Sorry, that job is no longer available. Here are some results that may be similar to the job you were looking for.

16 jobs found

Email me jobs like this
Security GRC Manager
Ashdown Group Lincoln, Lincolnshire
Apr 28, 2026
Full time
Cyber Security Governance, Risk and Compliance Manager - Lincolnshire based (hybrid) - Full time permanent role with a large business - Salary circa £60k plus bonus, great pension and more! Were partnering with a well-established, values-driven organisation looking to appoint a Cyber GRC Manager to strengthen governance, risk, and compliance across their technology and cyber landscape click apply for full job details
Senior Business Development Manager (Technology)
Oscar Technology
Apr 27, 2026
Full time
Senior Business Development Manager (CyberSecurity) £65k Base, £60k OTE London We are seeking a driven and commercially minded Business Development Manager to support continued growth within a leading Cybersecurity Consultancy. This is a new business-focused role , where being a hunter is essential . You will be responsible for identifying and securing new opportunities, building a strong pipeline, and managing complex sales cycles from initial engagement through to negotiation, closing, and finalisation of commercial agreements. The successful candidate will be confident engaging with senior (C-suite) stakeholders and developing long-term, strategic client relationships. Working closely with marketing, you will generate and qualify leads, shape strategic opportunities, and represent the organisation at industry events to enhance brand visibility. You will also collaborate with delivery teams to ensure a seamless transition from sale to execution, while contributing to the development of sales materials, campaigns, and event initiatives that support ongoing business growth. Job Title: Senior Business Development Manager Salary: £65K Base. £60k OTE Location: London Work Pattern: Hybrid, 2 days in the office. UK Travel expected up to 50% away from work location. Key Responsibilities: Generate and win new business opportunities, building a strong, self-sufficient pipeline Own the full sales cycle from prospecting through to negotiation and close Build trusted relationships with C-suite and senior stakeholders Close high-value cybersecurity engagements (GRC, Gap Analysis, Pen Testing, Red Teaming, AI Governance, vCISO) Work with marketing to drive leads, campaigns, and events Represent the business at industry events and networking opportunities Collaborate with technical and delivery teams to ensure smooth project handover and execution Maintain accurate pipeline forecasting and reporting Share market insights and support development of sales materials and go-to-market initiatives Benefits o 22 days annual leave + 3 days between Christmas and New Year o Birthday paid leave o 1 day for charity paid leave o Additional 2 days after 5 years of service o Company sick pay o Life assurance - 4 x your basic annual salary Next Steps: If you are a talented Business Development Manager looking to progress with an organisation that has a fantastic approach to work in a supportive and driven environment, then look no further - this is the role for you! Interviews for this role will be held imminently. To be considered, please send your CV to me now to avoid disappointment. Referrals: If this role isn't right for you, do you know someone that might be interested? You could earn £500 of retail vouchers if you refer a successful candidate to Oscar Email: to recommend someone. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Cyber Risk Manager
University of Surrey Guildford, Surrey
Apr 27, 2026
Full time
The University of Surrey is a global community of ideas and people, dedicated to life-changing education and research. We are recruiting a Cyber Risk & Assurance Manager to provide a focal point for Information Security Assurance, providing guidance and support to colleagues within IT Services and across the business. As a senior risk professional, you will be leading on information security assurance, working with other security disciplines, technical teams and architects to overlay good practice and security controls in support of business activities. Using your business acumen, you will apply appropriate risk analysis principles to support the University mission. What you'll be doing: Working with the Cyber Security leadership team to develop the University's security and compliance frameworks, maintaining and developing accreditation for IT Services' service catalogue Managing the PCI-DSS certification process, supporting all faculties / departments to ensure that their payment solutions are compliant Managing the annual certification activities associated with NHS DSP Toolkit Managing the annual certification activities associated with Cyber Essentials+ Operating and continuously improving the cyber risk registers and management information, supporting the successful communication of business risk within the institutional risk framework and University committee structure Provide product ownership for GRC tooling What you'll have: Substantial vocational and relevant management experience, and success in similar or related