preferred.
**Benefits**
We offer competitive remuneration, annual incentive plan bonus, healthcare, and a range of employee benefits. Thermo Fisher Scientific offers employment with an innovative, forward-thinking organization, and outstanding career and development prospects. We provide an exciting company culture that stands for integrity, intensity, involvement, and innovation!
Our Mission is to enable our customers to make the world healthier, cleaner and safer. Watch as our colleagues explain 5 reasons to work with us. As one team of 100,000+ colleagues, we share a common set of values - Integrity, Intensity, Innovation and Involvement - working together to accelerate research, solve complex scientific challenges, drive technological innovation and support patients in need. #StartYourStory at Thermo Fisher Scientific, where diverse experiences, backgrounds and perspectives are valued.
**Apply today! Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.
Standard (Mon-Fri)
**Environmental Conditions**
Office
**Job Description**
When you're part of Thermo Fisher Scientific, you'll do challenging work, and join a team that values performance, quality and innovation. As part of a successful, growing global organization you will be encouraged to perform at your best. With revenues of more than $40 billion and the largest investment in R&D in the industry, we give our people the resources and chances to create significant contributions to the world.
**Sr. Manager, Security Risk Management**
Based in Paisley, Scotland.
**Job Description:**
This outstanding role focuses on safeguarding our world-class team and assets at Thermo Fisher Scientific. As the Sr. Manager, Risk Management, you will be identifying, analyzing, and implementing solutions to protect our personnel, information, and property. Your validated expertise in physical security, risk assessment, investigations, and threat management will be essential in preventing workplace violence.
**The Sr. Manager must:**
+ Collaborate effectively with various collaborator groups and in a cross-functional capacity.
+ Identify gaps and risks in the Global Security program and build action/mitigation plans.
+ Handle real-time risk assessment and mitigation of threats in both traditional and virtual environments.
+ Develop global security policies, standards, procedures, training, and awareness programs.
+ Conduct M&A due diligence assessments while maintaining confidentiality.
+ Assess and update the current security site inspection program, including inspecting locations, working with on-site teams, and tracking mitigation actions.
+ Apply the security case management system for tracking and logging investigations, site inspections, and action items.
+ Support the training of employees and locations regarding security protocols.
+ Maintain and leverage technical tools to handle wireless threats.
+ Investigate security violations, crises, unsafe acts, and coordinate mitigation strategies.
+ Work closely with the Global Security Operations Center (GSOC), EHS, and other collaborators on crisis response.
+ Liaison with external industry resources such as law enforcement and emergency responders.
+ Coordinate logistics for Executive Protection travel.
+ Develop travel security protocols and training for high-risk destinations.
**Qualifications**
+ 12+ years of experience in security, risk management, travel security, workplace violence management, and executive protection.
+ Prior corporate security experience preferred.
+ Prior Law Enforcement experience preferred.
+ Strong understanding of Duty of Care laws and concepts.
+ Vendor management experience strongly preferred.
+ Knowledge and certification in Threat Assessment methodology strongly preferred.
**Education**
+ Bachelor's degree or equivalent experience in Criminal Justice, Information Systems, Security Management, or a related field strongly preferred.
+ Former Law Enforcement experience preferred.
**Benefits**
We offer competitive remuneration, annual incentive plan bonus, healthcare, and a range of employee benefits. Thermo Fisher Scientific offers employment with an innovative, forward-thinking organization, and outstanding career and development prospects. We provide an exciting company culture that stands for integrity, intensity, involvement, and innovation!
Our Mission is to enable our customers to make the world healthier, cleaner and safer. Watch as our colleagues explain 5 reasons to work with us. As one team of 100,000+ colleagues, we share a common set of values - Integrity, Intensity, Innovation and Involvement - working together to accelerate research, solve complex scientific challenges, drive technological innovation and support patients in need. #StartYourStory at Thermo Fisher Scientific, where diverse experiences, backgrounds and perspectives are valued.
**Apply today! Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.
This advertiser has chosen not to accept applicants from your region.
2
Manager, EMEA Security Program Management
Coinbase
Posted 14 days ago
Job Viewed
Job Description
Ready to be pushed beyond what you think you're capable of?
At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system.
To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems.
Our is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be.
While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.
