1,914 Security Specialists jobs in the United Kingdom

The Information Security Analyst will be responsible for assuring information security and managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes. They will be responsible for the collection, processing, preservation, analysis, and presentation of evidence in support of information security activities.

Main tasks:

 Maintains and improves information security solutions for organization systems and products that comply with all applicable security policies, standards, and regulatory framework

Establishes, implements, and maintains information assurance programs, requirements, and standards based on the analysis of user, policy, regulatory, and resource demands

uthors and updates security documentation to include, but not limited to, standards, policy, system security plans, contingency plans, standard operating procedures, and configuration management plans

nalyzes information assurance-related technical problems and provides engineering and technical support for solving these problems

dentifies, reports, and resolves security violations while also proactively seeks to uncover indicators of compromise

acilitates, performs analysis, and stores appropriate artifacts to respond to audits to comply with regulatory frameworks

nsures employees and third parties understand, acknowledge, and fulfill all applicable information security policies

onducts computer forensic analysis, data recovery, eDiscovery, and other IT investigative work while collaborating with fraud examiners, legal counsel, human resources (HR), and other IT technical personnel in investigations

ompiles and analyzes data for management reporting and metrics

nalyzes potential impact of new threats and communicates risks to relevant business units by monitoring information security related websites to stay up to date on current attacks and trends

Requirements

1. Bachelor's degree or relevant professional certification with less than 1 year relevant work experience OR 1 year relevant work experience

2. Self-motivated and possessing of a high sense of urgency and personal integrity

3. Instinctive and creative with the highest ethical standards and values

4. Excellent investigative skills, problem-solving, insatiable curiosity, and an innate drive to win

5. Technical knowledge of system security vulnerabilities and remediation techniques for identity, authentication, authorization, data, and access controls

6. An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business

7. An ability to identify and assesses the severity and potential impact of risks and communicate to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance

8. Technical expertise in following industry best practices and standards in digital evidence acquisition, handling, and documentation

Benefits

• Competitive salary and bonus scheme
• Hybrid working
• Rentokil Initial Reward Scheme
• 23 days holiday, plus 8 bank holidays
• Employee Assistance Programme
• Death in service benefit
• Healthcare
• Free parking

At Rentokil Initial, our customers and colleagues represent diverse backgrounds and experiences. We take pride in being an equal opportunity employer, actively encouraging applications from individuals from all walks of life. Our belief is that everyone irrespective of age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs, has the potential to thrive and contribute.

We embrace the differences that make each of our colleagues unique, fostering an inclusive environment where everyone can be their authentic selves and feel a sense of belonging. To ensure that your journey with us is accessible if you have any individual requirements we invite you to communicate any specific needs or preferences you may have during any stage of the recruitment process. Our team is available to support you; feel free to reach out to ( ) if you need anything

Be Yourself in Your Application! At Rentokil Initial, we value innovation, but we want to see the real you! While AI can help with structure and grammar, make sure your application shows your true passion and understanding of the role. A personal touch will help you stand out. 

Information Security Analyst

We are looking for an Information Security Analyst working as part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will involve vulnerability management, making sure security controls are functioning, mentorship of more junior members and working as part of a 24 x 7 remote support rota.

If you have experi.

WHJS1_UKTJ

Job Title: Information Security Compliance Analyst

Location: Hertfordshire, UK (Hybrid)

Contract: 12-Month Fixed Term (Salaried)

Are you passionate about cybersecurity, compliance, and driving risk management strategies? We’re seeking an experienced Information Security Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System.

This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business.

Requirements:

• ISO 27001 Lead Implementer or Auditor certification (essential).
• Demonstrated experience in an Information Security or IT Governance role.
• Strong knowledge of frameworks like ISO 27001/27002, NIST, GDPR, and related standards.
• Proven ability to manage audits, compliance reporting, and security training programs.
• Excellent stakeholder management, communication, and analytical skills.

This is an exciting opportunity for someone who thrives in a fast-paced, regulated environment and wants to make a real impact in protecting systems, data, and operations across multiple regions.

If you'd like to hear more about the roles and discuss an application, Click APPLY or reach out directly with your CV and a good time to speak at .

About Planet Pharma:

Planet Pharma is an American parented Employment Business/Agency that provides global staffing services with its head-quarters in Chicago and our EMEA regional office located in Central London. We have invested significantly in creating a robust international platform that enables us to work compliantly in 30+ countries with a current network of 2500+ active contractors globally as well as a very strong permanent / direct hire recruitment offering.

Our specialist knowledge and close relationships with our clients and the wider industry really makes us unique in our field. Just recently we were recognised by FORBES as the 17th best professional staffing firm, and have won multiple awards from industry accredited bodies for our commitment to excellence and service delivery. We have extensive functional expertise including: Regulatory Affairs, Pharmacovigilance, QA, QC, Submissions experts, Clinical development, Quality, Biostatistics, and Medical Affairs / Writing.

We are an equal opportunities Recruitment Business and Agency. We welcome applications from all suitably qualified candidates regardless of their race, sex, disability, religion/belief, sexual orientation or age.

Information Security Assurance Specialist - Permanent

Up to £41,500

Eastleigh (Hybrid - one day a week in office)

Are you ready to take your security career to the next level?

We're working with a leading organisation to recruit an Information Security Assurance & Architecture Specialist for a permanent role based in Eastleigh , with just one day a week in the office . This is a fantastic opportunity .

WHJS1_UKTJ

Information Security Manager

70,000- 75,000 PA

Central London

Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.

The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.