roles, supported by evidence of significant appropriate specialist knowledge Experience of administering vendor risk management processes, and prior experience of risk assessment Experience of working with external parties in relation to their specific information security assurance requirements, such as NHS England (NHS DSP Toolkit); ONS (ONS Secure Research Service) Experience of developing workflows in support of information governance and information security assurance; particularly any service development involving GRC processes and tooling (such as OneTrust) Appropriate IT Security/risk certifications (such as one or more of: CISSP, CISA, CISM, CRISC) Ability to work flexibly, including working outside of regular office hours upon occasion where incidents arise What we can offer In addition to a competitive salary you will receive 25 days annual leave, with 8 additional days for Bank Holidays and 7 for University closure days. We offer a generous pension, flexible working options, access to world-class leisure facilities, a range of travel schemes, and supportive family friendly benefits including an excellent on-site nursery. How to apply To apply, please upload your CV and a cover letter to the university website. Informal enquiries should be directed to David Iveson via Interviews will be held 26th May. Please note, we are not looking for any external agency support on this role at this time. The University of Surrey is committed to providing an inclusive environment that offers equal opportunities for all. We value everyone in our community and are seeking to increase the diversity. Therefore, we particularly encourage applications from under-represented groups, such as people from Black, Asian and minority ethnic groups and people with disabilities. Further details Job Description
IT Security Assurance Manager
Hays Technology Bristol, Gloucestershire
Apr 25, 2026
Full time
IT Security Assurance Manager Permanent - 40k - 43.5k + strong benefits Location: Hybrid - Bristol Your new company: I am looking to recruit an IT Security Assurance Manager to join a great public sector organisation. You'll join a forward-thinking organisation with a national footprint and a user base exceeding 2,000 people. With ambitious plans for IT Security transformation, this is a fantastic opportunity to be part of a dynamic and evolving team. The organisation is investing in its IT and Security function and is a great place to work. The role responsibilities: This is an interesting opportunity to join a great organisation at a key time when they are investing in and transforming their IT and Security estate. You will be supporting the IT Security and GRC Manager with IT Security Assurance tasks. Key parts of the role include: Overseeing audit assessment, assurance and remedial/improvement actions. Leading liaison activities to drive awareness and collaborative improvement workstreams. Leading efforts to attain and work to industry frameworks, standards and best practice. Help drive forward security standards and capabilities, You will need: Strong demonstrable experience of IT and cyber governance, compliance, risk, and security within enterprise IT environments. Experience communicating with stakeholders at all levels. Experience leading or contributing to the response and resolution of IT/cyber security incidents, including investigation, remediation, assurance, continuous improvement. Able to manage sensitive and challenging situations with discretion, fairness, empathy. Good experience in all aspects of IT/Cybersecurity and technology audit, assessment, assurance, and compliance. The ability to write fluently, accurately and concisely with clarity and authority. Proven abilities documenting and presenting concise reports, explaining complex information to varied audiences. What you'll get in return: Salary of between 40k- 43.5k 25 days annual leave + bank holidays - additional day for each year of service (up to 30 days) Hybrid working 2 days in Bristol per week (or other office in UK, but still once a month in Bristol) Strong civil service pension (27%) And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Security GRC Manager
Ashdown Group
Apr 24, 2026
Full time
Cyber Security Governance, Risk and Compliance Manager - Lincolnshire based (hybrid) - Full time permanent role with a large business - Salary circa £60k plus bonus, great pension and more! We're partnering with a well-established, values-driven organisation looking to appoint a Cyber GRC Manager to strengthen governance, risk, and compliance across their technology and cyber landscape. This is a key role where you'll help shape and embed best-practice frameworks, ensuring the business remains secure, compliant, and resilient in an evolving threat environment. The Role You'll take ownership of cyber governance and risk management, working closely with senior stakeholders to identify, assess, and mitigate risk while ensuring alignment with regulatory requirements and industry standards. Key Responsibilities Leading cyber risk management activities, including maintaining risk registers Supporting governance frameworks, policies, and controls Delivering risk-based audits across IT and cyber environments Collaborating with internal teams and external partners Providing clear reporting and insight to senior stakeholders About You Experience within cyber GRC, IT audit, or risk management Strong understanding of frameworks such as ISO 27001, NIST, or similar Confident communicator, able to translate technical risks into business impact Proactive and detail-oriented, with a collaborative approach
