3,069 Security Risks jobs in the United Kingdom

***This role is hybrid and will require some office attendance at our Chester hub. Please only apply if you are able to attend this location regularly***

About GBG

GBG is the leading expert in global identity and location. In an increasingly digital world, GBG helps businesses grow by giving them intelligence to make the best decisions about their customers, when it matters most.

Every second, our global data, agile technology, and expert teams, power over 20,000 of the world's best-known organisations to reach and trust their customers.

Learn more at   and follow us on LinkedIn  and X @gbgplc

Why you should

• We make the world a safer place
• We trust each other and win together
• We are local experts in a global business
• We want you to be yourself
• We grow when you grow

About the team

GBG’s Information Security team of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

• Governance, Risk and Compliance
• Cyber Defence
• Product Security
• Security Architecture

The role

Support of GBG’s Information Security Risk programme, making sure It Is implemented properly with minimal risk to GBG, our customers and stakeholders.

What you will do

• Support the delivery of the GBG information security strategy including advanced and technical projects globally
• Support with raising awareness of risk identification and management within the business to align to ‘think risk first’
• Manage and maintain the information security risk register to ensure risks are managed in line with policy
• Create, manage and analyse risk management information to ensure risks are understood within the business and managed in line with expectations
• Engage with leaders within the business to manage risks in line with policy
• Develop information security risk education and awareness training within the organisation
• Conduct risk assessments of new projects
• Conduct supplier risk management activities including contract reviews
• Create, manage and maintain the Operation Resilience and Redundancy programme
• Create, manage and analyse operational resilience and redundancy information to ensure outcomes are captured and reported In line with policy
• Plan annual testing of operational resilience and support the business functions to deliver in line with expectations
• Lead and conduct annual business impact analysis activity
• Support customer and supplier requests for information security risk and operational resilience information, these could be in the form of audits or questionnaires

Requirements

• An Individual with a passion for risk management, who can translate risk to all levels of the organisation.
• Able to converse at all levels to achieve the aim of managing risk within GBG
• A team player who works well with others, who also can work well on their own
• Business risk management experience
• Risk management experience within an information security role
• Experienced with the following standards/frameworks: ISO27001. ISO22301, ISO31000, Cyber Essentials+, NIST, PCI/DSS
• Experience of using; Microsoft Lists, Jira, Power BI
• Qualified to or working towards Certified Risk Information Security Controls (CRISC)
• Qualified to Certified Information Security Management Principles (CISMP)

Behaviours we'd like to see

Benefits

Next steps

Click here to see more about what’s important to us, including our hybrid working policy, our commitment to ESG, I&D and much more.

To chat to the Talent Attraction team and find out more about our benefits, drop an email to and we’ll be in touch!

Make work for you.

• Performing risk assessments and developing mitigation strategies for identified security vulnerabilities.
• Developing, implementing, and maintaining information security policies and procedures.
• Conducting regular security audits and compliance checks against relevant standards.
• Monitoring security alerts and investigating potential security incidents.
• Managing vulnerability scanning and penetration testing activities.
• Providing security awareness training and guidance to employees.
• Collaborating with IT teams to implement security controls and solutions.
• Staying current with the latest cybersecurity threats, trends, and technologies.
• Contributing to the development and maintenance of the organisation's Business Continuity and Disaster Recovery plans.

Kurt Geiger | About Us

We are an inclusive, creative footwear and accessories brand powered by kindness. We want to empower our talent to be confident and true to themselves, the London way. London is our home, our heartbeat, and we draw inspiration from the energy and spirit of the city; its diversity and creativity. For over fifty years our team of in-house shoe and accessory designers have been creating authentic, distinctive designs from our London headquarters. The rainbow is our signature. It represents the good energy and love we have for our community and the many ways we collectively express our individual style.

We are looking for a detail-oriented and dependable GRC Analyst to join our Technology and Information Security team. This role is ideal for someone with a strong work ethic, experience in information security, and a collaborative mindset.

You will help protect our digital assets, ensure compliance with regulatory standards, and promote a security-first culture across the organisation.

Requirements

Key Responsibilities

• Coordinate and support security incident response activities.
• Support in Investigating security incident and data breaches.
• Assist with security audits and risk assessments across cloud and on-prem environments.
• Help develop and maintain security policies and standards (ISO 27001, NIST, GDPR).
• Support data protection efforts and GDPR compliance.
• Support access controls and identity management (Microsoft Entra ID, AWS IAM).
• Collaborate with teams across DevOps, IT, and digital marketing to embed security practices.
• Conduct third-party risk assessments and vendor reviews.
• Participate in change advisory boards to assess risks.
• Prepare documentation for audits and compliance reviews.
• Promote security awareness and provide guidance to teams.

Skills and Experience

• Previous experience in Information Security or a similar role.
• Experience in incident response, audits, and data privacy.
• Familiarity with cybersecurity frameworks (ISO 27001, SOC 2, NIST).
• Familiarity with SIEM/EDR tools (e.g., CrowdStrike, Microsoft Defender).
• Knowledge of cloud platforms (Azure, AWS) and security tools.
• Understanding of VPNs, firewalls, and Zero Trust principles.
• Strong communication and collaboration skills.
• Self-motivated and detail oriented.

Preferred Qualifications

• Certifications such as ISO 2700, Security+ or similar.
• Experience with risk registers and mitigation planning.
• Familiarity with GDPR breach protocols and privacy impact assessments.

What We Offer

• A collaborative and supportive work environment.
• Opportunities for professional development and certifications.
• A chance to make a meaningful impact in a security-conscious organisation.