*Team/ Role Paragraph:* Coinbase is looking for a seasoned Program Manager to join our Security Programs team, leading the end-to-end delivery of critical compliance and security initiatives across EMEA. You'll act as the "connective tissue" between our regulated entities (including Ireland, Germany, UK and beyond) and our global shared services, ensuring that security standards are upheld and risks are mitigated at scale. In this role, you'll maintain an objective view of cross-functional priorities, coach stakeholders to make data-driven decisions, and amplify our "Most Trusted" brand. If you thrive in fast-paced environments, enjoy collaborating across multiple time zones, and are passionate about securing billions of dollars in digital assets, let's talk.
*What you'll be doing (ie. job duties):*
* Lead EMEA-focused security programmes by designing, launching and managing comprehensive compliance tracks across multiple jurisdictions, while liaising daily with U.S. shared-service partners
* Drive 1st- and 2nd-line security programs in risk, controls, operations to chart a clear path to achieve business outcomes under MiCA, DORA, BAIT, GDPR and local frameworks
* Collaborate with Information Security and Technology Risk and Controls teams to identify and manage risks, evolve controls, ensure compliance with applicable frameworks (SOX, SOC2 and ISO27001) and meet business objectives
* Own the roadmap by defining success metrics, adoption targets and delivery milestones; monitor progress using both qualitative insights and quantitative KPIs
* Identify cross-functional blockers proactively, assess impacts, and present clear mitigation plans to senior leadership
* Continuously refine security templates, playbooks and metrics so they remain simple, repeatable and scalable across new markets
* Mentor and grow a diverse team of program managers and contractors across EMEA and support the buildout of APAC
*What we look for in you (ie. job requirements):*
* 8+ years in programme or project management roles, with 5+ years in *security, risk or compliance*
* 3+ years managing and developing high-performing teams; excellent leadership and people-management skills, with the ability to inspire, coach, and hold a distributed team accountable.
* Native-level fluency in English, with proven ability to translate complex security and risk concepts for a predominantly U.S.-based leadership and engineering audience
* Proven track record in a highly regulated ecosystem such as FinTech, payments or financial services
* Hands-on experience managing outsourced security providers and tracking SLAs/KPIs to ensure delivery
* Deep familiarity with EMEA frameworks (MiCA, DORA, BAIT, GDPR) and experience implementing cyber/security frameworks (NIST CSF, SOC2, ISO27001)
* Strong ability to design straightforward processes that flex to solve novel challenges and evolving regulations
* Excellent at distilling complex security risks into clear, concise updates for both technical teams and C-level stakeholders
* Comfortable working in a distributed, multi-cultural environment across EMEA
*Nice to haves:*
* Broad understanding of security domains and controls, especially in M&A contexts
* Experience leveraging automation or AI to accelerate programme delivery
* Exposure to all three lines of defence (1st, 2nd and 3rd) in a financial services setting
* Familiarity with crypto and blockchain technologies
Job #: P69458
*Pay Transparency Notice: *The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision).
Pay Range:
£106,100-£106,100 GBP
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
Commitment to Equal Opportunity
Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the in certain locations, as required by law.
Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations Data Privacy Notice for Job Candidates and Applicants
Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available Disclosure
For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.
For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.
*The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact mailto:
At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system.
To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems.
Our is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be.
While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.
*Team/ Role Paragraph:* Coinbase is looking for a seasoned Program Manager to join our Security Programs team, leading the end-to-end delivery of critical compliance and security initiatives across EMEA. You'll act as the "connective tissue" between our regulated entities (including Ireland, Germany, UK and beyond) and our global shared services, ensuring that security standards are upheld and risks are mitigated at scale. In this role, you'll maintain an objective view of cross-functional priorities, coach stakeholders to make data-driven decisions, and amplify our "Most Trusted" brand. If you thrive in fast-paced environments, enjoy collaborating across multiple time zones, and are passionate about securing billions of dollars in digital assets, let's talk.
