60 jobs found

We're looking for an experienced Zero Trust Identity and Access Management (IAM) Security Architect to shape how Arm secures its global workforce and systems. You'll design and guide the strategy behind secure, scalable identity solutions that enable employees, contractors and third parties to work safely anywhere. You'll work across enterprise IT, security architecture and engineering to define IAM standards, integrate new technologies and make identity simple and secure for every team. Responsibilities: Lead the design and implementation of enterprise Zero Trust IAM architecture across AD, Entra ID, SSO, MFA, PAM, and PKI. Create and maintain Zero Trust IAM security roadmaps, patterns, and reference designs. Supporting and partner with IT, GRC, and Engineering teams to ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. Required Skills and Experience: Over 7+ years of practical experience in designing and running Identity and Access Management (IAM) solutions for both human and non-human identities within large-scale, complex environments. Deep knowledge of identity protocols (SAML, OAuth2, OIDC, SCIM, LDAP/AD, PKI). Expertise in at least two IAM product areas (e.g., PAM, SSO/MFA) such as Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Good understanding of LDAP directories preferably Oracle Strong understanding of security frameworks and compliance (NIST, ISO 27001, SOX, GDPR). Experience working with cloud identity (Azure, AWS, or GCP). Nice To Have Skills and Experience: CISSP, CISM, CIAM, or similar security certification! Familiarity with automation, API protection, or security orchestration. Experience with API security or microservices identity patterns! In Return: Accommodations at Arm: At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Hybrid Working at Arm: Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you. Equal Opportunities at Arm: Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Cyber Security Business Development Manager - New Business Bring on new leads for the UK arm of the largest Cyber Security Specialist Organisation in ANZ Key Responsibilities Finding, identifying and qualifying new leads in the UK region Understand the target markets, including industry, company, project, company contacts and which market strategies can be used to attract clients Develop and execute a sales plan that assists in the expansion of the CyberCX customer base and achieves defined sales targets Own your customers' experience and journey, from solution proposition through transition to delivery Maintain strong knowledge of CyberCX service offerings and the ability to present them with intelligence and conviction About you 2-3 years previous sales experience from Cyber Security / IT sales; you will either have been a Junior BDM or SDR Must have previously sold Penetration Testing Services and/or GRC and/or other Cyber Security Services Demonstrable ability to win new customers and understand how to leverage the considerable assets of your organisation to grow your accounts Proven experience as a hunter in developing and executing on a sales plan Must be a UK Citizen eligible for security clearance The Role Grow out the Cyber Security Practice for CyberCX in the UK You will have support for larger more complex deals as you learn new business areas Learn the full suite of our Cyber Security Business lines About CyberCX CyberCX is the leading independent cyber security services organisation in Australia and New Zealand, with international offices in the United Kingdom and United States of America. CyberCX delivers comprehensive end to end cyber security services offerings to enterprises and governments. We are cyber security experts first and foremost. We're a unified team of highly qualified, certified and skilled professionals working together on the same mission: to protect and defend organisations from cyber threats. We specialise in: Strategy & Consulting Governance, Risk & Compliance Security Testing & Assurance Identity & Access Management Security Integration & Engineering Managed Security Services Digital Forensics & Incident Response Cyber Capability, Education & Training We ask you to have 2-3 years previous sales experience from Cyber Security and to be a UK Citizen eligible for Security Clearance.

Senior Cyber Security Consultant - CAF Assurance (x3) Contract - Outside IR35 6 Months (Likely Extension) Location: Mostly Remote (UK-based with occasional travel) Clearance: Active SC Clearance Required Role Overview We are currently seeking three experienced Senior Cyber Security Consultants to support the delivery of Cyber Assessment Framework (CAF) assurance and cyber resilience work across public sector and critical environment programmes. This role will involve conducting structured CAF assessments, engaging stakeholders, reviewing evidence, identifying risks, and delivering high-quality assurance outputs aligned to NCSC guidance and best practice. You will be part of a collaborative, high-performing team delivering across multiple assurance engagements. Key Responsibilities Deliver Cyber Assessment Framework (CAF) assurance activities across organisations and critical systems Conduct stakeholder workshops, interviews, and evidence reviews to assess cyber resilience maturity Support clients in understanding CAF objectives, principles, and outcomes Review policies, governance, and technical/operational controls against CAF requirements Assess cyber capabilities across: Risk management Protective security Monitoring & logging Incident management Supply chain security Operational resilience Produce high-quality outputs including: Assessment reports Risk findings Observations Improvement recommendations Contribute to assurance documentation, reporting, and delivery artefacts Support engagement onboarding, planning, and scheduling Collaborate with technical leads and delivery teams to ensure consistent quality Drive continuous improvement of CAF methodologies and templates Maintain strong stakeholder relationships in complex, fast-paced environments Ensure alignment with government security standards and policies Essential Skills & Experience Proven experience delivering cyber security assurance / GRC engagements Strong knowledge of the NCSC Cyber Assessment Framework (CAF) or similar frameworks Experience facilitating stakeholder interviews and evidence-based assessments Ability to analyse both technical and non-technical controls Excellent report writing and communication skills Experience working within public sector, regulated, or enterprise environments Solid understanding of cyber security domains, including: Identity & Access Management Vulnerability Management Incident Response SIEM / Monitoring & Logging Resilience and business continuity Supply chain security Ability to manage multiple priorities and deliver under tight deadlines Experience working in remote, blended delivery team