IT Risk and Control Manager
SSE plc Reading, Berkshire
Apr 23, 2026
Full time
Base Location: You'll be expected to spend 50% of your working week in one of the following locations: Reading, Havant, Glasgow or Perth. Salary: £50,100 - £75,100 + performance-related bonus and a range of benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available. The Role The IT Risk and Controls Manager, within the Service Operations and Delivery team, assists with the implementation and ongoing development of IT risk and control procedures throughout the SIAM ecosystem. With a focus on proactive risk management and operational resilience, the role collaborates closely with IT stakeholders, service delivery teams, and providers to identify, communicate, and address compliance challenges, ensuring operational risks are effectively managed within the organisation's risk appetite. This role evaluates the effectiveness of IT controls, verifies adherence to established standards and requirements, and provides critical information to support the Service Leadership team in informed decision-making. In addition, this position drives the seamless integration of controls into operational processes and services, works in partnership with the Governance Risk and Compliance (GRC) team, and builds strong relationships with IT Partners, Business Units, and service providers to foster a culture of continual improvement and operational resilience. You Will Ensure IT systems and operational processes comply with relevant regulations and industry standards and conduct regular and thorough IT risk assessments in collaboration with cross-functional teams to identify potential compliance gaps and areas for improvement. Drive operational resilience initiatives by ensuring IT systems and services are robust, recoverable, and capable of withstanding disruptions. Support the business continuity and disaster recovery (BC/DR) planning and testing processes from an IT risk and controls perspective, ensuring that appropriate measures and controls are in place, regularly reviewed, and improved to minimise the impact of incidents on business operations. Manage the Group Technology Services (GTS) Operational Risk Register by diligently tracking operational risks, embedding appropriate controls within business processes, and providing regular updates on risk status. Reporting on IT risk and control matters, including emerging issues and outstanding actions, directly to Risk Boards and Committees to facilitate informed decision making. Consult closely with Cyber Risk and Information Security teams to align strategies, share insights, and ensure a unified approach to managing IT risks and collaborate effectively with the 2LOD GRC Team and engage with GTS stakeholders to drive a culture of compliance and strengthen overall governance structures. Coordinate activities with audit teams to systematically review and evaluate IT controls and processes, addressing any identified weaknesses or instances of non compliance. You Have Experience of delivering IT risk, compliance or assurance activities including operational resilience. Good knowledge of IT governance frameworks such as COBIT 5, ITIL, ISO 31000, 27005, 38500 and their interactions. Experience of designing or reviewing IT processes and their controls and performing risk assessments. Working knowledge of IT and operational risk, IT and enterprise architecture, IT strategy and IT outsourcing, service management, and delivery. Proficiency in communicating and collaborating with both internal and external stakeholders. About SSE SSE's purpose is to provide energy needed today while building a better world of energy for tomorrow. We do this by developing, building, operating and investing in electricity infrastructure and businesses needed in the energy transition. Our Transforming for Growth investment plan sees us investing £33 bn in critical electricity infrastructure across the five years to 2030. Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day to day support in emerging technologies, data and analytics, cyber security and more. Flexible benefits to fit your life Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. Generous family entitlements such as maternity and adoption pay, and paternity leave. Work with an equal opportunity employer SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact / to discuss how we can support you. We're dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
IT Risk and Control Manager
SSE plc Havant, Hampshire
Apr 23, 2026
Full time
