1,849 Vulnerability Assessment jobs in the United Kingdom

Information Security Lead

TW16 Sunbury, South East BP Energy

Posted today

Job Viewed

Tap Again To Close

Job Description

Entity:

Technology


Job Family Group:

IT&S Group


Job Description:

About bp

bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future!

Information Security Lead

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

Passionate about identifying and crafting security solutions that make bp a cyber resilient organisation, the Information Security team partner with business teams to help them understand cyber risk and take personal ownership for cyber security!

We’re looking for curious minds who are driven by opportunities to build value and deliver secure digital products and services to advance the global energy transition.

Role Synopsis

In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of an Information Security Lead has never been more critical. Our partnership with the business is essential to ensuring the confidentiality, integrity, and availability of an organisation's data and information systems.

Offering insights that influence the development and deployment of secure, resilient solutions & services. Your expertise enables teams to innovate with confidence, knowing their solutions align with the highest standards of data protection and regulatory compliance.

Key Accountabilities

In this role you will be responsible for the delivery of security activities to ensure swift business value realization. This role focuses on information security and digital security risk activities with the following key accountabilities:

  • Relationship and Customer management : Act as the main point of contact for all Digital Security enquiries within the relevant business portfolio. Build strong partnerships and influence positive change that serves the commercial ambitions.
  • Security Expertise:  Provide technical expertise, implementing digital security operating processes aligned to security standards across all value stream activities.
  • Safety:  Prioritize cyber and operational safety, improve digital security controls through architecture designs and process to maintain our cyber posture and react to new threats.
You will:
  • Monitor and Assess : Keep a vigilant eye on our digital domains, using innovative tools to detect and assess threats. This includes collaborating on the identification, assessment and management of risk
  • Strategize and Protect : Develop and implement robust security measures, crafting a secure environment for our data and systems.
  • Respond and Recover : Partner Customers during security incidents with a calm, calculated approach, minimising impact and guiding recovery efforts.
  • Educate and Advocate : Champion security awareness across the organisation, encouraging vigilance and responsibility.
  • Innovate and Guide : Provide strategic insights to teams, ensuring security is a cornerstone of product development and business operations.
  • Protect & Defend: Proactively mitigate cyber risks and coordinate the remediation of findings from vulnerability scans, supplier assurance, compliance reviews, and support the digital Delivery teams in maintaining high levels of cyber hygiene.
Education
  • Degree Educated, preferably BSc in Information Security or equivelent.
  • Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or working towards certification.
  • Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework is highly advantageous.
Desirable Experience and Capability
  • Previous track record in similar roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies.
  • Strong influencing skills that enable you to communicate technical information to both technical and non-technical audiences, clearly and concisely.
  • Deep technical knowledge, and experience delivering security solutions and providing technical advice.
  • A track record of delivering business benefits by balancing the need to protect the organizations commercial ambitions and maintain operations of the core value streams.
  • Experience working within developing digital ecosystems, with multiple partners and environments, ensuring suitable digital security standards and practices delivered and maintained.
  • Good understanding of enterprise and operational risk management, risk governance and compliance requirements.
  • Excellent project management skills, with the ability to lead multiple projects simultaneously.
  • Able to adapt to shifting priorities, demands, and timelines and keep customers abreast of impact (potential or actual) to defined delivery timescales and/or business impact.
  • Ability to use technology, data, and insights to enable decision making.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.


Travel Requirement

No travel is expected with this role


Relocation Assistance:

This role is not eligible for relocation


Remote Type:

This position is a hybrid of office/remote working


Skills:

Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism


Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please  contact us .

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

This advertiser has chosen not to accept applicants from your region.