Description We're Civica and we make software that helps deliver critical services for citizens all around the world. From local to state government, to education, to health and care, over 5,000 public bodies across the globe use our software to help provide critical services to over 100 million citizens. Our aspiration is to be a GovTech champion everywhere we work around the globe, supporting the needs of citizens and those that serve them every day. Building on 21 years of continuous growth and success, we're at a pivotal point on our journey to realise that aspiration. Why you'll love this role of Senior Information Governance Security Consultant This is a high-impact, client-facing role where you will help organisations strengthen their information governance and cyber security posture. You'll work across a variety of public and private sector clients, delivering consultancy that directly improves resilience, compliance, and risk management. You'll have the opportunity to lead meaningful security engagements, from gap analysis and risk assessments to certification support and security improvement programmes. This role offers a strong mix of autonomy, variety, and influence-ideal for someone who enjoys solving complex security challenges and driving best practice. If you are passionate about governance, risk, and compliance, and enjoy working closely with clients to deliver real-world impact, this role gives you the platform to do exactly that. This role can be performed predominantly from home, with occasional travel to offices. Responsibilities Deliver Information Governance (IG) and Information Security (IS) consultancy services to clients Conduct gap analysis, risk assessments, and risk treatment planning Assess organisations against standards such as Cyber Essentials, Cyber Essentials Plus, and ISO 27001 Support clients through certification processes and security improvement programmes Perform audits to ensure effectiveness of security controls Produce high-quality security reports and present findings to stakeholders Provide continuous assessment of client security practices and recommend improvements Contribute to the development and enhancement of IG and cyber security service offerings Deliver consultancy across recognised frameworks such as the NCSC Cyber Assessment Framework (CAF) Develop and review security policies, procedures, and controls Deliver security awareness training, workshops, and exercises Collaborate with internal teams and support pre/post sales activities Mentor colleagues and contribute to team knowledge sharing Maintain strong client relationships and stakeholder communication Experience & Skills Strong experience in IT Governance, Risk & Compliance (GRC) across cloud and on-premise environments Knowledge of security and data protection frameworks including ISO 27001, Cyber Essentials Plus, and GDPR Experience applying risk management principles and methodologies In-depth understanding of Cyber Essentials and NCSC CAF Ability to advise on security strategy and risk mitigation Strong knowledge of information security principles and technical controls Proven experience in client-facing roles Excellent communication skills, with the ability to engage stakeholders at all levels Strong organisational skills with attention to detail Ability to work independently with minimal supervision Nice to have: Experience implementing and auditing ISMS aligned to ISO 27001 Relevant certifications such as CISSP, CISM, CISA, or CEH Experience working with frameworks such as DTAC, DSPT, CAF, or PSN Experience delivering security awareness programmes Experience in third-party assurance activities Ability to communicate complex security risks to both technical and non-technical audiences, including C-level stakeholders Strong presentation and reporting skills Experience working with Local Government We Want You to Bring Your Whole Self to Work There is no such thing as the perfect candidate, so if you think you have what it takes but don't necessarily meet every single point on the list above, please still get in touch. We'd love to have a chat and see if you could be a great fit. Why You'll Love Working with Us As a company, we're passionate about what we do and the citizens we serve. If you, too, want to champion the use of technology in public services to improve outcomes for citizens and public sector organizations, then Civica is the right place for you. We will help you unlock the best version of yourself, achieve career growth, and make a real difference to people and communities. Time Off & Work-Life Balance 25 Days Annual Leave + bank holidays - plus the option to buy up to 10 extra days! Days of Difference - Up to 3 extra days off for volunteering. Financial Well-being & Security Pension Contribution - 5% employer match to support your future. Income Protection - Up to 75% salary cover for long-term illness. Life Assurance - 4x salary tax-free lump sum. Critical Illness Cover - £25,000 lump sum (extendable to dependents). Health & Perks Private Medical Insurance - Fast access to private healthcare. Health Cash Plan - Claim back physio, therapies & more. Dental Insurance - Cover for routine & emergency care. Electric Vehicle (EV) Scheme - A wide range of electric & hybrid vehicles. Affinity Groups - Join employee-led communities. Bounty Bonus - Refer a friend & get rewarded. At Civica, we are committed to building an inclusive and diverse workplace where everyone feels valued and supported. We believe that a variety of perspectives drives innovation and excellence, and we welcome applicants from all backgrounds, cultures, and experiences. We are an equal opportunity employer. We do not discriminate based on race, ethnicity, religion, gender, sexual orientation, disability, age, or any other legally protected characteristic. Our recruitment process is designed to ensure fairness and transparency, so every candidate has an equal chance to contribute to our mission. If you need any adjustments or accommodations to participate in our recruitment process, please let us know. We are here to support you.

Looking to take your career to the next level? Join a forward-thinking cybersecurity organization known for its innovative approach, adaptability, and commitment to continuous improvement. Operating in a rapidly evolving threat landscape, it helps clients stay ahead of emerging risks by prioritizing proactive, pragmatic, and evidence-based risk management. With cybersecurity as a top organizational priority, the team delivers measurable outcomes supported by clear performance indicators to ensure ongoing effectiveness. It fosters a culture that challenges assumptions, verifies solutions, and embraces change to consistently deliver trusted results for its clients. Ready to make a move? Get in touch and apply today! Responsibilities Build and execute a sector plan to target upper mid-market and enterprise clients. Partner with senior leadership, marketing, and technical teams to define go-to-market strategies for GRC and AI services. Manage enterprise-level, cross-portfolio commercial opportunities. Develop high-value, multi-year engagements for vCISO services, AI testing and governance, and Red Teaming. Maintain accurate monthly forecasts for pipeline, business planning, and resource allocation. Oversee contracting with legal and finance support. Provide market, competitive, and commercial feedback internally. Work with marketing to generate high-quality leads and support events, conferences, and networking initiatives. Collaborate with delivery teams to ensure quality client outcomes. Skills/Must have Strong consultative sales experience, preferably in technology or security sectors. Proven track record engaging and influencing C-suite executives. Knowledge of emerging AI regulatory landscape and thought leadership capability. Experience with "land and expand" strategies and complex enterprise deals. Familiarity with structured sales methodologies and forecasting accuracy. Solid technical understanding of Cyber Security. Exceptional communication, negotiation, and closing skills. Willingness to travel up to 50% across the UK. Benefits Flexible hybrid working. Career development within a growing, PE-backed consultancy. Exposure to cutting-edge Cyber and AI risk projects. Salary £65k basic + £60k OTE - Uncapped Commission

NHS seeks a Head of Cyber Governance, Risk & Compliance in Leeds to lead operations and assurance across cybersecurity. This pivotal role involves developing frameworks to manage cyber risks effectively, ensuring compliance with national security standards. The successful candidate will have significant expertise in cybersecurity management, supported by advanced qualifications. A salary range of £103,355.20 to £119,091.70 per annum is offered. Candidates must fulfill UK residency requirements for security clearance.