*What you'll be doing (ie. job duties):*
* Lead EMEA-focused security programmes by designing, launching and managing comprehensive compliance tracks across multiple jurisdictions, while liaising daily with U.S. shared-service partners
* Drive 1st- and 2nd-line security programs in risk, controls, operations to chart a clear path to achieve business outcomes under MiCA, DORA, BAIT, GDPR and local frameworks
* Collaborate with Information Security and Technology Risk and Controls teams to identify and manage risks, evolve controls, ensure compliance with applicable frameworks (SOX, SOC2 and ISO27001) and meet business objectives
* Own the roadmap by defining success metrics, adoption targets and delivery milestones; monitor progress using both qualitative insights and quantitative KPIs
* Identify cross-functional blockers proactively, assess impacts, and present clear mitigation plans to senior leadership
* Continuously refine security templates, playbooks and metrics so they remain simple, repeatable and scalable across new markets
* Mentor and grow a diverse team of program managers and contractors across EMEA and support the buildout of APAC
*What we look for in you (ie. job requirements):*
* 8+ years in programme or project management roles, with 5+ years in *security, risk or compliance*
* 3+ years managing and developing high-performing teams; excellent leadership and people-management skills, with the ability to inspire, coach, and hold a distributed team accountable.
* Native-level fluency in English, with proven ability to translate complex security and risk concepts for a predominantly U.S.-based leadership and engineering audience
* Proven track record in a highly regulated ecosystem such as FinTech, payments or financial services
* Hands-on experience managing outsourced security providers and tracking SLAs/KPIs to ensure delivery
* Deep familiarity with EMEA frameworks (MiCA, DORA, BAIT, GDPR) and experience implementing cyber/security frameworks (NIST CSF, SOC2, ISO27001)
* Strong ability to design straightforward processes that flex to solve novel challenges and evolving regulations
* Excellent at distilling complex security risks into clear, concise updates for both technical teams and C-level stakeholders
* Comfortable working in a distributed, multi-cultural environment across EMEA
*Nice to haves:*
* Broad understanding of security domains and controls, especially in M&A contexts
* Experience leveraging automation or AI to accelerate programme delivery
* Exposure to all three lines of defence (1st, 2nd and 3rd) in a financial services setting
* Familiarity with crypto and blockchain technologies
Job #: P69458
*Pay Transparency Notice: *The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, and vision).
Pay Range:
£106,100-£106,100 GBP
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
Commitment to Equal Opportunity
Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the in certain locations, as required by law.
Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations Data Privacy Notice for Job Candidates and Applicants
Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available Disclosure
For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.
For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.
*The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact mailto:
This advertiser has chosen not to accept applicants from your region.
3
Information Security Manager
London, London
£70000 - £75000 Annually
Context Recruitment
Posted 3 days ago
Job Viewed
Job Description
Information Security Manager
70,000- 75,000 PA
Central London
Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.
The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.
Responsibilities:
- Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
- Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
- Actively contribute to ISO processes, strategies and problem-solving
- Use prior ISO experience to support certification readiness
- Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
- Handle varied and complex security challenges, from system reviews to high-level risk assessments
- Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing
Requirements:
- Experience with ISO 27001 is essential
- Strong background in cyber security management
- Proven experience in identifying and mitigating security risks#
- Ability to make actionable recommendations for security improvements
- Experience with GDPR and data protection, together with knowledge of IS standards
- Security assessment frameworks (threat modelling, controls assessment, risk assessment)
- Relevant qualifications; CISSP, CISM or similar would be beneficial.
Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.
This advertiser has chosen not to accept applicants from your region.
4
Information Security Manager
EC1 London, London
Context Recruitment
Posted 3 days ago
Job Viewed
Job Description
Information Security Manager
70,000- 75,000 PA
Central London
Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.
The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.
Responsibilities:
- Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
- Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
- Actively contribute to ISO processes, strategies and problem-solving
- Use prior ISO experience to support certification readiness
- Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
- Handle varied and complex security challenges, from system reviews to high-level risk assessments
- Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing
Requirements:
- Experience with ISO 27001 is essential
- Strong background in cyber security management
- Proven experience in identifying and mitigating security risks#
- Ability to make actionable recommendations for security improvements
- Experience with GDPR and data protection, together with knowledge of IS standards
- Security assessment frameworks (threat modelling, controls assessment, risk assessment)
- Relevant qualifications; CISSP, CISM or similar would be beneficial.
Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.
This advertiser has chosen not to accept applicants from your region.