Base Location: You'll be expected to spend 50% of your working week in one of the following locations: Reading, Havant, Glasgow or Perth. Salary: £50,100 - £75,100 + performance-related bonus and a range of benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available. The Role The IT Risk and Controls Manager, within the Service Operations and Delivery team, assists with the implementation and ongoing development of IT risk and control procedures throughout the SIAM ecosystem. With a focus on proactive risk management and operational resilience, the role collaborates closely with IT stakeholders, service delivery teams, and providers to identify, communicate, and address compliance challenges, ensuring operational risks are effectively managed within the organisation's risk appetite. This role evaluates the effectiveness of IT controls, verifies adherence to established standards and requirements, and provides critical information to support the Service Leadership team in informed decision-making. In addition, this position drives the seamless integration of controls into operational processes and services, works in partnership with the Governance Risk and Compliance (GRC) team, and builds strong relationships with IT Partners, Business Units, and service providers to foster a culture of continual improvement and operational resilience. You Will Ensure IT systems and operational processes comply with relevant regulations and industry standards and conduct regular and thorough IT risk assessments in collaboration with cross-functional teams to identify potential compliance gaps and areas for improvement. Drive operational resilience initiatives by ensuring IT systems and services are robust, recoverable, and capable of withstanding disruptions. Support the business continuity and disaster recovery (BC/DR) planning and testing processes from an IT risk and controls perspective, ensuring that appropriate measures and controls are in place, regularly reviewed, and improved to minimise the impact of incidents on business operations. Manage the Group Technology Services (GTS) Operational Risk Register by diligently tracking operational risks, embedding appropriate controls within business processes, and providing regular updates on risk status. Reporting on IT risk and control matters, including emerging issues and outstanding actions, directly to Risk Boards and Committees to facilitate informed decision making. Consult closely with Cyber Risk and Information Security teams to align strategies, share insights, and ensure a unified approach to managing IT risks and collaborate effectively with the 2LOD GRC Team and engage with GTS stakeholders to drive a culture of compliance and strengthen overall governance structures. Coordinate activities with audit teams to systematically review and evaluate IT controls and processes, addressing any identified weaknesses or instances of non compliance. You Have Experience of delivering IT risk, compliance or assurance activities including operational resilience. Good knowledge of IT governance frameworks such as COBIT 5, ITIL, ISO 31000, 27005, 38500 and their interactions. Experience of designing or reviewing IT processes and their controls and performing risk assessments. Working knowledge of IT and operational risk, IT and enterprise architecture, IT strategy and IT outsourcing, service management, and delivery. Proficiency in communicating and collaborating with both internal and external stakeholders. About SSE SSE's purpose is to provide energy needed today while building a better world of energy for tomorrow. We do this by developing, building, operating and investing in electricity infrastructure and businesses needed in the energy transition. Our Transforming for Growth investment plan sees us investing £33 bn in critical electricity infrastructure across the five years to 2030. Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day to day support in emerging technologies, data and analytics, cyber security and more. Flexible benefits to fit your life Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. Generous family entitlements such as maternity and adoption pay, and paternity leave. Work with an equal opportunity employer SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact / to discuss how we can support you. We're dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
IT Risk and Control Manager
SSE plc
Apr 23, 2026
Full time
Base Location: You'll be expected to spend 50% of your working week in one of the following locations: Reading, Havant, Glasgow or Perth. Salary: £50,100 - £75,100 + performance-related bonus and a range of benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available. The Role The IT Risk and Controls Manager, within the Service Operations and Delivery team, assists with the implementation and ongoing development of IT risk and control procedures throughout the SIAM ecosystem. With a focus on proactive risk management and operational resilience, the role collaborates closely with IT stakeholders, service delivery teams, and providers to identify, communicate, and address compliance challenges, ensuring operational risks are effectively managed within the organisation's risk appetite. This role evaluates the effectiveness of IT controls, verifies adherence to established standards and requirements, and provides critical information to support the Service Leadership team in informed decision-making. In