Information Security Manager

EC1 London, London Context Recruitment

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

full time

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

  • Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
  • Lead the development and implementation of security policies, procedures, and controls
  • Manage ISO27001 compliance, including internal and external audits
  • Conduct risk assessments and oversee incident response planning
  • Collaborate with technical teams to ensure security is embedded across services
  • Advise on regulatory requirements and emerging threats

Candidate Profile:

  • Extensive experience in information security within an MSP or MSSP
  • CISSP certified
  • Strong working knowledge of GRC frameworks, including ISO27001
  • Demonstrated experience in a vCISO capacity
  • Excellent stakeholder engagement and communication skills
  • Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

This advertiser has chosen not to accept applicants from your region.

Information Security Manager

EC1 London, London Context Recruitment

Posted 4 days ago

Job Viewed

Tap Again To Close

Job Description

full time

Information Security Manager

70,000- 75,000 PA

Central London

Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.

The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.

Responsibilities:

  • Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
  • Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
  • Actively contribute to ISO processes, strategies and problem-solving
  • Use prior ISO experience to support certification readiness
  • Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
  • Handle varied and complex security challenges, from system reviews to high-level risk assessments
  • Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing

Requirements:

  • Experience with ISO 27001 is essential
  • Strong background in cyber security management
  • Proven experience in identifying and mitigating security risks#
  • Ability to make actionable recommendations for security improvements
  • Experience with GDPR and data protection, together with knowledge of IS standards
  • Security assessment frameworks (threat modelling, controls assessment, risk assessment)
  • Relevant qualifications; CISSP, CISM or similar would be beneficial.

Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.

This advertiser has chosen not to accept applicants from your region.

Information Security Manager

London, London £65000 - £75000 Annually Context Recruitment

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

permanent

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

  • Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
  • Lead the development and implementation of security policies, procedures, and controls
  • Manage ISO27001 compliance, including internal and external audits
  • Conduct risk assessments and oversee incident response planning
  • Collaborate with technical teams to ensure security is embedded across services
  • Advise on regulatory requirements and emerging threats

Candidate Profile:

  • Extensive experience in information security within an MSP or MSSP
  • CISSP certified
  • Strong working knowledge of GRC frameworks, including ISO27001
  • Demonstrated experience in a vCISO capacity
  • Excellent stakeholder engagement and communication skills
  • Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

This advertiser has chosen not to accept applicants from your region.

Information Security Manager

London, London £70000 - £75000 Annually Context Recruitment

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

permanent

Information Security Manager

70,000- 75,000 PA

Central London

Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.

The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.

Responsibilities:

  • Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
  • Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
  • Actively contribute to ISO processes, strategies and problem-solving
  • Use prior ISO experience to support certification readiness
  • Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
  • Handle varied and complex security challenges, from system reviews to high-level risk assessments
  • Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing

Requirements:

  • Experience with ISO 27001 is essential
  • Strong background in cyber security management
  • Proven experience in identifying and mitigating security risks#
  • Ability to make actionable recommendations for security improvements
  • Experience with GDPR and data protection, together with knowledge of IS standards
  • Security assessment frameworks (threat modelling, controls assessment, risk assessment)
  • Relevant qualifications; CISSP, CISM or similar would be beneficial.

Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.

This advertiser has chosen not to accept applicants from your region.

Information Security Manager

Birmingham, West Midlands NTT America, Inc.

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now
This advertiser has chosen not to accept applicants from your region.

