31 Senior Sap Security Consultant jobs in London

Overview

We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture. We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols. This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value. Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.nResponsibilities

Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.nDevelop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).nConduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.nLead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.nCollaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.nDeliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.nProvide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).nOversee and lead security audits, penetration testing, and vulnerability assessments for the client.nManage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.nProvide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.nEnsure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.nQualifications

Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.nStrong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.nExperience managing and leading security operations, incident response, and risk assessments.nUnderstanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).nExperience working in a service delivery or consultancy capacity with external clients.nExcellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.nRelevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.nStrong stakeholder engagement experiences.nAbility to work independently, take initiative, and work in a dynamic environment.nProactive approach to identifying and solving problems before they escalate.nStrong leadership and mentoring skills to support junior staff and teams.nAbility to translate business needs into security solutions.nBenefits

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.nWe are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.nProven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.nNTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world. We are a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.nOur inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.nUpon joining the NTT DATA UK family, you will experience a culturally diverse organisation living our values of Clients First, Teamwork and Foresight as we partner with our customers every day. At NTT DATA UK, we are proud to support and invest in our people. We offer a variety of rewarding career paths and opportunities to develop professionally - with access to cutting edge innovation.

#J-18808-Ljbffrn

Location: London, UK (Hybrid: 2 days per week in the office)
Company: Navro – Pioneering the Future of Payments

Architecting Trust: Information Security Manager

This isn’t just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast.

We’re Navro, a rapidly scaling B2B payments startup, and we’re looking for a bold, proactive, and hands-on Information Security Manager to help safeguard our platform and operations. This is your chance to shape our security posture, instill a security first-mindset, ensure compliance with international standards, and make decisions that impact the entire business.

You won’t have layers of approval slowing you down. You will have the freedom to make real, impactful decisions from day one. This isn’t a passenger role. We’re bringing you in for your expertise and your relentless drive. You will be responsible for understanding our information assets, identifying emerging threats, and implementing robust security measures that protect Navro and our clients.

Who We Are 

We are transforming payments for global platforms and e-commerce businesses. As the world’s first payments curation platform, we simplify cross-border transactions by uniting best-in-class infrastructure into a seamless ecosystem, enabling businesses to scale and operate effortlessly across borders. Cross-border workforce payments are slow, expensive, and outdated. We can’t be. Businesses rely on us to pay their people accurately and on time - contractors, freelancers, and employees across the globe. When we say we’ll deliver, failure isn’t an option. If we don’t do what we said we would, people don’t get paid - not just a transaction delayed, but real workers left without wages. That means a developer in Argentina missing their paycheck, a freelancer in the Philippines unable to pay rent, or a contractor in Poland unable to get to work. No excuses. No passengers. No tolerance for politics or mediocrity.

Requirements

What This Role Demands:

You Own It – You’re responsible and proactive, you take the lead and make things happen.

You Ask Questions – You don’t just gather requirements; you challenge assumptions, to make us better. Why this control, why not another way?

You Fix What’s Broken – No waiting for permission. If it’s clunky or output is inconsistent, you dive in, solve, and fix it.

You’re Hands-On – One hour you’re leading on an external audit, the next assessing a critical vendor’s security posture, the next you’re deep in the vulnerability rating details with DevOps.

You Thrive in Chaos – Startups are messy. Deadlines change, priorities shift, and ambiguity is constant. You bring clarity to define workable security policies and procedures.

You Handle the Pressure – Fast-paced. High stakes. You balance multiple projects, manage tight timelines, and keep moving forward.

You’re Here for the Journey – This is career-defining. It’s hard, rewarding, and not for the faint-hearted. If you’re ready to grow alongside Navro, let’s build something amazing together.