Benefits

• Competitive basic salary
• Pension and life assurance
• Enviable discounts
• Gym Discounts
• Summer Hours - 3pm Friday finish
• Half Day, Pay Day Friday (once per month)
• RetailTrust support
• And so much more!

Our Culture  

We’re an energic fast-paced brand that embraces progress and strives for innovation. Hard work is rewarded with new opportunities at every level and kindness is celebrated in everything we do. Our summer working hours accommodate a healthy work life balance. Wellbeing is important to our working culture, which is why we nurture a friendly environment for talent to thrive in, alongside a vibrant social community.

Our Stores

The first Kurt Geiger store opened on London Bond street in 1963.  Today, our brand has global appeal and is distributed in hundreds of cities around the world. We operate over 70 stand-alone stores nationwide, including our new flagship store on London Oxford street, and in over 400 stores globally. Beyond stand-alone stores and retail pop ups, our retail partners include some of the world’s most famous department stores.

We Are One: For Love | For Diversity | For Change | For Equality | For Kindness |  For Freedom | For Unity Against Racism

• Monitor security alerts and events using SIEM and other security tools.
• Investigate and analyze security incidents, providing timely reports and recommendations.
• Assist in the development and implementation of security policies and procedures.
• Conduct vulnerability assessments and penetration testing support.
• Manage and maintain security technologies, including firewalls, IDS/IPS, and antivirus software.
• Provide security awareness training to staff.
• Stay up-to-date with the latest security threats and technologies.
• Collaborate with IT teams to ensure security best practices are followed.

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• Proven experience in information security operations or analysis.
• Familiarity with security frameworks (e.g., ISO 27001, NIST).
• Experience with SIEM tools, vulnerability scanners, and network security devices.
• Strong understanding of common cyber threats and attack vectors.
• Excellent analytical and problem-solving skills.
• Good communication and interpersonal skills.
• Ability to work effectively both independently and as part of a hybrid team.

• Monitoring security alerts and events from various systems (SIEM, IDS/IPS, firewalls).
• Investigating and responding to security incidents, including containment, eradication, and recovery.
• Conducting vulnerability assessments and penetration testing.
• Implementing and managing security controls and technologies.
• Developing and maintaining security policies, procedures, and guidelines.
• Performing security awareness training for employees.
• Assisting with security audits and compliance checks.
• Staying up-to-date with the latest cybersecurity threats and trends.
• Collaborating with IT teams to ensure the secure design and implementation of systems.
• Contributing to the development and enhancement of the organisation's overall security posture.

• Monitor and analyze security alerts and events from various security tools (SIEM, IDS/IPS, firewalls).
• Investigate and respond to information security incidents in a timely and effective manner.
• Conduct vulnerability assessments and penetration testing to identify security weaknesses.
• Develop and implement security policies, procedures, and guidelines.
• Assist in the maintenance and configuration of security technologies.
• Perform risk assessments and develop mitigation strategies.
• Contribute to security awareness training programs for employees.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure security best practices are implemented across systems and networks.
• Support audits and compliance initiatives (e.g., GDPR, PCI DSS).

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience as an Information Security Analyst or in a similar cybersecurity role.
• Solid understanding of cybersecurity frameworks and best practices (e.g., NIST, ISO 27001).
• Experience with SIEM tools, firewalls, endpoint security solutions, and vulnerability scanners.
• Knowledge of network security concepts, operating systems (Windows, Linux), and cloud security.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and collaboratively in a hybrid environment.
• Relevant certifications such as CompTIA Security+, CEH, or CISSP are highly desirable.

• Monitor security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software, for suspicious activity.
• Investigate security breaches and cyber-attacks, determining the scope and impact.
• Develop and implement security policies, procedures, and best practices.
• Conduct vulnerability assessments and penetration testing to identify and remediate weaknesses.
• Respond to security incidents, coordinating remediation efforts and post-incident analysis.
• Manage security awareness training programs for employees.
• Stay up-to-date with the latest security threats, trends, and technologies.
• Assist in the development and maintenance of incident response plans.
• Collaborate with IT teams to ensure security is integrated into all systems and applications.
• Maintain accurate records of security incidents and actions taken.
• Ensure compliance with relevant data protection regulations (e.g., GDPR).

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience in information security, cybersecurity operations, or a similar role.
• Strong understanding of network security, operating systems security, and common attack vectors.
• Experience with security tools such as SIEM, IDS/IPS, and vulnerability scanners.
• Relevant certifications such as CISSP, CompTIA Security+, CEH are highly desirable.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts clearly.
• Ability to work effectively under pressure and manage critical incidents.
• Proactive mindset towards identifying and mitigating security risks.
• Familiarity with regulatory compliance requirements is a plus.

• Conduct regular security assessments and vulnerability scans to identify potential weaknesses.
• Develop, implement, and enforce security policies and procedures.
• Monitor security systems, including firewalls, intrusion detection/prevention systems, and SIEM tools.
• Investigate and respond to security incidents, providing timely and effective remediation.
• Assist in the development and delivery of security awareness training for employees.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure security is integrated into all system designs and implementations.
• Prepare reports on security status, incidents, and recommendations for management.
• Manage and maintain security-related hardware and software.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3-5 years of experience in information security or cybersecurity roles.
• Strong understanding of security principles, frameworks (e.g., ISO 27001, NIST), and best practices.
• Hands-on experience with security tools such as SIEM, vulnerability scanners, endpoint protection, and firewalls.
• Knowledge of network security, cryptography, and threat intelligence.
• Excellent analytical and problem-solving skills.
• Strong communication and reporting abilities.
• Relevant certifications such as CISSP, CEH, or Security+ are highly desirable.