Information Security Adviser

Bristol, South West The Boeing Company

Posted 27 days ago

Job Viewed

Tap Again To Close

Job Description

**Job Description**
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Boeing delivers leading-edge platforms, technology, services, and capabilities to bring the best value to the Ministry of Defence and UK national security services.
Employing more than 2,100 people, Boeing Defence UK provides long-term support for more than 120 Boeing military rotary-wing and fixed-wing aircrafts in the UK. For example, the Chinook and Apache helicopters, and the Poseidon and C-17 airplanes. Our support ranges from mission critical Logistics Information Services, next generation in-flight digital tools, to aircraft and operational modelling and simulation methodology.
Leveraging our established defence business in the UK, and blending our local expertise with our 'One Boeing' global approach, Boeing Defence UK is well positioned to support the UK with its current and future defence and security challenges.
An exciting opportunity has arisen for an **Information Security Adviser** to join **Boeing Defence UK** in the support of the Defence Equipment Engineering and Asset Management System (DEEAMS) programme.
Due to continued business growth there is an opportunity to join a multi-skilled security team that delivers all aspects of protective security to Boeing Defence UK (BDUK), including information security and assurance, personnel security, business continuity and counter threat support and risk advice. The successful candidate would be a part of a supportive team of around 26, with access to varied work and opportunities to progress their career alongside the growth of the business. At Boeing we're committed to rewarding excellence and fostering an inclusive environment where team members are seen, heard, valued, respected and fully engaged.
The successful candidate will work alongside other Boeing Security Advisers to deliver the security aspects of bringing a new information services solution into service whilst working with both the UK customer and collaborating with external suppliers and other agencies. The role will be expected to: produce security artefacts associated with implementing and maintaining the new solution, preparing security assurance evidence, liaise with the customer and other agencies as required and deliver other programme contractual deliverables as required.
The post holder will also have experience of information security, defence security management and defence cyber protection partnership processes. Post initial operating capability the role will be supportive in maintaining the continued authority to operate by maintaining the Information Security Management System throughout the Sustainment phase of the programme.
**Please note: this role is subject to successful Contract Award. This is an on-site role based in Bristol, with flexibility for occasional remote working at the discretion of the management team.**
**Position Responsibilities:**
+ Identifying security risks within complex information systems and developing for implementation, effective and risk balanced security measures
+ Supporting Supply Chain Security Assurance through application of the Defence Cyber Protection Partnership (DCPP) and other relevant standards and policies
+ Providing security documentation and evidence to meet HMG (MOD) security assurance requirements
+ Liaison with customers, Delivery Team Security Leads, and technical authorities, including attendance at Security Working Groups
+ Supporting security analysis of operational environments, threats, vulnerabilities and internal interfaces to define and assess compliance to accepted industry and government standards
+ Contributing to the development of information governance and risk management structures and processes
+ Assisting in the integration of information assurance activities with the system engineering, design and manufacturing elements of new business ventures and programmes
+ Engaging with stakeholders, the engineering team and sub-contractors to provide direction, guidance and support on acceptable and balanced information security solutions
+ Supporting the creation of business and user focused security policies, procedures, processes and operational guidance for the compliant delivery of customer information security requirements
+ Maintaining knowledge of technology development (both hardware and software), threat actors, tools and techniques and the risk implications for information security
+ Deliver programme security onboarding training to the Boeing programme team
+ Provide ad hoc security advice to the Boeing DEEAMS delivery team
+ Preferred Qualifications/Education
+ Ideally qualified to degree level (or equivalent) OR with substantial relevant information security experience, particularly within a similar role in UK Government or Defence
+ Relevant industry security certifications would be advantageous (e.g. SC2 Certified in Cyber Security (CC), CISMP, CCP (Ex-CLAS), CISSP, CISM).
+ Knowledge/Competences
**Basic Qualifications (Required Skills/Experience):**
+ Knowledge and understanding of MOD and Government information security policy, standards and guidance.
+ Experience of assuring IT systems in a secure government environment (MOD)
+ Understanding of systems and security verification, validation, testing and evaluation approaches.
+ Experience in generation of information security Risk Assessments, Risk Treatment Plans.
+ Experience in the specification and development of effective and balanced information assurance solutions or approaches.
+ Ability to analyse the security aspects of business risks
+ Pragmatic approach to the recommendation of security controls.
+ Ability to plan, prioritise and manage own workload with limited day-to-day supervision, but know when to seek assistance/escalate.
**Preferred Qualifications (Desired Skills/Experience):**
+ Experience of working within a multinational matrix management environment/ structure and a large-scale, complex international organization, but also within small teams, would be highly advantageous.
+ Experience of working with and assurance/gaining authority to operate information system related platforms and communication networks
+ Information assurance experience across Cloud services and Systems Engineering, Development Lifecycle would be preferred.
+ Experience of participating in developing security solutions in response to customer requirements.
+ Experience of SAP or other Enterprise Resource Planning systems.
+ Experience of systems rollout and hyper care activities.
+ Detailed understanding of data protection controls and practices.
+ Knowledge of computer security audit and investigative techniques is desirable.
+ General:
+ Effective written and verbal communication skills with ability to adapt depending on audience; ability to explain technical issues in simple language to non-technical consumers is essential.
+ Ability to contribute to cost, schedule adherence, and technical performance trade-offs.
+ Clear task focus with ability to separate out and communicate key elements from extraneous detail.
+ Team player with a collaborative working mindsets, especially with cross functional teams.
+ An independent self-starter with a proactive mindset.
**Work Authorisation:**
This requisition is for a locally hired position in the UK. Candidates must have current legal authorisation to work immediately in the United Kingdom. Boeing will not attempt to obtain Immigration and labour sponsorship for any applicants.
Benefits and pay are determined at the local level and are not part of Boeing U.S. based payroll.
Applications for this position will be accepted until **Sept. 06, 2025**
**Export Control Requirements:** This is not an Export Control position.
**Relocation**
Relocation assistance is not a negotiable benefit for this position.
**Security Clearance**
This position requires the ability to acquire a UK security Clearance for which the UK Government requires UK residency. The successful candidate will hold, or have the ability to acquire, Security Clearance (SC).
**Visa Sponsorship**
Employer will not sponsor applicants for employment visa status.
**Shift**
Not a Shift Worker (United Kingdom)
**Contingent Upon Program Reward**
The position is contingent upon program award
**Equal Opportunity Employer:**
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law.
We have teams in more than 65 countries, and each person plays a role in helping us become one of the world's most innovative, diverse and inclusive companies. We are a Disability Confident Committed employer and welcome applications from candidates with disabilities. Applicants are encouraged to share with our recruitment team any accommodations required during the recruitment process. Accommodations may include but are not limited to: conducting interviews in accessible locations that accommodate mobility needs, encouraging candidates to bring and use any existing assistive technology such as screen readers and offering flexible interview formats such as virtual or phone interviews.
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Vulnerability assessment Jobs in United Kingdom !