5
Information Security Adviser
Bristol, South West
The Boeing Company
Posted 7 days ago
Job Viewed
Job Description
**Job Description**
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Boeing delivers leading-edge platforms, technology, services, and capabilities to bring the best value to the Ministry of Defence and UK national security services.
Employing more than 2,100 people, Boeing Defence UK provides long-term support for more than 120 Boeing military rotary-wing and fixed-wing aircrafts in the UK. For example, the Chinook and Apache helicopters, and the Poseidon and C-17 airplanes. Our support ranges from mission critical Logistics Information Services, next generation in-flight digital tools, to aircraft and operational modelling and simulation methodology.
Leveraging our established defence business in the UK, and blending our local expertise with our 'One Boeing' global approach, Boeing Defence UK is well positioned to support the UK with its current and future defence and security challenges.
An exciting opportunity has arisen for an **Information Security Adviser** to join **Boeing Defence UK** in the support of the Defence Equipment Engineering and Asset Management System (DEEAMS) programme.
Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence UK (BDUK), including information security and assurance, personnel security, business continuity and counter threat support and risk advice. The successful candidate would be a part of a supportive team of around 26, with access to varied work and opportunities to progress their career alongside the growth of the business. At Boeing we're committed to rewarding excellence and fostering an inclusive environment where team members are seen, heard, valued, respected and fully engaged.
The successful candidate will work alongside other Boeing Security Advisers to deliver the security aspects of bringing a new information services solution into service whilst working with both the UK customer and collaborating with external suppliers and other agencies. The role will be expected to: produce security artefacts associated with implementing and maintaining the new solution, preparing security assurance evidence, liaise with the customer and other agencies as required and deliver other programme contractual deliverables as required.
The post holder will also have experience of information security, defence security management and defence cyber protection partnership processes. Post initial operating capability the role will be supportive in maintaining the continued authority to operate by maintaining the Information Security Management System throughout the Sustainment phase of the programme.
**Please note: this role is subject to successful Contract Award. This is an on-site role based in Bristol, with flexibility for occasional remote working at the discretion of the management team.**
**Position Responsibilities:**
+ Identifying security risks within complex information systems and developing for implementation, effective and risk balanced security measures
+ Supporting Supply Chain Security Assurance through application of the Defence Cyber Protection Partnership (DCPP) and other relevant standards and policies
+ Providing security documentation and evidence to meet HMG (MOD) security assurance requirements
+ Liaison with customers, Delivery Team Security Leads, and technical authorities, including attendance at Security Working Groups
+ Supporting security analysis of operational environments, threats, vulnerabilities and internal interfaces to define and assess compliance to accepted industry and government standards
+ Contributing to the development of information governance and risk management structures and processes
+ Assisting in the integration of information assurance activities with the system engineering, design and manufacturing elements of new business ventures and programmes
+ Engaging with stakeholders, the engineering team and sub-contractors to provide direction, guidance and support on acceptable and balanced information security solutions
+ Supporting the creation of business and user focused security policies, procedures, processes and operational guidance for the compliant delivery of customer information security requirements
+ Maintaining knowledge of technology development (both hardware and software), threat actors, tools and techniques and the risk implications for information security
+ Deliver programme security onboarding training to the Boeing programme team
+ Provide ad hoc security advice to the Boeing DEEAMS delivery team
+ Preferred Qualifications/Education
+ Ideally qualified to degree level (or equivalent) OR with substantial relevant information security experience, particularly within a similar role in UK Government or Defence
+ Relevant industry security certifications would be advantageous (e.g. SC2 Certified in Cyber Security (CC), CISMP, CCP (Ex-CLAS), CISSP, CISM).
+ Knowledge/Competences
**Basic Qualifications (Required Skills/Experience):**
+ Knowledge and understanding of MOD and Government information security policy, standards and guidance.
+ Experience of assuring IT systems in a secure government environment (MOD)
+ Understanding of systems and security verification, validation, testing and evaluation approaches.
+ Experience in generation of information security Risk Assessments, Risk Treatment Plans.
+ Experience in the specification and development of effective and balanced information assurance solutions or approaches.
+ Ability to analyse the security aspects of business risks
+ Pragmatic approach to the recommendation of security controls.