What You’ll Be Doing:

• Day-to-day responsibility for security GRC, help build version 2.0 of Navro’s Information Security Management System. Ensure compliance to international standards and regional regulatory requirements.
• Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture.
• Successfully lead internal and external security audits - ISO 27001 / SOC2 Type II / PCI-DSS.
• Champion a company-wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security incident response and threat intelligence procedures.
• Lead, curate, and report on Navro’s on-going and persistent security awareness programme including frequent phishing testing campaigns, secure development, etc.
• Work with IT, SRE, and other key stakeholders on implementing and maintaining security policies and standards including disaster recovery and business continuity testing.
• Work with Sales and Operations on business critical procedures for onboarding/offboarding clients and vendors. Act as primary contact for security due diligence and assessments.
• Project manage initiatives with product and engineering teams to embed “security by design” into products, services, and processes.
• Help make Navro’s security posture a value proposition - develop a Trust Centre to easily present and provide security information. Work with Marketing to position excellent posture, certifications, and regulatory compliance as a product differentiator.

What We’re Looking For:

GRC Experience – You’re the go-to person for security governance, risk, and compliance. With a degree in a computer or security discipline and numerous years’ GRC experience under your belt.

Start-up – Preferably have worked in a start-up or scale-up environment before where ambiguity and chaos do not faze you.

Tool Ninja – You’re familiar with various tools and systems and have hands-on experience with market leading security tools including Vanta, KnowBe4, Google Workspace, Microsoft Entra, and Wiz.

Detail-Obsessed – You don’t miss a thing. Your attention to detail and decision-making capabilities are top-notch. You’re able to horizon scan and research effectively to find the missing details.

ISO 27001 et al – You have built and maintained an ISO 27001 certified ISMS before and led other important security audit assessments (SOC2, PCI, etc.). You may have also gained ISO 27001 Lead Auditor or alike certifications (a plus).

Collaborator Extraordinaire – Strong communications skills with the ability to explain technical and security concepts, risks, controls in business terms.

Regulation Machine – You have knowledge of payments and various related regulatory environments including FCA, EMI, DORA, PSD2 (a plus).

You may not possess every single required skill listed, and that's perfectly fine. If you have most of them, along with grit, passion, a desire to learn quickly, and the willingness to get stuck in, we encourage you to apply.

Why Navro?

• Lead and Shape the Future: This is your chance to build and grow a market from zero to one.
• Make Real Impact: Your decisions will directly shape Navro’s growth journey.
• Innovative Environment: Be at the forefront of Fintech innovation and payments disruption.
• Career-Defining Role: This isn’t just another job. It’s a legacy.

Ready to Build Something Big?

This is your chance to leave your mark. If you’re ready to lead, build, and grow with the intensity that only startups offer, we want to hear from you.

Apply now and be part of Navro’s journey to revolutionise payments with us.

Benefits

As part of this role you will receive the following:

• You will enjoy 26 days of annual leave (excluding Bank holidays)
• Volunteering & Compassionate leaves
• Maternity and Paternity leaves
• Private Healthcare 
• Company Options Scheme
• Team socials 
• Comprehensive, interactive & engaging Training - Leadership, Communication and Presentation Skills, Behavioural Profiling, Conflict Management, etc
• Career frameworks
• Flexibility surrounding other commitments; within your team we will work around child-care or other appointments you have. We just ask for advance notice!
• For those London Based 2-3 days per week in office 
• Working in a diverse and inclusive environment where we ensure that our people thrive

Navro does not accept unsolicited resumes from search firms/recruiters. Navro will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.

At La Fosse, we’re an employee-owned talent solutions business specialising in tech, digital, and change, but people are always at the heart of what we do.

Our mission is to create a working world where talent is recognised for its value, not its background. We help businesses of all sizes solve people and growth challenges through recruitment, our academy, solutions, and executive search.

What makes us different? Everyone here has a stake in the business. Being employee-owned means we all have a voice, and we all share in our success – quite literally. Through our employee ownership model, everyone benefits financially from the value we create together, with profit-sharing and long-term wealth-building opportunities built in.

We’re ambitious, collaborative, and care about doing great work with great people. There’s real focus on learning, development, and building meaningful careers, in a culture that’s grounded, inclusive, and fun.

If you’re after purpose, progression, and the chance to shape something exciting, La Fosse is the place to do it.

The Role:

We’re looking for an Experienced Consultant to join our Technology and Operations division and join one of our most profitable teams - Information Security. This is a 360 contract recruitment role where you’ll be working with both existing clients across the La Fosse network and developing new business opportunities. You’ll partner closely with clients to understand their needs and deliver high-impact talent solutions, while also building strong relationships with top-tier tech professionals across Europe. 