Information Security Analyst

Sanderson

Posted today

Job Viewed

Tap Again To Close

Job Description

Information Security Analyst – NIST Implementation


Rate - £500 Inside IR35 (Total to umbrella)

Duration – 6 months

Location – twice a week on site into London

Role Description:

As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements from the Group Information Security Framework, and proactively managing non-compliance issues and mitigating Information Security risks.


About You :

  • You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF).
  • Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions.
  • Supporting compliance activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation.
  • Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework.
  • Assisting cross-functional teams and business units in integrating security measures into business operations.
  • Facilitating regular reviews and updates of control and risk management processes to remain effective and responsive to emerging threats and changes in the organizational landscape.
  • Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business.


Essential Skills:

  • Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks.
  • Practical experience of implementing NIST CSF in the financial services sector is highly desirable.
  • Proven track record of security transformation and delivery of security projects, particularly within a federated organisation.
  • Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards.
  • Ability to analyse data and generate reports using tools like Excel and Power BI, and experience with data visualisation and interpretation.
  • Skills in creating and maintaining comprehensive documentation, including control matrices, design process flows, and standard operating procedures.
  • Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.
  • Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus.
  • Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable.
This advertiser has chosen not to accept applicants from your region.

Information Security Analyst

London, London Sanderson

Posted today

Job Viewed

Tap Again To Close

Job Description

Information Security Analyst – NIST Implementation


Rate - £500 Inside IR35 (Total to umbrella)

Duration – 6 months

Location – twice a week on site into London

Role Description:

As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements from the Group Information Security Framework, and proactively managing non-compliance issues and mitigating Information Security risks.