+ Ability to plan, prioritise and manage own workload with limited day-to-day supervision, but know when to seek assistance/escalate.
**Preferred Qualifications (Desired Skills/Experience):**
+ Experience of working within a multinational matrix management environment/ structure and a large-scale, complex international organization, but also within small teams, would be highly advantageous.
+ Experience of working with and assurance/gaining authority to operate information system related platforms and communication networks
+ Information assurance experience across Cloud services and Systems Engineering, Development Lifecycle would be preferred.
+ Experience of participating in developing security solutions in response to customer requirements.
+ Experience of SAP or other Enterprise Resource Planning systems.
+ Experience of systems rollout and hyper care activities.
+ Detailed understanding of data protection controls and practices.
+ Knowledge of computer security audit and investigative techniques is desirable.
+ General:
+ Effective written and verbal communication skills with ability to adapt depending on audience; ability to explain technical issues in simple language to non-technical consumers is essential.
+ Ability to contribute to cost, schedule adherence, and technical performance trade-offs.
+ Clear task focus with ability to separate out and communicate key elements from extraneous detail.
+ Team player with a collaborative working mindsets, especially with cross functional teams.
+ An independent self-starter with a proactive mindset.
**Work Authorisation:**
This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants.
Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.
Applications for this position will be accepted until **Sept. 06, 2025**
**Export Control Requirements:** This is not an Export Control position.
**Relocation**
Relocation assistance is not a negotiable benefit for this position.
**Security Clearance**
This position requires the ability to acquire a UK security Clearance for which the UK Government requires UK residency. The successful candidate will hold, or have the ability to acquire, Security Clearance (SC).
**Visa Sponsorship**
Employer will not sponsor applicants for employment visa status.
**Shift**
Not a Shift Worker (United Kingdom)
**Contingent Upon Program Reward**
The position is contingent upon program award
**Equal Opportunity Employer:**
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law.
We have teams in more than 65 countries, and each person plays a role in helping us become one of the world's most innovative, diverse and inclusive companies. We are a Disability Confident Committed employer and welcome applications from candidates with disabilities. Applicants are encouraged to share with our recruitment team any accommodations required during the recruitment process. Accommodations may include but are not limited to: conducting interviews in accessible locations that accommodate mobility needs, encouraging candidates to bring and use any existing assistive technology such as screen readers and offering flexible interview formats such as virtual or phone interviews.
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Boeing delivers leading-edge platforms, technology, services, and capabilities to bring the best value to the Ministry of Defence and UK national security services.
Employing more than 2,100 people, Boeing Defence UK provides long-term support for more than 120 Boeing military rotary-wing and fixed-wing aircrafts in the UK. For example, the Chinook and Apache helicopters, and the Poseidon and C-17 airplanes. Our support ranges from mission critical Logistics Information Services, next generation in-flight digital tools, to aircraft and operational modelling and simulation methodology.
Leveraging our established defence business in the UK, and blending our local expertise with our 'One Boeing' global approach, Boeing Defence UK is well positioned to support the UK with its current and future defence and security challenges.
An exciting opportunity has arisen for an **Information Security Adviser** to join **Boeing Defence UK** in the support of the Defence Equipment Engineering and Asset Management System (DEEAMS) programme.
Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence UK (BDUK), including information security and assurance, personnel security, business continuity and counter threat support and risk advice. The successful candidate would be a part of a supportive team of around 26, with access to varied work and opportunities to progress their career alongside the growth of the business. At Boeing we're committed to rewarding excellence and fostering an inclusive environment where team members are seen, heard, valued, respected and fully engaged.
The successful candidate will work alongside other Boeing Security Advisers to deliver the security aspects of bringing a new information services solution into service whilst working with both the UK customer and collaborating with external suppliers and other agencies. The role will be expected to: produce security artefacts associated with implementing and maintaining the new solution, preparing security assurance evidence, liaise with the customer and other agencies as required and deliver other programme contractual deliverables as required.
The post holder will also have experience of information security, defence security management and defence cyber protection partnership processes. Post initial operating capability the role will be supportive in maintaining the continued authority to operate by maintaining the Information Security Management System throughout the Sustainment phase of the programme.