addition, this position drives the seamless integration of controls into operational processes and services, works in partnership with the Governance Risk and Compliance (GRC) team, and builds strong relationships with IT Partners, Business Units, and service providers to foster a culture of continual improvement and operational resilience. You Will Ensure IT systems and operational processes comply with relevant regulations and industry standards and conduct regular and thorough IT risk assessments in collaboration with cross-functional teams to identify potential compliance gaps and areas for improvement. Drive operational resilience initiatives by ensuring IT systems and services are robust, recoverable, and capable of withstanding disruptions. Support the business continuity and disaster recovery (BC/DR) planning and testing processes from an IT risk and controls perspective, ensuring that appropriate measures and controls are in place, regularly reviewed, and improved to minimise the impact of incidents on business operations. Manage the Group Technology Services (GTS) Operational Risk Register by diligently tracking operational risks, embedding appropriate controls within business processes, and providing regular updates on risk status. Reporting on IT risk and control matters, including emerging issues and outstanding actions, directly to Risk Boards and Committees to facilitate informed decision making. Consult closely with Cyber Risk and Information Security teams to align strategies, share insights, and ensure a unified approach to managing IT risks and collaborate effectively with the 2LOD GRC Team and engage with GTS stakeholders to drive a culture of compliance and strengthen overall governance structures. Coordinate activities with audit teams to systematically review and evaluate IT controls and processes, addressing any identified weaknesses or instances of non compliance. You Have Experience of delivering IT risk, compliance or assurance activities including operational resilience. Good knowledge of IT governance frameworks such as COBIT 5, ITIL, ISO 31000, 27005, 38500 and their interactions. Experience of designing or reviewing IT processes and their controls and performing risk assessments. Working knowledge of IT and operational risk, IT and enterprise architecture, IT strategy and IT outsourcing, service management, and delivery. Proficiency in communicating and collaborating with both internal and external stakeholders. About SSE SSE's purpose is to provide energy needed today while building a better world of energy for tomorrow. We do this by developing, building, operating and investing in electricity infrastructure and businesses needed in the energy transition. Our Transforming for Growth investment plan sees us investing £33 bn in critical electricity infrastructure across the five years to 2030. Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day to day support in emerging technologies, data and analytics, cyber security and more. Flexible benefits to fit your life Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. Generous family entitlements such as maternity and adoption pay, and paternity leave. Work with an equal opportunity employer SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact / to discuss how we can support you. We're dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
IT Risk and Control Manager
SSE plc Perth, Perth & Kinross
Apr 22, 2026
Full time
Base Location: You'll be expected to spend 50% of your working week in one of the following locations: Reading, Havant, Glasgow or Perth. Salary: £50,100 - £75,100 + performance-related bonus and a range of benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available. The Role The IT Risk and Controls Manager, within the Service Operations and Delivery team, assists with the implementation and ongoing development of IT risk and control procedures throughout the SIAM ecosystem. With a focus on proactive risk management and operational resilience, the role collaborates closely with IT stakeholders, service delivery teams, and providers to identify, communicate, and address compliance challenges, ensuring operational risks are effectively managed within the organisation's risk appetite. This role evaluates the effectiveness of IT controls, verifies adherence to established standards and requirements, and provides critical information to support the Service Leadership team in informed decision-making. In addition, this position drives the seamless integration of controls into operational processes and services, works in partnership with the Governance Risk and Compliance (GRC) team, and builds strong relationships with IT Partners, Business Units, and service providers to foster a culture of continual improvement and operational resilience. You Will Ensure IT systems and operational processes comply with relevant regulations and industry standards and conduct regular and thorough IT risk assessments in collaboration with cross-functional teams to identify potential compliance gaps and areas for improvement. Drive operational resilience initiatives by ensuring IT systems and services are robust, recoverable, and capable of withstanding