Risk And Compliance jobs in United Kingdom

Your new role - Permanent - ON SITE 5 Days per week. You will be required to undergo vigorous onboarding checks - UK Only. Sponsorship NOT available.

The main purpose of this job mainly focusses on information security, cybersecurity, and data security from a Greenfield perspective. We are on a journey to secure Cyber Essentials plus and ISO27001 certification. You MUST have experience working with banking / financial services regulations, FCA, PRA etc.

Liaison with the Head Office, Security Operation Centre or Data Centre for implementing security policies, procedures, projects and security controls. Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulations.

The ideal candidate will be responsible for managing information security systems, ensuring compliance with regulatory requirements, and conducting thorough security audits. You will be part of the IT committee and work closely with the risk and compliance team. Ideally, having a background in IT / Network security, progressing into information security and cybersecurity.

• Develop, draft, implement, and maintain information security policies, procedures, and guidelines.
• Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., Cyber Essentials & ISO 27001).
• SIEM & Vulnerability Management.
• Monitor and respond to security incidents, conducting investigations and implementing corrective actions.
• Collaborate with IT and other departments to ensure the security of network infrastructure and data.
• Manage risk assessments and vulnerability assessments to identify potential security threats.
• Oversee the implementation of security measures such as firewalls, intrusion detection systems, and data encryption technologies.
• Provide training and guidance to staff on information security best practices.
• Stay updated on the latest cybersecurity trends and technologies.

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor.
• Proven experience in information security management and conducting security audits.
• Strong knowledge of information security frameworks and standards.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.

• Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.
• Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection.

• CISA/CISSP/CCSP
• MCSA-Microsoft Windows Server
• MCSE- Microsoft Certified Solution Expert;
• MCITP-Microsoft Certified IT Professional;
• VMware Certified Professional;CCNA/CCNP

#4672461 - James Francis