The Head of Cyber Governance, Risk & Compliance (GRC) plays a pivotal role in protecting some of the UK's most critical national infrastructure. Reporting to the Security Principal, the role provides senior operational leadership for Cyber GRC and assurance across NHS England's complex and highly federated technology landscape. NHS England operates at national scale, delivering and enabling services that are essential to patient safety, public trust and national resilience. This role operates at the heart of that system, ensuring that cyber risk is understood, governed and managed proportionately while enabling digital transformation at pace. The post holder will lead the day to day delivery of the Cyber GRC function with delegated authority, managing specialist teams and exercising matrix leadership across cyber, digital and technology services. The role is focused on leading technological change, ensuring governance and assurance remain effective as services, operating models and platforms continue to evolve. Cyber resilience is fundamental to the successful delivery of the NHS Long Term & 10 Year Health Plans. This role will help ensure that transformation and modernisation initiatives can be delivered safely, securely and without disruption from cyber incidents, supporting continuity of care and public confidence. Main duties of the job The post holder will provide senior operational leadership for NHS England's Cyber GRC function, acting under delegated authority from the Security Principal to ensure effective, proportionate governance across a complex, highly federated and evolving environment. Key responsibilities include leading the operation and development of cyber governance, policy and risk management frameworks, ensuring security policies, standards and controls remain fit for purpose, aligned to business risk, and capable of protecting critical national infrastructure that underpins safe patient care and public trust. The role will oversee assurance activity against recognised frameworks and obligations, including ISO 27001, the NCSC Cyber Assessment Framework and nationally mandated requirements. The post holder will lead the development and communication of high quality cyber risk and resilience reporting, providing clear insight to senior leaders and governance forums to support informed decision making during significant organisational, technological and service change. Working in partnership with technology, operational and transformation teams, the role will embed security by design into services and programmes, supporting delivery of the NHS Long Term and 10 Year Health Plans. The role requires calm, credible leadership and resilience, balancing competing priorities while leading specialist teams and matrixed stakeholders through sustained change in a high profile environment. Job responsibilities Please see the attached Job Description and Person Specification for more information about the role and responsibilities. Person Specification Knowledge Highly developed specialist knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organisational network operation and minimise negative effect by cybersecurity risks. Detailed knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability. Specialist knowledge of technologies and technology based solutions dealing with information security issues; ability to apply these in protecting information security across the organisation. Skills & Experience Expert knowledge of IT security policies, standards, and procedures; ability to utilise a variety of administrative skill sets and technical knowledge to ensure cyber security compliance. Advanced specialist knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data. Qualifications Masters level degree in Cyber Security or relevant subject, or equivalent level of experience. Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Important: Please be aware there are residency requirements you need to meet: All NHS England Cyber Security personnel must hold Security Clearance level as a minimum. To meet National Security Vetting requirements, SC clearances require 5 years continuous UK residency. In certain cases, this can be reduced to three years continuous UK residency, with additional overseas checks for the previous two years. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role - will still be considered. Failure to achieve the requirements for SC after an offer will result in the job offer being withdrawn. £103,355.20 to £119,091.70 a year Per Annum (this includes a RRP payment of 30%).

Ctrl Alt is a rapidly growing fintech company that tokenizes alternative assets, seeking a Technical Operations Manager to serve as the operational backbone of the Office of the CTO. What's Involved The Technical Operations Manager will manage the intersection of IT logistics and regulatory alignment, ensuring a world class technical infrastructure, cybersecurity, and compliance posture. The role focuses on governance and compliance with ISO27001 and DORA, hardware lifecycle management, audit readiness, vendor relationships, and operational workflow optimization. Key Responsibilities Governance & Compliance: Lead GRC initiatives to align technical processes with ISO27001 and DORA. IT Lifecycle Management: Own procurement, provisioning, and recovery of hardware and software licenses. Audit Readiness: Maintain documentation and evidence logs for security certifications. Vendor Management: Manage IT vendors and service providers to ensure quality and cost effectiveness. Process Optimization: Design light touch operational workflows that improve security without hindering engineering teams. Requirements 3+ years of experience in IT Operations, Technical Project Management, or a GRC focused role. Practical understanding of ISO27001; familiarity with DORA is a significant plus. Experience with MDM solutions and a strong technical grounding. High organization, agency, and a "get it done" attitude with the ability to communicate technical requirements to non technical stakeholders. Nice to Haves Experience working in a regulated environment. Project management skills and qualifications within the IT sector. How we support you Competitive salary with regular reviews reflecting impact and performance. Generous stock options that share in Ctrl Alt's growth. 26 days annual leave, birthdays off, and regional bank holidays. Enhanced parental leave. MacBook, screens, and any equipment needed to perform at a high level. Access to salary sacrifice schemes (childcare, groceries, EVs, tech, pensions, bikes, subscriptions). Modern, centrally located offices in London, Belfast, Dundalk, and Dubai. Annual learning and development budget for training, certifications, and qualifications.

