694 Security Risks jobs in the United Kingdom

***This role is hybrid and will require some office attendance at our Chester hub. Please only apply if you are able to attend this location regularly***

About GBG

GBG is the leading expert in global identity and location. In an increasingly digital world, GBG helps businesses grow by giving them intelligence to make the best decisions about their customers, when it matters most.

Every second, our global data, agile technology, and expert teams, power over 20,000 of the world's best-known organisations to reach and trust their customers.

Learn more at   and follow us on LinkedIn  and X @gbgplc

Why you should

• We make the world a safer place
• We trust each other and win together
• We are local experts in a global business
• We want you to be yourself
• We grow when you grow

About the team

GBG’s Information Security team of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

• Governance, Risk and Compliance
• Cyber Defence
• Product Security
• Security Architecture

The role

Support of GBG’s Information Security Risk programme, making sure It Is implemented properly with minimal risk to GBG, our customers and stakeholders.

What you will do

• Support the delivery of the GBG information security strategy including advanced and technical projects globally
• Support with raising awareness of risk identification and management within the business to align to ‘think risk first’
• Manage and maintain the information security risk register to ensure risks are managed in line with policy
• Create, manage and analyse risk management information to ensure risks are understood within the business and managed in line with expectations
• Engage with leaders within the business to manage risks in line with policy
• Develop information security risk education and awareness training within the organisation
• Conduct risk assessments of new projects
• Conduct supplier risk management activities including contract reviews
• Create, manage and maintain the Operation Resilience and Redundancy programme
• Create, manage and analyse operational resilience and redundancy information to ensure outcomes are captured and reported In line with policy
• Plan annual testing of operational resilience and support the business functions to deliver in line with expectations
• Lead and conduct annual business impact analysis activity
• Support customer and supplier requests for information security risk and operational resilience information, these could be in the form of audits or questionnaires

Requirements

• An Individual with a passion for risk management, who can translate risk to all levels of the organisation.
• Able to converse at all levels to achieve the aim of managing risk within GBG
• A team player who works well with others, who also can work well on their own
• Business risk management experience
• Risk management experience within an information security role
• Experienced with the following standards/frameworks: ISO27001. ISO22301, ISO31000, Cyber Essentials+, NIST, PCI/DSS
• Experience of using; Microsoft Lists, Jira, Power BI
• Qualified to or working towards Certified Risk Information Security Controls (CRISC)
• Qualified to Certified Information Security Management Principles (CISMP)

Behaviours we'd like to see

Benefits

Next steps

Click here to see more about what’s important to us, including our hybrid working policy, our commitment to ESG, I&D and much more.

To chat to the Talent Attraction team and find out more about our benefits, drop an email to and we’ll be in touch!

Make work for you.

We are seeking proactive and detail-oriented Information Security Analyst to help safeguard our clients’ digital assets and IT infrastructure. The ideal candidate will be responsible for monitoring security events , responding to incidents , and supporting continuous security risk management , compliance initiatives , and vulnerability assessments .

This is a hands-on role for professionals with strong experience in threat detection , SIEM tools , cyber risk analysis , and security best practices . You will work closely with security teams to prevent breaches , enhance cyber resilience, and ensure policy enforcement across the enterprise.

Job Responsibilities

9. Desired Skills

Job Benefits

Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform

• £60–70k base + 10% bonus
• Hybrid in Coventry with monthly travel to London
• Security certification support & career development built-in

Help shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards and BAU resilience.

You’ll focus on third-party security assessments, metrics reporting, and supporting certification frameworks including ISO27001 and SOC2. Expect close collaboration across risk, technology and compliance stakeholders. All while operating at pace, with visibility and trust from the top down.

What you’ll bring:

• 3+ years in an InfoSec or IT security role within a regulated or financial firm
• Security certifications: SSCP, Security+, or equivalent
• Strong GRC foundation: Able to interpret risk frameworks and speak the language of ISO, SOC2, NIST, etc.
• Comfortable with security tooling and metrics-driven reporting
• Confident communicator: Translate acronyms into action, and engage stakeholders with clarity and purpose
• Ethical mindset: understand when to escalate, when to challenge, and how to own your area

What you’ll be doing:

• ISO27001 & SOC2 governance: day-to-day support of the ISMS, remediation tracking, risk reviews
• Third-party risk assessments: conduct supplier security reviews aligned to appetite and regulatory frameworks
• Security awareness training: drive phishing simulations and curate internal content via Proofpoint
• BAU InfoSec operations: ticket triage, KPI reporting, risk dashboards, vulnerability and patch monitoring
• Compliance tooling: operate and report using platforms like Protecht, Panorays, Rapid7, and Armis
• Banking enablement: key InfoSec input into a major new market launch

Tech & tools you’ll use:

• Protecht – Enterprise risk & audit platform
• Panorays – Third-party risk management
• Rapid7, Armis – Vulnerability & asset visibility
• Proofpoint – Phishing simulations and awareness content
• Microsoft Purview – Data governance and policy enforcement
• Azure (beneficial) – Cloud IAM, logging, and security monitoring

Why this role?