About You :

  • You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF).
  • Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions.
  • Supporting compliance activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation.
  • Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework.
  • Assisting cross-functional teams and business units in integrating security measures into business operations.
  • Facilitating regular reviews and updates of control and risk management processes to remain effective and responsive to emerging threats and changes in the organizational landscape.
  • Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business.


Essential Skills:

  • Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks.
  • Practical experience of implementing NIST CSF in the financial services sector is highly desirable.
  • Proven track record of security transformation and delivery of security projects, particularly within a federated organisation.
  • Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards.
  • Ability to analyse data and generate reports using tools like Excel and Power BI, and experience with data visualisation and interpretation.
  • Skills in creating and maintaining comprehensive documentation, including control matrices, design process flows, and standard operating procedures.
  • Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.
  • Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus.
  • Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable.
This advertiser has chosen not to accept applicants from your region.

Information Security Manager

Hampshire, South East Plumstead Consulting

Posted today

Job Viewed

Tap Again To Close

Job Description

INFORMATION SECURITY MANAGER


Our client is one of the largest owner-operator of rapid electric vehicle charging stations across the UK and Europe. They are award winners and are currently short listed for " The Best Place to Work" .

They are growing and expanding at pace, are you up for the ride.


They are seeking a highly skilled and experienced Information Security Manager to join our team.


You will work closely with the clients international IT team to lead the organisation’s cybersecurity and information risk agenda, including oversight of ISO 27001 and broader security governance across the business.


Key Responsibilities :

  • Maintain the Information Security Management System (ISMS) in compliance with ISO 27001:2022 standards.
  • Establish, maintain and enforce security policies, procedures, and controls to mitigate information security risks and vulnerabilities.
  • Conduct regular risk assessments and vulnerability assessments to identify potential threats and weaknesses in our information security infrastructure.
  • Collaborate with internal stakeholders to ensure that information security requirements are integrated into business processes and systems.
  • Lead internal audits and coordinate external audits and certifications to assess ISMS effectiveness and drive continuous improvement.
  • Define and enforce information security policies, standards, and guidelines across the organisation and Monitor compliance with all information security policies, procedures, and standards.
  • Management of tabletop/red team exercises and incident response playbooks.
  • Assist the incident response process and lead investigations into information security breaches or incidents.
  • Provide guidance and support to employees on information security matters and promote a culture of security awareness throughout.
  • Stay up to date with the latest information security trends, threats, and best practices, and make recommendations for enhancing the organisation’s security posture.
  • Conduct technical assessments of new suppliers, platforms, and software, including security architecture reviews, documentation checks, and evidence of compliance (e.g., ISO, SOC 2, pen test results).
  • Collaborate with procurement, legal, and product teams to embed security requirements in onboarding and contract processes.
  • Prepare and deliver reports on information security metrics, incidents, and compliance to senior management and relevant stakeholders.


Qualifications and Skills;

  • Professional certifications in information security, such as CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent.
  • Extensive experience (5+ years) in information security management, with a focus on ISO 27001 compliance.
  • In-depth knowledge of ISO 27001 standards and best practices , as well as other relevant security frameworks (e.g., NIST, COBIT).
  • Strong technical understanding of modern IT and cloud environments, including the ability to assess third-party platforms, suppliers, and software for security risks.
  • Proven experience in developing and implementing information security policies, procedures, and controls.
  • Familiarity with risk assessment methodologies and tools.
  • Experience in managing information security incidents and conducting investigations.
  • Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organisation.
  • Strong analytical and problem-solving abilities.
  • Demonstrated ability to manage multiple priorities and meet deadlines in a fast-paced environment.
  • High level of integrity and a commitment to maintaining confidentiality.
  • Join our dynamic team and contribute to the protection and security of our organisation’s information assets. Apply your expertise as an ISO 27001 Information Security Manager and help us maintain a robust information security program.


Equal Opportunity Statement :


They an equal opportunity employer. We are committed to equality and diversity, and all applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, or disability status.

This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Vulnerability Assessment Jobs