About Us Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories, dedicated to uplifting everyone, everywhere by being the best way to pay and be paid. At Visa, you'll have the opportunity to create impact at scale - tackling meaningful challenges, growing your skills and seeing your contributions impact lives around the world. Join Visa and do work that matters - to you, to your community, and to the world. Progress starts with you. Job Description In your role as Information Security GRC Engineering Consultant - Featurespace, you will help us achieve our goals and deliver success on behalf of our customers by: Building systems and frameworks, in line with industry standards, Visa Key Controls and customer expectations, that make compliance continuous, measurable, and low friction, moving Featurespace away from point in time, audit driven assurance toward scalable, repeatable control based implementation. Acting as a hands on, solutions driven GRC engineering consultant, translating regulatory and control requirements (PCI DSS, SOC 2, Visa KCX) into practical, implementable controls within our products, teams and cloud environments. Designing and implementing automation where it adds genuine value, including control validation, evidence collection, workflow orchestration, and compliance telemetry. Leading compliance outcomes through expertise and influence (not direct line management), working cross functionally with the product, engineering and platform teams in Featurespace, and the central Visa Cyber, Risk and Legal teams. Helping Featurespace integrate effectively into Visa's security and compliance ecosystem, ensuring centrally provided capabilities (policies, third party risk, training, tooling) are correctly applied to Featurespace products, services, and delivery models. Providing assurance to our customers by providing appropriate responses to customer RFP questions and customer audits on topics such as cybersecurity, technology operations, and compliance with standards (e.g., PCI DSS, SOC 2). Responsibilities As a company we hire people with a willingness to adapt to a variable role, so along with the key responsibilities below, we ask for ownership of any other duties as required. 1. Control Framework Ownership & Assurance Lead the implementation and ongoing operation of Featurespace's security controls framework, ensuring alignment with Visa Key Controls, PCI DSS, SOC 2, and other applicable regulatory or customer requirements, and ensuring controls are implemented in a manner appropriate to Featurespace products, services, and delivery models. Coordinate and lead Featurespace's annual certification and assurance activities (e.g. PCI DSS, SOC 2), acting as the primary point of integration between Featurespace internal teams, external auditors, and Visa central control functions, and ensuring audit activities are delivered efficiently, accurately, and on time. Ensure all processes are operating effectively and are correctly evidenced, including the maintenance of appropriate documentation, dependency mapping, and traceability to responsible teams and subject matter experts. 2. GRC Engineering, Integration & Automation Translate regulatory, compliance, and control requirements into practical, product aware implementations, working directly with engineering and platform teams to embed controls into architectures, CI/CD pipelines, cloud environments, and operating processes. Design, build, and maintain automation to support compliance activities where it adds demonstrable value, including: control validation and continuous assurance evidence collection, normalisation, and retention workflow orchestration and exception handling metrics, reporting, and compliance visibility Apply engineering judgement to determine what should be automated in the short term, what requires process or architectural maturity or redesign to be effective, and what is not suitable for automation. Ensure Featurespace teams are effectively integrated with Visa's centrally provided security and compliance capabilities, identifying when changes in Featurespace products, architectures, suppliers, customer requirements, or operating models introduce new or materially changed obligations, and ensuring the appropriate Visa processes and assessments are engaged, including: policy and standards frameworks third party risk management processes security architecture assessments security awareness and training programmes legal and commercial contracting risk management and governance tooling 3. Advisory, Enablement & Secure by Design Act as a trusted advisor and subject matter expert to Featurespace engineering, product, commercial, and leadership teams, helping stakeholders understand information security and compliance expectations and how to meet them pragmatically. Drive a secure by design and shift left mindset, ensuring compliance and assurance considerations are addressed early in delivery rather than deferred to audit windows, and facilitating the timely closure of gaps and findings identified through Visa vulnerability management and secure assessment processes. Develop and maintain repeatable patterns, reference implementations, standards, procedures, and guidance that reduce friction for delivery teams while maintaining strong assurance, consulting with and coordinating input from subject matter experts as required. 4. Risk Management, Audit & External Engagement Conduct security risk assessments and business impact analyses, and recommend appropriate control improvements to address identified risks or weaknesses. Provide oversight and assurance of corrective, preventative, or remediation activities, utilising Visa risk management tooling, working with identified application and service owners, and escalating issues at risk of missing deadlines in a timely and effective manner. Represent Information Security with customers, auditors, and internal stakeholders, particularly during assurance windows and customer security engagements. Coordinate and lead responses to customer RFP questions and security audits, ensuring responses are timely, accurate, repeatable, re usable, traceable to responsible SMEs, and supported by appropriate evidence. Support incident response and recovery activities where compliance or control effectiveness is impacted, ensuring appropriate remediation actions are taken and evidenced. Travel periodically as required for customer, company, or relevant events. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