If you’re commercially driven, passionate about tech recruitment, and ready to make an impact in a high-performing, collaborative team, this could be the perfect next step. 

The Team: 

You’ll be joining a team of 14 who are one of our highest performing teams in the business, the top biller in this division achieved over £1.1m in 2024. So far in 2025, the Security team have been consistently billing over £20k a month per head and hit 140% of their budget for H1, showcasing both their performance and the size of the opportunity for growth.

Hear from some of our team HERE about what they love about working at La Fosse. 

What will you be doing? 

• Client Partnership: Build and maintain strong client relationships, offering market insight, salary benchmarking, and talent strategy advice.  
• Business Development: Identify and win new business through networking, referrals, and proactive outreach.  
• Candidate Attraction: Source and engage high-quality candidates using platforms like LinkedIn, job boards, and your own network.  
• Recruitment Delivery: Manage the end-to-end recruitment process, from job brief to offer, ensuring a smooth, professional experience for both clients and candidates. 
• Offer & Negotiation: Support clients and candidates from negotiating terms through to managing best package for candidates at offer stage. 
• Compliance & CRM: Keep accurate records in Bullhorn and ensure alignment with GDPR, employment law, and internal standards.  
• Market Expertise: Stay ahead of industry trends and share insights to support clients’ needs.  
• Team Collaboration: Live our values of care, ambition, and humility, contributing to a high-performing, inclusive team culture. 

Requirements

We’d love to hear from you if you have: 

• Proven experience in a 360 recruitment role, ideally within the tech, digital, or change space.  
• A strong track record of business development and client relationship management.  
• Confidence sourcing talent through platforms like LinkedIn, job boards, and your own network.  
• The ability to manage the full recruitment lifecycle with professionalism and attention to detail.  
• Solid negotiation and offer management skills, with a commercial mindset.  
• Excellent communication skills, both written and verbal, with the ability to influence and build trust.  
• A collaborative, team-first mindset, with a proactive approach to hitting personal and shared targets.  
• Strong organisational skills and the ability to manage multiple roles and stakeholders at once.  
• Familiarity with CRM systems (Bullhorn experience is a plus) and an understanding of recruitment compliance and best practices. 

What are the Standards & Expectations we live by?  

• We support each other to be as successful as we can.  
• Treat others how you would like to be treated.  
• We put our teams before ourselves.  
• We think and act on what is best for the overall business. 

Benefits

What can you earn?

When you join our recruitment team, you will start on a flat 15% commission to help you settle in, then move you to our standard structure where you will earn 33% of any NFI up to £800k and 40% on billings beyond that, ensurin a clear and rewarding commission structure. You can also earn through additional earning streams such as Management overrides, cross-selling and referral bonuses from our Academy & Solutions service lines. Below are some example commission figures:

Benefits:

Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their dynamic team. This role is integral to protecting the organization's digital assets and ensuring compliance with industry regulations. You will be responsible for developing, implementing, and maintaining security measures across various platforms and systems.

Key Responsibilities:

• Conduct comprehensive security risk assessments and vulnerability analyses.
• Develop and implement security policies, standards, and procedures.
• Manage and monitor security information and event management (SIEM) systems.
• Respond to and investigate security incidents, providing detailed post-incident reports.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Oversee the implementation of security awareness training programs for employees.
• Stay abreast of the latest security threats, trends, and technologies.
• Manage third-party security risks and ensure vendor compliance.
• Contribute to the development and execution of disaster recovery and business continuity plans.
• Mentor junior security analysts and provide technical guidance.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree is a plus.
• Minimum of 5 years of experience in information security, with a proven track record in risk management and incident response.
• In-depth knowledge of security frameworks (e.g., NIST, ISO 27001).
• Proficiency in SIEM tools, intrusion detection/prevention systems, and firewalls.
• Strong understanding of network security, cryptography, and cloud security.
• Excellent analytical and problem-solving skills.
• Ability to communicate complex security concepts to both technical and non-technical audiences.
• Relevant security certifications such as CISSP, CISM, or CEH are highly desirable.

This is an exciting opportunity for a proactive security professional looking to make a significant impact within a forward-thinking organization. The role is based in London, England, UK and offers a hybrid working model, blending the benefits of remote work with in-office collaboration. Join us and be at the forefront of cybersecurity.

OverviewnWe help companies get compensation right. What we get paid at work has a massive impact on our lives, and it is one of the biggest factors in hiring and retaining talent. Ravio provides a real-time data platform that brings compensation into the modern age with clarity and transparency. We are the European leader in this space, serving more than 1,200 clients, and we aim to become the global go-to place for compensation data and tools for managing compensation. Joining a startup and scaling it into a global product is challenging and rewarding. If that sounds exciting to you, you’re in the right place.

About the Role:

We are seeking a proactive and commercially-minded

Information Security & Compliance Manager

to join our team. This is a mid-level individual contributor role suited for someone who thrives in a fast-paced environment, is comfortable wearing multiple hats, and is excited by both InfoSec and hands-on compliance operations.

This role will focus primarily on security, data privacy, compliance, and regulatory matters. You will play a key role in helping the business stay compliant with relevant laws and standards, including oversight of our SOC 2 compliance processes, while also helping to drive practical compliance solutions across the business. A background in

Security Engineering

is a big plus as it would enable you to own the end-to-end architecture and technical execution of our security controls and systems.

Key Responsibilities

Operational Security & Security Architecture

Drive strategic planning, execution, and operations of scalable, automated, and resilient security controls

Contribute towards defining Ravio's security engineering strategy that addresses identity, endpoint, and data protection across all environments

Design a global security architecture and support the security engineering roadmap (with a special focus on data security)

Oversee security monitoring, vulnerability management, and incident response

Coordinate tabletop exercises and incident response testing

Own the relationship with security vendors

Governance, Risk & Compliance (GRC)

Lead or support internal compliance programs, with a focus on data privacy, corporate governance, and regulatory frameworks

Manage the organization's compliance with frameworks and regulations (oversee SOC 2 Type II maintenance and readiness efforts)

Conduct risk assessments and maintain the enterprise risk register

Ensure third-party vendor risk management processes are in place

Awareness & Training

Develop and deliver security awareness programs

Promote a culture of security and compliance across the organisation

Audit & Reporting

Prepare for and support internal and external audits

Track compliance KPIs and report status to executive leadership

Ensure timely remediation of audit findings

About YounExperience & Qualifications

Strong working knowledge of global data privacy laws and compliance standards (e.g. GDPR, CCPA, SOC 2)

Strong knowledge of security standards, controls, and best practices (NIST, CIS, OWASP)

Familiarity with cloud security (AWS, Azure, GCP)

Experience with audit management, GRC tools, and security monitoring solutions

Excellent problem-solving, communication, and stakeholder management skills

Skills & Traits

You enjoy data privacy, compliance, and security operations and are happy to "roll up your sleeves" when needed

Pragmatic, solutions-oriented, and business-savvy

Excellent communication skills with the ability to influence across departments

Highly organised and able to manage multiple projects simultaneously

Comfortable working in a fast-moving, ambiguous, and collaborative environment

Strong plus: a background in Security Engineering

Compensation & Benefits

£75,000 - £5,000

Company ownership (everyone gets a meaningful equity stake in Ravio)

37 days paid time off (25 days holiday + 4 wellness day + 8 public holidays)

Up to 6% pension matching scheme

0 a month wellness allowance (Invest in your physical wellbeing, on us)

00 per year Learning and Development budget

Private healthcare cover with AXA

Personal travel insurance - just in case

Income protection insurance (for full peace of mind in case you cannot work because of sickness or disability)

16 weeks fully paid birthing parent leave, followed by 4 weeks at 50% pay & 8 weeks for non-birthing parent

For more information about what we collect and how we use it when you apply for a role with us, please refer to our Candidate Privacy Notice.

#J-18808-Ljbffrn

Fuse is building a fully integrated energy company—spanning solar, wind, hydrogen, power trading, and distributed energy systems. We sell directly to consumers to reduce costs and deliver real savings.

We're also creating the Energy Network: a decentralised system of smart devices that rewards users in Energy Dollars for electrifying their homes, shifting usage to off-peak hours, and supporting grid stability—critical for scaling AI and energy-intensive industries.

We’re looking for a Chief Information Security Officer (CISO) to lead our company-wide security strategy. You’ll protect our infrastructure, digital assets, and customer data while enabling fast, secure growth.

Key Responsibilities

Security Strategy & Leadership

• Define and lead Fuse’s security strategy across infrastructure, applications, and data.
• Lead hands-on development of security roadmaps, maturity models, and control frameworks tailored to Fuse’s risk profile.
• Directly contribute to architecture reviews, threat modelling sessions, and key design decisions across product and platform teams.
• Build and mentor a high-performing security team, including hiring, coaching, and managing performance.
• Develop KPIs and reporting structures to measure and communicate security posture to leadership and the board.
• Advise the executive team on security risks, regulatory exposure, and investment priorities to support long-term growth.
  

Governance & Compliance

• Own company-wide security governance, including data protection, access control, and insider risk.
• Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks.
• Oversee security audits and third-party risk programs.
  

Risk Management & Threat Intelligence

• Lead threat modelling, risk assessments, and security reviews of critical systems; design and deliver security awareness training programs for all employees to promote a culture of proactive risk management.
• Build threat intelligence capabilities to stay ahead of emerging risks.
• Balance risk management with product and engineering velocity.
  

Incident Response & Resilience

• Own response plans for high-severity threats and incidents.
• Build robust detection, containment, and remediation processes.
• Drive business continuity and disaster recovery strategy.
  

Technology & Infrastructure Security

• Partner with engineering to embed security in the SDLC and infrastructure.
• Guide secure design for cryptographic systems, transaction flows, and the Energy Network.
• Ensure resilience across distributed devices and on/off-chain systems.
  

Security Culture & Collaboration

• Promote a security-first culture across product, data, legal, and compliance.
• Represent Fuse externally in customer, regulatory, and industry engagements.
  

Requirements

• 5+ years in cybersecurity, with prior leadership or CISO experience.
• Deep understanding of cloud security (especially AWS), application security, and modern DevSecOps.
• Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure.
• Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc.
• Background in threat modeling, incident response, and risk management.
• Excellent leadership, communication, and stakeholder skills.
• Bachelor’s or advanced degree in Computer Science, Information Security, or related field.

Bonus:

• Experience with CTFs, red/blue team exercises, or offensive security.

Benefits

• Competitive salary and a stock options sign-on bonus
• Biannual bonus scheme
• Fully expensed tech to match your needs!
• Paid annual leave
• Breakfast and dinner for office based employees

At Clarion, our people are at the absolute heart of what we do. We’re proud that our core values of PASSION , CARE , IMAGINATION , and TRUST define the way we carry out our work across all of our exhibitions and conferences.

If you share our values and want to be a part of a successful, dynamic, and creative global business then we want to hear from you.

The Opportunity:

We have an exciting new role for an Information Security Manager who will be responsible for implementing operational cyber security throughout a dynamic, global, commercial organisation. The role will involve collaboration with numerous internal departments and businesses across the Group organisation.

We are looking for a highly experienced Information Security Manager with extensive technical security knowledge and expertise.

Key Responsibilities:

• Lead a team monitoring and responding to cyber incidents.
• Being a subject matter expert on all aspects of operational information security and cyber risk.
• Define, develop, and implement operational information security processes.
• Identify, assess, and make recommendations on emerging security threats and vulnerabilities.
• Develop and oversee Security Operations Centre (SOC) activities, SIEM, IDS/IPS, threat and incident responses.
• Manage the cyber security vulnerability programme.
• Manage and oversee security penetration testing activities.
• Implement information security policies, processes, governance standards and frameworks.
• Advise departments on security requirements and controls, providing information security guidance across IT operations and new projects.
• Coordinate and manage information security activities, implementing solutions to improve information security, IT infrastructure and cyber security.
• Identify breaches in information security architecture, standards, and best practice.
• Manage and complete information security reviews, including due diligence of third parties.
• Monitor the development of relevant industry standards and best practices (NIST CSF, CIS, ISO etc.), assess and advise on compliance with these standards.

Requirements

Knowledge, Skills & Behaviours:

• Expertise and proficiency on information security management.
• A degree in cyber risk would be advantageous.
• Recognised security qualifications such as CISSP/CISM are desirable.
• Track record of achievement and delivery within various operational information security roles.
• Previous experience of SOC operations and management.
• Extensive knowledge of technical security issues and solutions.
• Extensive knowledge of cyber threats, penetration testing and vulnerability assessments.
• Experience of Cyber Essentials, ISO27001 compliance and leveraging NIST CSF and CIS benchmarks.
• Excellent communication skills both verbal and written, articulate, organised and diligent.
• Willing to join a shift-based call-out rota (this will incur an additional bonus payment).

About Clarion Events

Clarion Events is one of the world’s leading event organisers, producing and delivering innovative and market-leading events since 1947. ( )

Clarion Events embrace diversity and equal opportunities in all that we do. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.

Clarion is private equity backed and owned by Blackstone. Blackstone is one of the world’s leading global investment funds, investing capital for the long term in order to build successful, resilient businesses. ( )

Our purpose is to deliver exceptional customer outcomes and experiences, by making every connection count.

Our vision is we want every one of our products to be a market leader in customer satisfaction and delight.

Benefits

• 25 days’ holiday plus bank holidays
• End of year wellbeing shutdown (closed for the last week of the year)
• Celebration day off (e.g. birthday, Diwali, Eid, etc)
• Summer Hours in August (3pm finish on Fridays)
• Helping Our World (HOW) Days – one paid day per quarter to carry out charity work
• Pension Scheme
• Private Medical Insurance
• Health Cash Plan
• Wellbeing Library (MYNDUP)
• Mentoring Programme
• Subsidised Café
• Season Ticket Loan
• Cycle to Work Schemes
• Free on-site gym and shower facilities
• Free eyesight tests
• Free flu vaccination – offered on site once a year for all employees

The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology.

Client Details

The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission.

Description

• Implement and maintain ISMS aligning with ISO27001
• Ensure security controls are in-place based on ISO27001 and NIST
• As the regional security representative in the global Security / Technology project
• Lead / execute phishing campaign
• Conduct vulnerability assessments and implement measures to mitigate potential risks.
• Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team
• Maintain and update security policies, standards, and procedures in alignment with industry regulations.
• Collaborate with cross-functional teams to ensure secure system designs and implementations.
• Provide training and support to staff to enhance security awareness across the organisation.

Profile

• Practical experience and understanding of ISO27001
• Familiar with NIST and GDPR is preferred
• Solid experience in threat, risk and vulnerabilities management process
• Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection.
• Strong analytical and problem-solving skills.
• Hold at least one security related professional certification is desirable

Job Offer

• 24 days of holiday leave
• Performance-based bonus of up to 10%.
• Pension scheme with contributions up to 10%.
• Private medical insurance, life assurance, dental cover
• Finance support on professional certifications / memberships

The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology.

Client Details

The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission.

Description

• Implement and maintain ISMS aligning with ISO27001
• Ensure security controls are in-place based on ISO27001 and NIST
• As the regional security representative in the global Security / Technology project
• Lead / execute phishing campaign
• Conduct vulnerability assessments and implement measures to mitigate potential risks.
• Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team
• Maintain and update security policies, standards, and procedures in alignment with industry regulations.
• Collaborate with cross-functional teams to ensure secure system designs and implementations.
• Provide training and support to staff to enhance security awareness across the organisation.

Profile

• Practical experience and understanding of ISO27001
• Familiar with NIST and GDPR is preferred
• Solid experience in threat, risk and vulnerabilities management process
• Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection.
• Strong analytical and problem-solving skills.
• Hold at least one security related professional certification is desirable

Job Offer

• 24 days of holiday leave
• Performance-based bonus of up to 10%.
• Pension scheme with contributions up to 10%.
• Private medical insurance, life assurance, dental cover
• Finance support on professional certifications / memberships