**Please note: this role is subject to successful Contract Award. This is an on-site role based in Bristol, with flexibility for occasional remote working at the discretion of the management team.**
**Position Responsibilities:**
+ Identifying security risks within complex information systems and developing for implementation, effective and risk balanced security measures
+ Supporting Supply Chain Security Assurance through application of the Defence Cyber Protection Partnership (DCPP) and other relevant standards and policies
+ Providing security documentation and evidence to meet HMG (MOD) security assurance requirements
+ Liaison with customers, Delivery Team Security Leads, and technical authorities, including attendance at Security Working Groups
+ Supporting security analysis of operational environments, threats, vulnerabilities and internal interfaces to define and assess compliance to accepted industry and government standards
+ Contributing to the development of information governance and risk management structures and processes
+ Assisting in the integration of information assurance activities with the system engineering, design and manufacturing elements of new business ventures and programmes
+ Engaging with stakeholders, the engineering team and sub-contractors to provide direction, guidance and support on acceptable and balanced information security solutions
+ Supporting the creation of business and user focused security policies, procedures, processes and operational guidance for the compliant delivery of customer information security requirements
+ Maintaining knowledge of technology development (both hardware and software), threat actors, tools and techniques and the risk implications for information security
+ Deliver programme security onboarding training to the Boeing programme team
+ Provide ad hoc security advice to the Boeing DEEAMS delivery team
+ Preferred Qualifications/Education
+ Ideally qualified to degree level (or equivalent) OR with substantial relevant information security experience, particularly within a similar role in UK Government or Defence
+ Relevant industry security certifications would be advantageous (e.g. SC2 Certified in Cyber Security (CC), CISMP, CCP (Ex-CLAS), CISSP, CISM).
+ Knowledge/Competences
**Basic Qualifications (Required Skills/Experience):**
+ Knowledge and understanding of MOD and Government information security policy, standards and guidance.
+ Experience of assuring IT systems in a secure government environment (MOD)
+ Understanding of systems and security verification, validation, testing and evaluation approaches.
+ Experience in generation of information security Risk Assessments, Risk Treatment Plans.
+ Experience in the specification and development of effective and balanced information assurance solutions or approaches.
+ Ability to analyse the security aspects of business risks
+ Pragmatic approach to the recommendation of security controls.
+ Ability to plan, prioritise and manage own workload with limited day-to-day supervision, but know when to seek assistance/escalate.
**Preferred Qualifications (Desired Skills/Experience):**
+ Experience of working within a multinational matrix management environment/ structure and a large-scale, complex international organization, but also within small teams, would be highly advantageous.
+ Experience of working with and assurance/gaining authority to operate information system related platforms and communication networks
+ Information assurance experience across Cloud services and Systems Engineering, Development Lifecycle would be preferred.
+ Experience of participating in developing security solutions in response to customer requirements.
+ Experience of SAP or other Enterprise Resource Planning systems.
+ Experience of systems rollout and hyper care activities.
+ Detailed understanding of data protection controls and practices.
+ Knowledge of computer security audit and investigative techniques is desirable.
+ General:
+ Effective written and verbal communication skills with ability to adapt depending on audience; ability to explain technical issues in simple language to non-technical consumers is essential.
+ Ability to contribute to cost, schedule adherence, and technical performance trade-offs.
+ Clear task focus with ability to separate out and communicate key elements from extraneous detail.
+ Team player with a collaborative working mindsets, especially with cross functional teams.
+ An independent self-starter with a proactive mindset.
**Work Authorisation:**
This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants.
Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.
Applications for this position will be accepted until **Sept. 06, 2025**
**Export Control Requirements:** This is not an Export Control position.
**Relocation**
Relocation assistance is not a negotiable benefit for this position.
**Security Clearance**
This position requires the ability to acquire a UK security Clearance for which the UK Government requires UK residency. The successful candidate will hold, or have the ability to acquire, Security Clearance (SC).
**Visa Sponsorship**
Employer will not sponsor applicants for employment visa status.
**Shift**
Not a Shift Worker (United Kingdom)
**Contingent Upon Program Reward**
The position is contingent upon program award
**Equal Opportunity Employer:**
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law.