About the role We are looking for a skilled and proactive Cyber GRC (Governance, Risk and Compliance) Manager to strengthen cyber governance, risk and compliance across the Society. You'll take ownership of developing, maintaining and evolving our GRC framework, ensuring it aligns with business strategy, regulatory requirements and industry best practices. In this role, you'll lead cyber risk identification, assessment and mitigation, maintain the cyber risk register, and provide clear, actionable reporting to senior leaders and governance panels. You'll support compliance with legislation such as data protection, PCI DSS and sector specific obligations, and strengthen policies, standards and controls across cyber security, IT governance, business continuity and disaster recovery. You'll plan and deliver risk based IT audits across on premise and cloud systems, conduct application control reviews for core IT systems, track remediation progress and confirm closure of risks. You'll also support external audits, provide cyber and IT subject matter expertise, and help ensure audit and cyber priorities are aligned with the Senior Cyber Security Manager and Cyber Operations Manager. Collaboration is central to this role-you'll act as a trusted advisor to colleagues across the business, translating technical cyber risks into clear business level insight for ELT and governance panels, while building strong cross Society relationships that balance independence with partnership. If you're passionate about cyber governance, risk management and improving organisational resilience, this is a role where you can make a tangible impact. About You You'll be an experienced Cyber GRC professional with a strong background in cyber governance, IT audit or risk management, and a proven ability to assess, manage and reduce technology risk. You'll have solid knowledge of frameworks and standards such as ISO 27001, NIST CSF or COBIT, and experience translating technical risks into clear business insight. You'll also bring: Excellent analytical and problem solving skills, with meticulous attention to detail and accuracy. Strong interpersonal and communication skills, capable of networking effectively with stakeholders at all levels. A collaborative mindset, with experience working across IT, Risk and Compliance functions to embed best practice. A proactive approach to learning, keeping up to date with emerging threats, tools, standards and industry best practices. Strong organisational and time management skills, able to manage multiple priorities and deliver high quality outcomes. Professional certifications such as CISA, CISM, CRISC, CISSP, or ISO 27001 Lead Auditor. You'll thrive in a collaborative, purpose driven environment, supporting teams across the business to strengthen governance, improve cyber resilience and ensure effective risk management across the Society. Benefits 30 days annual leave (including bank holidays) (pro rata) Pension scheme (with up to 12% employer contributions) Generous colleague discount rates across our family of businesses Annual discretionary colleague bonuses to reward you for your hard work We are an "Investors in People - Platinum" employer, meaning that we have been recognised as one of the country's top employers, offering progression opportunities to all our colleagues. We'll give you the opportunity to build the skills necessary to further progress your career and help to open up future opportunities, helping to shape your career for the better. About Us From a single store in 1861 we have grown to be one of the most successful co operatives in the UK. We're proud to be able to offer a wide range of services from across our family of businesses. From Food Stores and Pharmacies to Post Offices and Support Services, we're a growing society made up of over 220 outlets and nearly 3,000 colleagues. We're owned by our members, the people of Lincolnshire and surrounding counties, and have been for more than 160 years. Communities are at the heart of everything we do and motivates us to deliver more than great customer service. We support them by sharing dividend with our members, investing in new and improved services, raising money for charity through our Community Champion scheme, supporting local schools and so much more. We work together as a Society and are committed to ensuring our recruitment process is barrier free and as inclusive as possible for everyone. If you need any adjustments, would like us to do anything differently during the interview or would like to get in touch with us about anything else, please contact our Recruitment team on 533316, or alternatively you can .

12 Month Internship - Information Security General information Entity About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB) Crédit Agricole CIB is the corporate and investment bank of the Crédit Agricole group, the 10th largest banking group in the world . We support major companies and financial institutions in their development and the financing of their projects. As pioneers in responsible finance, social and environmental commitments are at the heart of our activities. Joining our teams means working in a multicultural environment, both dynamic and stimulating, where you will contribute to developing a sustainable economy. We support employees throughout their journey: you will develop your skills and access various mobility opportunities among the diversity of our businesses in more than 30 international locations. Our culture is built on collaboration, innovation and openness, where everyone is valued and empowered. By working every day in the interest of society, Crédit Agricole CIB aligns with the Group values committed to diversity and inclusion and placing people at the heart of all its transformations. All our jobs are open to people with disabilities. We welcome applications from candidates of all backgrounds and experiences. Ready to take part in our mission ? By balance sheet size - The Banker, Juillet 2025 Reference 27 Update date 11/02/2026 Business type Types of Jobs - IT, Digital et Data Job title 12 Month Internship - Information Security Contract type Internship/Trainee Term (in months) 12 Months Job summary Join our Information Security Services (ISS) UK team as an Information Security - GRC Intern, reporting directly to the Head of Information Security GRC Officer. This role is designed for a dynamic, self-motivated individual with a knack for Information Security and a passion for data analytics and automation. You will focus on automating information security controls, optimizing security control processes, and supporting IT risk management initiatives. Key Responsibilities Map existing security controls to the CIS Critical Security Controls framework to identify coverage gaps and prioritize remediation efforts Support the alignment and documentation of security policies and procedures with CIS Controls, ensuring the implementation of foundational safeguards across Implementation Groups Build automated data collection and validation for key Security controls including access re-certifications, reconciliations, and periodic security routines Develop scripts and workflows to eliminate manual, repetitive security tasks Create automated sanity checks and data quality monitoring for security metrics Produce KPIs, dashboards, and detailed reports for the team and business stakeholders Identify automation opportunities within the security controls catalogue Streamline existing manual processes through scripting or workflow automation Measure and report on efficiency gains from automation initiatives Supplementary Information Join our team at Crédit Agricole CIB, the corporate and investment banking arm of 10th largest banking group worldwide in terms of balance sheet size (The Banker, July 2023). We offer more than just a job. You will be part of a dynamic and collaborative work environment where CSR is embraced in our day-to-day business operation, innovation is encouraged and diversity is celebrated. Crédit Agricole CIB, the first French bank to have committed to the Equator Principles, is a pioneer and global leader in sustainable finance. Our commitment to sustainability and corporate responsibility means that your work will have a positive impact on our communities and the environment. With a people-centric culture where everyone is valued, and opportunities for personal and professional growth, Crédit Agricole CIB is not just a place to work - it is where you make an impact. Our hiring process is open to all and should you have any particular needs or you may require adjustments, please let us know. Geographical area Europe, United Kingdom City London Education Bachelor Degree / BSc Degree or equivalent Must have graduated in the past 18 months with a minimum of a 2:1 or equivalent Experience SQL and database querying capabilities Required skills Strong analytical and problem-solving mindset with an automation-first thinking approach Ability to work independently within established guidelines and procedures Excellent interpersonal and communication skills, including tact and diplomacy Ability to build effective working relations with users and colleagues Ability to deliver various tasks within tight deadlines Good knowledge of cybersecurity risks and data analytics tools Technical skills required Advanced proficiency in Excel, VBA, and Power BI Working knowledge of automation tools such as Power Automate, Python, and PowerShell

Natter harnesses the power of AI and video to give everyone a voice. In early April 2026, Natter announced its Series A. $23M raised to define the enterprise conversation intelligence category. Natter is already being used by some of the world's largest companies including ServiceNow, Accenture, Philip Morris, Lego, PwC, Mondelez, Cox Enterprises, SAP, Miro, Deloitte, Synopsys and many more. Natter's conversational AI platform allows tens of thousands of users to simultaneously share ideas and feedback through real-time video conversations. Its uniquely scalable tech allows anyone with a smartphone to, literally, have a say on the most important decisions - ranging from workplace strategy to new product offerings. We partner with some of the world's largest and most complex enterprises (Fortune 500 and equivalent), and are currently growing our team from 30 to 60 employees. Location Hybrid: London based, with flexible, fluid work options that support in-person collaboration where it makes sense. We're committed to building a diverse team and welcome people from all backgrounds to apply. If you're excited about this role and our mission but aren't sure you meet every qualification, reach out anyway. You may be just the right candidate. The Opportunity We're seeking a hands on Security Engineer with 4-8 years of experience in high growth, cloud native environments to help us enhance and implement security across our tech landscape including web application, cloud infrastructure and endpoints, working alongside our customers, and promote a security first culture as we scale. As our first dedicated security engineering specialist, you'll work both operationally and strategically, partnering closely with our Information Security & Risk Management Lead and collaborating cross functionally with engineering, product, and other teams. You'll own the technical aspects of security, implement and harden controls, manage threats, respond to incidents, elevate our security posture, ensure a security first culture and drive strategic improvements and projects as we scale. You'll also collaborate with our Solutions Engineering Lead on enterprise onboarding, helping customers navigate security, identity, networking, and compliance requirements during technical validation and rollout. Responsibilities As a Security Engineer at Natter, you'll: Conduct security assessments, threat hunts, code and logs reviews, and penetration testing to identify vulnerabilities in our applications, and drive continuous monitoring improvements. Design, implement, optimize, and monitor security controls and tooling from the ground up, strengthening security across endpoints, infrastructure, and application CI/CD pipelines. Collaborate with engineering teams to raise the security bar through reviews, guidance, and automation. Respond to security incidents in real time - manage containment, remediation, forensics, and root cause analysis. Also participate in tabletop exercises, incident simulations, and coordinate external penetration tests. Partner with Solutions Engineering to support enterprise customer onboarding, including SSO integrations (SAML/OIDC), network allowlisting, and security reviews. Join customer facing technical and security discussions where needed, acting as a trusted security point of contact. Risk Management: support the Information Security & Risk Management Lead with vendor security assessments to evaluate third party risk, and ensure Natter meets its present and future regulatory and certification requirements (GDPR, ISO 27001, ISO 42001 etc.). Stay current on emerging threats, vulnerabilities and technologies, and contribute to company wide security awareness initiatives. What You Can Expect Modern cloud native stack with the opportunity to influence tooling and architecture. Immediate impact by choosing and deploying new tooling to enable a fast growing business. Customer facing impact - help unlock enterprise deals and accelerate adoption by reinforcing trust, compliance, and smooth technical onboarding. Security as a sales lever, not a cost. Autonomy and collaboration - the opportunity to focus on coding/programming and implementation, but also collaborating cross functionally with other teams such as solutions engineering, product, and GTM. Growth potential - opportunity to define our security architecture to ensure resilience and security, including HA and ZTNA in a growing global business. You'll work with people who are passionate about what they do, supported by leaders who are empowering, supportive and inclusive. We'd love to hear from you if you have 4-8 years in cybersecurity or technical security or solutions engineering roles. Hands on experience deploying and managing security tooling - such as EDR, IAM, MDM, SIEM, ZTNA, or vulnerability scanners, and enjoy solving problems at the implementation level. Strong communication skills and comfortable communicating technical security concepts to non-security stakeholders. Working knowledge of networking, Windows/macOS, and security protocols. Experience with security reporting and compliance tools. Cloud security knowledge (we use AWS). Proficient in programming languages e.g. Typescript, Python, Bash, or similar. Strong skills in log analysis, threat investigation, and incident response. A proactive and solution oriented mindset, with a bias for action. Desirable It would be a bonus if you have expertise in, or a desire to gain experience in, one or more of the following (note that candidates are not expected to have comprehensive knowledge in all areas) Hands on experience with AWS and AWS security services (CloudTrail, GuardDuty, WAF, IAM, Security Hub). Experience supporting enterprise customers during technical onboarding or security validation. DAST/SAST tooling and IaC security expertise. Knowledge of Kubernetes and container security. Identity & Access Management experience (e.g. Google, Okta). Experience with JVM languages, Terraform/IaC, CDK, or React. Familiarity with GDPR, ISO 27001, SOC 2, EU AI Act/LLMs. Experience delivering audits or using GRC tools (e.g. Drata, Vanta) Interest in AI and/or knowledge of AI security risks and frameworks (e.g. ISO 42001). Security qualifications or certifications.

At Jacobs, we're challenging today to reinvent tomorrow by solving the world's most critical problems for thriving cities, resilient environments, mission critical outcomes, operational advancement, scientific discovery and cutting edge manufacturing, turning abstract ideas into realities that transform the world for good. Your impact: As a highly experienced Cyber professional, you'll operate across the full lifecycle of IT security engineering - shaping strategy, defining solutions, and rolling up your sleeves to deliver them, being both hands on & a trusted advisor, blending theory, governance, threat hunting and practical delivery into one. To support our success and growth a number of new roles have been created throughout the UK. From early design through to live operations, you'll lead and influence security decisions that matter, with a remit that will include: Responsibilities Design, integration, and security testing of cybersecurity solutions, response, recovery & vulnerability plans. Act as design authority for secure system lifecycles, access control, authentication, encryption, backup, disaster recovery, and incident response. Develop cybersecurity assessment methodologies, identifying security requirements for auditing, monitoring and compliance. Develop and implement robust security risk management processes in collaboration with clients and regulatory authorities. Conduct security reviews, threat & technical assessment, audits and gap analysis. Contribute subject matter expert input to business development activities, proposals etc. Maintain up to date knowledge of relevant IT security standards, regulations, and emerging threats. Qualifications Demonstrable experience in IT cybersecurity ideally within CNI or industrial/operational environments. Strong understanding of IT technologies used across CNI sectors (servers, container services, networking, cloud, hosting, storage and security appliances). Experience with security engineering technologies (endpoint protection, firewalls, IPS, API). Understanding of cybersecurity, I.T security services provided in enterprise & their inter relationships (security architecture, GRC, SOC, analyst & forensic services). Understanding of cloud edge connectivity and security, including security baseline considerations for hybrid & multi cloud environments. Familiar with implementing and working with standards and frameworks (IEC 62443, NIST CSF, ISO 27000 series, MITRE ATT&CK, GDPR, NCSC CAF and NIS/NIS2 regulations). Ability to explain threat based and risk informed security considerations in clear business terms. NM1 As a disability confident employer, we will interview disabled candidates who best meet the criteria. We welcome applications from candidates who are seeking flexible working and from those who may not meet all the listed requirements for a role.

About The Role We are seeking an Information Security & Compliance Officer to support and strengthen our organisation's security and compliance posture. This role is responsible for coordinating security activities across the business, supporting compliance initiatives, managing third party risk, and acting as the internal liaison with our outsourced Security Operations Centre (SOC) and Virtual CISO. The successful candidate will help implement security governance, risk management, and compliance frameworks while ensuring security best practices are embedded across the organisation. This role is ideal for someone with experience in security operations, governance, risk, and compliance (GRC) who enjoys working across teams to improve organisational security maturity. Key Responsibilities Security Operations Oversight Act as the primary internal liaison with the outsourced SOC provider Monitor and coordinate responses to alerts generated through Microsoft Sentinel and Microsoft Defender Support incident response coordination and internal communications Track remediation of security vulnerabilities and incidents Governance, Risk & Compliance Support the implementation and maintenance of security frameworks such as: ISO 27001 Cyber Essentials Plus NIST / CIS frameworks Maintain and develop security policies, standards, and procedures Conduct risk assessments and track remediation actions Coordinate internal and external security audits Coordinate with other governance teams to ensure alignment around key initiatives Third Party Risk Management (TPRM) Lead the rollout and ongoing management of a Third Party Risk Management programme Perform vendor security assessments and due diligence Maintain vendor risk registers and track remediation activities Work with procurement and legal teams to embed security requirements into supplier onboarding Security Governance & Awareness Support security awareness and training initiatives across the organisation Work with IT and engineering teams to ensure security best practices are followed Maintain risk registers and compliance documentation Provide reporting and metrics on security posture to leadership Security Projects & Initiatives Support compliance initiatives and security improvement programmes Work with the virtual CISO to implement strategic security improvements Assist with policy development and control implementation Help coordinate vulnerability management and remediation programmes Provide input into client security questionnaires and audits where appropriate About You Skills & Experience 3-5 years experience in information security, IT security, or compliance Understanding of security governance, risk, and compliance (GRC) Experience with Microsoft security tooling (Sentinel, Defender, or Microsoft Security stack) Familiarity with security frameworks (ISO 27001, NIST, CIS, Cyber Essentials) Experience working with third party vendors or supplier risk assessments Strong communication and stakeholder management skills Ability to translate security requirements into practical business processes Desirable Experience working with outsourced SOC providers Knowledge of Third Party Risk Management (TPRM) programmes Experience supporting ISO 27001 certification or audits Certifications such as: ISO 27001 Lead Implementer / Lead Auditor CISSP CISM Security+ Key Competencies Strong organisational and documentation skills Ability to manage multiple compliance initiatives simultaneously Analytical thinking and risk assessment capability Collaborative approach to working across technical and non technical teams Proactive mindset with a focus on continuous improvement What Success Looks Like Establish a structured Third Party Risk Management programme Improve visibility and reporting of security risks Strengthen security governance processes Develop ISO 27001 implementation roadmap and compliance processes to ensure group compliance can evolve to a recognised standard within the next months. Improve collaboration between internal teams, the SOC provider, and the virtual CISO Equal Opportunity We value diverse talent and welcome applications from everyone - regardless of background. We are an equal opportunity employer and our inclusive culture at PEI is reflected in every stage of the recruitment journey. Please inform us at initial stages of the recruitment process if you require any reasonable adjustments and we can accommodate this. PEI supports flexible working arrangements, and we welcome career returners.