• High-impact GRC project work tied to new market expansion
• Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
• A clear opportunity to stretch across awareness, compliance, and operational domains

Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform

• Monitor security alerts and events from various security tools (SIEM, IDS/IPS, firewalls, etc.).
• Investigate security incidents, perform root cause analysis, and recommend appropriate remediation steps.
• Conduct vulnerability assessments and penetration testing to identify and address security weaknesses.
• Develop and implement security policies, standards, and procedures.
• Assist in the management of security technologies, including firewalls, antivirus software, and endpoint detection and response (EDR) solutions.
• Provide security awareness training to employees.
• Stay current with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Contribute to the development and maintenance of incident response plans.
• Ensure compliance with relevant data protection regulations (e.g., GDPR).

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience in information security analysis, threat detection, and incident response.
• Strong understanding of networking protocols, security principles, and common attack vectors.
• Experience with SIEM tools, vulnerability scanners, and other security technologies.
• Relevant certifications such as CompTIA Security+, CISSP, or CEH are a plus.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work effectively in a hybrid environment, balancing remote and in-office duties.

• Monitor security infrastructure for threats and vulnerabilities using SIEM tools and other security solutions.
• Investigate security incidents, performing forensic analysis and recommending remediation actions.
• Implement and maintain security controls, including firewalls, intrusion detection/prevention systems, and endpoint security solutions.
• Conduct vulnerability assessments and penetration testing.
• Assist in the development and enforcement of information security policies, standards, and procedures.
• Provide security awareness training to employees.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure the security of networks, systems, and applications.
• Participate in security audits and compliance activities.
• Respond to security-related queries and provide technical support.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience in an information security role.
• Knowledge of security frameworks (e.g., ISO 27001, NIST).
• Experience with SIEM, IDS/IPS, endpoint security, and vulnerability management tools.
• Understanding of networking protocols and security concepts.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal abilities.
• Relevant certifications such as CompTIA Security+, CISSP, or CEH are a plus.

• Monitor security alerts and investigate potential security incidents.
• Respond to and manage security incidents, including containment, eradication, and recovery.
• Conduct vulnerability assessments and penetration tests.
• Analyse security logs and network traffic for suspicious activity.
• Manage and configure security tools, including SIEM, firewalls, and IDS/IPS.
• Develop and update security policies, procedures, and guidelines.
• Perform security awareness training for employees.
• Collaborate with IT teams to ensure secure system configurations.
• Stay up-to-date with the latest cybersecurity threats and trends.

• Bachelor's degree in Information Security, Computer Science, or a related field.
• 2+ years of experience in information security or cybersecurity roles.
• Strong understanding of cybersecurity principles, network security, and common vulnerabilities.
• Experience with SIEM tools, intrusion detection/prevention systems, and firewalls.
• Knowledge of incident response frameworks and procedures.
• Familiarity with vulnerability scanning and penetration testing tools.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Relevant security certifications (e.g., CompTIA Security+, CISSP) are a plus.

• Monitor security systems and logs for suspicious activities and potential security incidents.
• Investigate security alerts, analyse threat intelligence, and respond to security breaches.
• Implement, configure, and manage security tools such as firewalls, IDPS, and EDR solutions.
• Conduct vulnerability assessments, penetration testing, and risk analysis of IT systems.
• Develop, implement, and enforce information security policies, procedures, and standards.
• Assist in the development and delivery of security awareness training for employees.
• Ensure compliance with data protection regulations (e.g., GDPR) and industry standards (e.g., ISO 27001).
• Participate in security incident response planning and execution.
• Collaborate with IT teams to implement security best practices across the infrastructure.
• Stay informed about current cybersecurity threats, vulnerabilities, and mitigation techniques.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security, security operations, or incident response.
• Proficiency in security monitoring tools, SIEM platforms, and vulnerability assessment tools.
• Strong understanding of network security, cybersecurity principles, and threat landscape.
• Relevant security certifications such as CompTIA Security+, CEH, or willingness to obtain.
• Experience with cloud security (AWS, Azure) is a plus.
• Excellent analytical, problem-solving, and investigative skills.
• Strong communication and interpersonal abilities.
• Ability to work effectively both independently and as part of a team.

• Monitor and analyze security logs and alerts for potential threats.
• Conduct vulnerability assessments and penetration testing.
• Develop and implement security policies and procedures.
• Respond to security incidents and manage the incident response process.
• Perform risk assessments and recommend mitigation strategies.
• Assist in the implementation and maintenance of security technologies.
• Contribute to security awareness training programs.
• Stay updated on emerging cybersecurity threats and trends.
• Collaborate with IT and business units to ensure security best practices.
• Ensure compliance with relevant security regulations and standards.