Responsibilities:

• Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
• Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
• Actively contribute to ISO processes, strategies and problem-solving
• Use prior ISO experience to support certification readiness
• Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
• Handle varied and complex security challenges, from system reviews to high-level risk assessments
• Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing

Requirements:

• Experience with ISO 27001 is essential
• Strong background in cyber security management
• Proven experience in identifying and mitigating security risks#
• Ability to make actionable recommendations for security improvements
• Experience with GDPR and data protection, together with knowledge of IS standards
• Security assessment frameworks (threat modelling, controls assessment, risk assessment)
• Relevant qualifications; CISSP, CISM or similar would be beneficial.

Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.

Information Security Manager

70,000- 75,000 PA

Central London

Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.

The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.

Responsibilities:

• Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
• Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
• Actively contribute to ISO processes, strategies and problem-solving
• Use prior ISO experience to support certification readiness
• Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
• Handle varied and complex security challenges, from system reviews to high-level risk assessments
• Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing

Requirements:

• Experience with ISO 27001 is essential
• Strong background in cyber security management
• Proven experience in identifying and mitigating security risks#
• Ability to make actionable recommendations for security improvements
• Experience with GDPR and data protection, together with knowledge of IS standards
• Security assessment frameworks (threat modelling, controls assessment, risk assessment)
• Relevant qualifications; CISSP, CISM or similar would be beneficial.

Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.

Information Security Officer

Hybrid – Home & London | Permanent | £68,000 | 35 hrs/week (flexible)

A rare and brilliant opportunity to join this international development children’s charity, as their new Information Security Officer . You'll be the expert, working closely with the Chief Information Officer and other senior leaders to embed security practices across systems, suppliers, and staff. You’ll be joining a small but impactful Technology team where the culture is collaborative and down-to-earth. You’ll have the autonomy to get stuck in, alongside the backing to develop professionally, whether that’s through security qualifications or broader leadership skills.

What you will be doing

As Information Security Officer , you’ll lead the implementation of the organisation’s cyber security plans.

• Act as subject matter expert on information security across the organisation
• Ensure compliance with standards like Cyber Essentials Plus and CIS .
• Oversee third-party security providers and outsourced ICT services.
• Manage incident response planning, investigations, and reporting.
• Deliver engaging training to build a strong security culture.
• Collaborate with Legal and Data Protection teams to ensure GDPR compliance.
• Stay ahead of evolving threats and technologies to drive continuous improvement.
• Opportunity to influence at board level without people management responsibilities

What we are looking for

What matters most is your hands-on experience navigating real-world security challenges and your ability to see both the technical and human side of data protection.

You should have:

• Proven experience in ICT security management and incident response (CIS and Cyber Essential Plus).
• Strong technical knowledge of Microsoft 365, Azure, and cloud security.
• Familiarity with frameworks like ISO 27001, NIST, and CIS.
• Excellent communication skills and a pragmatic, risk-based mindset.
• Relevant certifications (e.g. AZ-500, CISSP, CISM, CCSP) are highly desirable.

This role offers hyrbid working (1-2 days/week in office) as well as open discussion around different working patterns i.e 9-day fortnight and varied start/finish times. The organisation values professional development and had a learning & development fund for certifications and career growth. A strong emphasis on wellbeing and work-life balance within a supportive, inclusive culture that welcomes applicants from all backgrounds.

To apply, please submit your up-to-date CV by the 26th of August 2025 at 5.00 PM . Cover letters are not required.

Please note, only successful applicants will be contacted with further information.

We want you to have every opportunity to demonstrate your skills, ability and potential; please contact us if you require any assistance or adjustment so that we can help with making the application process work for you.

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform

• £70–80k base + 10% bonus
• Hybrid in London
• Training budget for certifications + conference attendance
• Strong emphasis on professional autonomy and ethical leadership

A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.

This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.

What you’ll bring:

• 5+ years in InfoSec, IT Security or Ops within a regulated environment
• Certification required: CISSP, CISM, CRISC, or equivalent
• Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
• Confident with security risk assessments, audit responses, and policy governance
• Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
• Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
• Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice

What you’ll be doing:

• GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
• Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
• Security awareness & training: manage phishing simulations and content using Proofpoint
• Security architecture reviews: support technical assessments of new systems and services
• Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
• Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
• Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews

Tech & tools you’ll use:

• Protecht – Enterprise risk and audit management
• Panorays – Third-party risk tooling
• Rapid7 / Armis – Vulnerability management and threat detection
• Proofpoint – Phishing and awareness platform
• Microsoft Purview – Data governance and compliance
• Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)

Why this role?

• High-impact GRC project work tied to new market expansion
• Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
• A clear opportunity to stretch across awareness, compliance, and operational domains

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform

• £70–80k base + 10% bonus
• Hybrid in London
• Training budget for certifications + conference attendance
• Strong emphasis on professional autonomy and ethical leadership

A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.

This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.

What you’ll bring:

• 5+ years in InfoSec, IT Security or Ops within a regulated environment
• Certification required: CISSP, CISM, CRISC, or equivalent
• Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
• Confident with security risk assessments, audit responses, and policy governance
• Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
• Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
• Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice

What you’ll be doing:

• GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
• Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
• Security awareness & training: manage phishing simulations and content using Proofpoint
• Security architecture reviews: support technical assessments of new systems and services
• Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
• Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
• Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews

Tech & tools you’ll use:

• Protecht – Enterprise risk and audit management
• Panorays – Third-party risk tooling
• Rapid7 / Armis – Vulnerability management and threat detection
• Proofpoint – Phishing and awareness platform
• Microsoft Purview – Data governance and compliance
• Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)

Why this role?

• High-impact GRC project work tied to new market expansion
• Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
• A clear opportunity to stretch across awareness, compliance, and operational domains

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform