260 Technology jobs in London

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform

• £70–80k base + 10% bonus
• Hybrid in London
• Training budget for certifications + conference attendance
• Strong emphasis on professional autonomy and ethical leadership

A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.

This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.

What you’ll bring:

• 5+ years in InfoSec, IT Security or Ops within a regulated environment
• Certification required: CISSP, CISM, CRISC, or equivalent
• Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
• Confident with security risk assessments, audit responses, and policy governance
• Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
• Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
• Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice

What you’ll be doing:

• GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
• Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
• Security awareness & training: manage phishing simulations and content using Proofpoint
• Security architecture reviews: support technical assessments of new systems and services
• Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
• Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
• Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews

Tech & tools you’ll use:

• Protecht – Enterprise risk and audit management
• Panorays – Third-party risk tooling
• Rapid7 / Armis – Vulnerability management and threat detection
• Proofpoint – Phishing and awareness platform
• Microsoft Purview – Data governance and compliance
• Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)

Why this role?

• High-impact GRC project work tied to new market expansion
• Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
• A clear opportunity to stretch across awareness, compliance, and operational domains

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform

Job purpose:

The security analyst will join a small security team for one of our clients in Central London. you will be a subject matter expert on all aspects of security to include mail security, web security, infrastructure security and end user device security.

The security analyst plays a key role in driving and improving and technology security at the organisation, providing expert advice and reliable guidance to a broad range of colleagues and stakeholders to achieve this.

Key Accountabilities:

• Proactively assess device and application logs for security vulnerabilities, as well as investigate causes and ultimately resolve or mitigate those vulnerabilities

• Lead and investigate security breaches and cyber incidents, providing timely resolution to agreed service level agreements/expectations

• Install Security updates/measures in line with best practices to ensure that the client is protected against the latest cyber security threats

• Work with third parties and internal teams to schedule proactive penetration tests, ensuring that vulnerabilities are resolved or mitigated

• Support the delivery of security training to all end users

• Regular monitoring of potential security risks externally and internally, provide clear expert advice and reliable guidance

• Manage regular security assessments of various key services

• Regularly assess key third party suppliers to ensure their security compliance

• Work with operational and delivery teams to ensure security design principles have been evaluated and adopted

• Provide clear expert advice and reliable guidance to end users on all things relating to cybersecurity

• Effectively collaborate with internal teams in relation to cybersecurity audits, including the resolution of outstanding actions

• Manage the creation and regular updating of Security policies

• A proactive approach to supporting a welcoming and respectful working environment for all colleagues at the organisation.

Knowledge, skills and experience

Essential:

• Relevant experience working as an effective Security Analyst

• Strong understanding of mail filtering technologies

• Strong understanding of Cloud infrastructure technologies, including encryption

• Demonstrable experience of working with Microsoft Sentinel, Defender and Purview

• Excellent understanding of security frameworks (NIST and Cyber Essentials)

• Ability to lead and manage third party providers

• Strong understanding of incident response processes and methodologies including leading and managing incidents

• Lead on root cause analysis, providing relevant documentation including recommendations

• indemonstrable experience of implementing a robust and trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats

• Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools.

• Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation

• Experience in testing and reviewing new security solutions

• A strong commitment to supporting of diversity, inclusion, respect and dignity in the workplace

BENEFITS

We offer great opportunities for personal and professional development in an international company, with a focus on supporting our customers to excel in their strategic goals. The role comes with a competitive salary package, 28 days holiday (inclusive of US Federal holidays), professional development, and generous paid time off. You will be a part of a dedicated group of colleagues who value teamwork and collaboration whose focus is to empower our customers.

• Supports the security of the Company's network and ICT resources
• Delivers robust, efficient and professional operational IT service to key stakeholders
• Maintains documentation of systems, maps, procedures, user and technical information
• Support the network equipment and services, Virtual servers, network storage devices, network communications equipment
• Day to day support of LANs, WANs, internet, security and wireless implementations
• Monitors and evaluates the efficiency and effectiveness of infrastructure service delivery methods and procedures
• Monitors business critical processes and systems
• Installs, configures and supports new and existing servers and network infrastructure
• Actively learns and develops to stay up to date with developments in areas of expertise and to meet the changing needs of the job
• Encourages and supports the development of other members of your team and the organisation
• Ensures compliance with the companies policies, procedures and contract of employment
• Undertakes any other duties that may reasonably be required, and are commensurate with the grade of the job, in furtherance of the objectives of the Fund
• Deputise for the infrastructure Manager

• Specialist in Windows server infrastructure operational support, including administration of on-premises and cloud platforms
• Excellent troubleshooting & diagnostic skills, including the ability to work well under pressure and follow investigations through to logical conclusions
• Knowledge of Microsoft best practices for security configurations (policies), migration, and VMware VM management
• Management of infrastructure projects
• Experience of working with security, networking, server, software application management and support
• A good understanding of managing a Microsoft Active Directory-based network with common Microsoft server components; Exchange Server Hybrid, SQL Server, Windows Deployment Systems, SharePoint, Microsoft 365, Cloud based Telephony, Cyber Security and Prevention, Cloud based Backup and Restore
• Knowledge of VMWare High-Availability virtual server hosting infrastructure and storage area networks
• Microsoft Azure including:
  
  1. Azure Active Directory
  
  2. SSO
  
  3. Multi-Factor Authentication
• Knowledge cyber security best practices.
  
  1. Best practices
  
  2. Documentation
  
  3. User Education
  
  4. Auditing
  
  5. IT and Email Security
• Change management - adhering to correct procedures to ensure that any changes are carried out successfully
• Problem management & incident management - liaising with relevant parties to achieve an acceptable resolution

• Good interpersonal skills which are required when liaising with business users
• An ability to remain composed when working in difficult situations, and to be proactive in leading the team toward resolutions
• The position will involve dealing with all levels of Management so therefore good verbal and written communication skills are essential
• Takes pride in providing excellent customer service
• Ability to absorb and retain information quickly
• Ability to present ideas in user-friendly language
• Experience of working in a team-oriented, collaborative environment