We have teams in more than 65 countries, and each person plays a role in helping us become one of the world's most innovative, diverse and inclusive companies. We are a Disability Confident Committed employer and welcome applications from candidates with disabilities. Applicants are encouraged to share with our recruitment team any accommodations required during the recruitment process. Accommodations may include but are not limited to: conducting interviews in accessible locations that accommodate mobility needs, encouraging candidates to bring and use any existing assistive technology such as screen readers and offering flexible interview formats such as virtual or phone interviews.
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Security leadership Jobs in United Kingdom !
6
Information Security Manager
Birmingham, West Midlands
NTT America, Inc.
Posted 14 days ago
Job Viewed
Job Description
**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now
This advertiser has chosen not to accept applicants from your region.
7
Information Security Manager
Prism Digital
Posted today
Job Viewed
Job Description
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
- £70–80k base + 10% bonus
- Hybrid in London
- Training budget for certifications + conference attendance
- Strong emphasis on professional autonomy and ethical leadership
A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.
This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.
What you’ll bring:
- 5+ years in InfoSec, IT Security or Ops within a regulated environment
- Certification required: CISSP, CISM, CRISC, or equivalent
- Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
- Confident with security risk assessments, audit responses, and policy governance
- Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
- Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
- Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice
What you’ll be doing:
- GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
- Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
- Security awareness & training: manage phishing simulations and content using Proofpoint
- Security architecture reviews: support technical assessments of new systems and services
- Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
- Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
- Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews
Tech & tools you’ll use:
- Protecht – Enterprise risk and audit management
- Panorays – Third-party risk tooling
- Rapid7 / Armis – Vulnerability management and threat detection
- Proofpoint – Phishing and awareness platform
- Microsoft Purview – Data governance and compliance
- Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)
Why this role?
- High-impact GRC project work tied to new market expansion
- Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
- A clear opportunity to stretch across awareness, compliance, and operational domains
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
This advertiser has chosen not to accept applicants from your region.
8
Information Security Officer
London, London
TPP Recruitment
Posted today
Job Viewed
Job Description
Information Security Officer
Hybrid – Home & London | Permanent | £68,000 | 35 hrs/week (flexible)
A rare and brilliant opportunity to join this international development children’s charity, as their new Information Security Officer . You'll be the expert, working closely with the Chief Information Officer and other senior leaders to embed security practices across systems, suppliers, and staff. You’ll be joining a small but impactful Technology team where the culture is collaborative and down-to-earth. You’ll have the autonomy to get stuck in, alongside the backing to develop professionally, whether that’s through security qualifications or broader leadership skills.
What you will be doing
As Information Security Officer , you’ll lead the implementation of the organisation’s cyber security plans.
- Act as subject matter expert on information security across the organisation
- Ensure compliance with standards like Cyber Essentials Plus and CIS .
- Oversee third-party security providers and outsourced ICT services.
- Manage incident response planning, investigations, and reporting.
- Deliver engaging training to build a strong security culture.
- Collaborate with Legal and Data Protection teams to ensure GDPR compliance.
- Stay ahead of evolving threats and technologies to drive continuous improvement.
- Opportunity to influence at board level without people management responsibilities
What we are looking for
What matters most is your hands-on experience navigating real-world security challenges and your ability to see both the technical and human side of data protection.
You should have:
- Proven experience in ICT security management and incident response (CIS and Cyber Essential Plus).
- Strong technical knowledge of Microsoft 365, Azure, and cloud security.
- Familiarity with frameworks like ISO 27001, NIST, and CIS.
- Excellent communication skills and a pragmatic, risk-based mindset.
- Relevant certifications (e.g. AZ-500, CISSP, CISM, CCSP) are highly desirable.
This role offers hyrbid working (1-2 days/week in office) as well as open discussion around different working patterns i.e 9-day fortnight and varied start/finish times. The organisation values professional development and had a learning & development fund for certifications and career growth. A strong emphasis on wellbeing and work-life balance within a supportive, inclusive culture that welcomes applicants from all backgrounds.
To apply, please submit your up-to-date CV by the 26th of August 2025 at 5.00 PM . Cover letters are not required.
Please note, only successful applicants will be contacted with further information.
We want you to have every opportunity to demonstrate your skills, ability and potential; please contact us if you require any assistance or adjustment so that we can help with making the application process work for you.
This advertiser has chosen not to accept applicants from your region.
9