Manager, IT Security (International) Location: United Kingdom Function: IT Reports to: VP, Global Security Infrastructure & Operations The Role We are seeking an experienced Manager, IT Security (International) to play a critical role in protecting our global technology environment from cyber threats. This is a senior, hands on cybersecurity role where you will design, deploy, and operate enterprise grade security systems while acting as a subject matter expert for security, privacy, and emerging technologies such as AI. This is an individual contributor role with accountability for regional IT security outcomes and the work of third party security partners. You will not directly manage employees but will have significant influence across IT Operations, Infrastructure, Applications, and leadership teams. Hain is the company behind many well known household brands, including Ella's Kitchen, Linda McCartney's, Harleys, Sun Pat, Yorkshire Provender, Cully & Sully and many more. This role offers the opportunity to work across a diverse, exciting portfolio of brands within a growing FMCG environment. You will work in a global, multi country enterprise environment, helping define and maintain a consistent, high performing security posture while leading investigations, strengthening defenses, and driving best practices across the organization. What You'll Be Doing Security Operations & Threat Management Deploy, tune and manage enterprise security platforms including SIEM, IDS/IPS, MDR/XDR, CSPM, email security, firewalls, and network security tools Monitor alerts, investigate suspicious activity, and adjust detection logic to reduce false positives and negatives Lead incident response activities including containment, forensic analysis, recovery, and root cause analysis Incident Response & Forensics Perform forensic analysis on network traffic, endpoints, logs, memory and malware samples Investigate and document security breaches and cybersecurity incidents Support breach response, evidence handling, and communications with internal and external stakeholders Security Architecture & Risk Management Participate in security architecture reviews for new systems and projects Support vulnerability assessments, penetration tests, and audits Work with IT teams to remediate vulnerabilities and reduce risk Governance, Compliance & Third-Party Risk Support SOX, GDPR, CCPA and other compliance activities Contribute to third party risk management and vendor due diligence Develop security standards, policies, and best practice documentation Training, Awareness & Resilience Support security awareness training and phishing simulations Participate in disaster recovery and business continuity planning and testing What We're Looking For Required Experience You will meet one of the following: Associate degree + 4 years in Information Security Bachelor's degree + 2 years in Information Security Or 6+ years in a relevant technical security role Preferred Certifications GIAC (GSEC, GCIH, GCED) (ISC) (CISSP, SSCP, CCSP, CGRC, ISSAP, ISSEP, ISSMP) EC Council (CEH, CPENT, CHFI, CND, ECIH, CTIA) CompTIA (Security+, CASP+) Technical & Professional Skills You will bring strong expertise in: SIEM and security monitoring, alert tuning and investigation Incident response and breach management Vulnerability scanning tools (Nessus, Qualys, Rapid7) Security frameworks such as NIST, ISO 27001, COBIT Data protection, DLP, and privacy regulations (GDPR, CCPA, HIPAA) Microsoft 365, SSO, MFA and identity security Windows & Linux systems, networking (TCP/IP), and security infrastructure Digital forensics, evidence handling, and eDiscovery Security awareness training and phishing simulations Understanding and safe use of AI tools and technologies You will also have: Excellent communication skills with technical and non-technical audiences Strong analytical and problem solving ability The ability to stay calm and effective in high pressure situations A passion for staying ahead of evolving cybersecurity threats Working Environment Global, multi country IT environment On call responsibilities including nights, weekends and holidays Occasional international travel Some overtime or adjusted hours may be required How Your Time Will Be Spent 70% - Security operations, incident response, technical projects 20% - Collaboration with IT Operations and Security teams 10% - Planning, documentation, reporting and research Ready to Apply? If this role sounds like it's for you, we'd love to hear from you - apply now and take the next step in your cybersecurity career.

The Role We are looking for a Senior Cybersecurity Consultant to join our Cyber Consultancy team in Belfast. This is a hands on consulting role focused on delivering cybersecurity and information security engagements, with a strong emphasis on ISO27001 implementations, audit readiness, and governance, risk, and compliance (GRC). You will lead client engagements end to end, from initial assessment through to implementation and audit, working closely with client stakeholders to deliver practical, measurable outcomes. What You Will Do Engagement Delivery: Lead new and existing information and cybersecurity engagements. Deliver ISO27001 implementations, from gap assessment through to certification readiness. Deliver cyber incident exercising, including tabletop scenarios and simulations. Audit & Assurance: Lead internal audits aligned to ISO27001. Support clients through external audits and certification processes. Drive remediation activities to close audit findings and strengthen control effectiveness. Risk & Compliance: Conduct risk assessments and support the development of risk treatment plans. Develop and implement policies, standards, and controls aligned to ISO27001. Support clients in embedding effective governance, risk, and compliance practices. Stakeholder Management: Work directly with client stakeholders to manage delivery, expectations, and outcomes. Communicate clearly with both technical and non technical audiences. Manage multiple engagements and priorities effectively. What You Will Bring Essential Minimum 5 years' experience in cyber or information security roles, with a focus on governance, risk, and compliance. Proven experience delivering ISO27001 implementations end to end, including audit readiness. Hands on experience leading internal audits and supporting external audits. Strong, practical knowledge of ISO27001 and ISMS implementation. ISO27001 Lead Auditor certification. Experience in consulting or project based environments, with strong stakeholder management and communication skills. Nice to Have Experience delivering cyber incident exercising. Knowledge of additional frameworks such as: CAF (Cyber Assessment Framework) NIST Cyber Security Framework ISO22301 Lead Auditor certification (Business Continuity). ISO42001 Lead Auditor certification (AI Management Systems). Experience working in regulated or public sector environments. Eligibility for, or holding, UK Security Clearance (SC). Benefits Recognition That Matters: A discretionary annual performance bonus that rewards your impact and contribution to our success. Flexibility Built In: Flexible working arrangements and summer hours, because life isn't 9 to 5, and balance matters. Financial Security: A highly competitive pension scheme with generous employer contributions, private healthcare, and life assurance for peace of mind. Health & Wellbeing: Employee Assistance Programme, mental health support, cycle to work scheme, and regular social events to keep our culture vibrant. Time to Recharge: 35 days holiday, enhanced maternity pay, and family first policies so you can focus on what matters most. Learning Never Stops: From courses to certifications, we'll invest in your development so you can keep growing and shaping what's next. Community & Culture: Opportunities to volunteer, give back, and be part of initiatives that make Instil a truly inclusive and connected workplace.