disruptions. Support the business continuity and disaster recovery (BC/DR) planning and testing processes from an IT risk and controls perspective, ensuring that appropriate measures and controls are in place, regularly reviewed, and improved to minimise the impact of incidents on business operations. Manage the Group Technology Services (GTS) Operational Risk Register by diligently tracking operational risks, embedding appropriate controls within business processes, and providing regular updates on risk status. Reporting on IT risk and control matters, including emerging issues and outstanding actions, directly to Risk Boards and Committees to facilitate informed decision making. Consult closely with Cyber Risk and Information Security teams to align strategies, share insights, and ensure a unified approach to managing IT risks and collaborate effectively with the 2LOD GRC Team and engage with GTS stakeholders to drive a culture of compliance and strengthen overall governance structures. Coordinate activities with audit teams to systematically review and evaluate IT controls and processes, addressing any identified weaknesses or instances of non compliance. You Have Experience of delivering IT risk, compliance or assurance activities including operational resilience. Good knowledge of IT governance frameworks such as COBIT 5, ITIL, ISO 31000, 27005, 38500 and their interactions. Experience of designing or reviewing IT processes and their controls and performing risk assessments. Working knowledge of IT and operational risk, IT and enterprise architecture, IT strategy and IT outsourcing, service management, and delivery. Proficiency in communicating and collaborating with both internal and external stakeholders. About SSE SSE's purpose is to provide energy needed today while building a better world of energy for tomorrow. We do this by developing, building, operating and investing in electricity infrastructure and businesses needed in the energy transition. Our Transforming for Growth investment plan sees us investing £33 bn in critical electricity infrastructure across the five years to 2030. Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day to day support in emerging technologies, data and analytics, cyber security and more. Flexible benefits to fit your life Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. Generous family entitlements such as maternity and adoption pay, and paternity leave. Work with an equal opportunity employer SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact / to discuss how we can support you. We're dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
Supplier Security Assurance Manager (SC Cleared)
Computappoint
Oct 08, 2025
Contractor
Supplier Security Assurance Manager (SC Cleared) Employment Type : Contract Day Rate: £550 to £580 p/d Inside IR35 (based on candidate experience) IR35 Status : Inside IR35 Contract Length: 6-months (likely to extend indefinitely) Hybrid Model (Subject to customer requirement): Mostly remote, may occasionally require 1-2 days per week on-site in London office, as well as attendance to client sites for audits/essential meetings etc. Office/Customer Locations: Office locations are spread throughout the country (mostly London, occasionally Leeds, Manchester, Newcastle). Travel to Customer Sites: Expensed by client. Security Clearance : Active SC Clearance (Essential) About the Client and Role: My client, a leading Cyber Security Services provider that specialise in supporting security services to the public sector, such as Police, Government & Defence, is seeking a Supplier Security Assurance Manager to lend their expertise of Security Supplier Assurance. The candidate will be expected to support the delivery of the Supplier Security Assurance process throughout all stages of procurement/contract interactions. Responsibilities will include identifying risks, reporting, security reviews & auditing and ensuring minimum security standards are consistently met. Security Clearance: Active SC is essential Highly Desirable: Experience in Central Government/providing services to government departments Main Responsibilities: Auditing of suppliers for security purposes. Candidates must have outstanding skill producing clear and well documented audits. Ensure security due diligence is conducted on all bid applications as part of the procurement process. Identify physical, personnel and information security risks and/or vulnerabilities and report these prior to contract award. Work with business to provide suppliers with early insight into the mandatory minimums security requirements expected of them during the life of a contract. Supporting and ensuring consistency in approach for the delivery of Supplier Security Assurance across Commercial Directorate Conduct on-going assurance activities post contract award to ensure supplier maintain compliance with minimum security requirements. Conduct on-site supplier security assessments/reports/audits Desirable Certifications: Certified Cyber Professional (CCP) Security Information Risk Advisor (SIRA) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certification in Information Security Management Principles (CISMP) Governance Risk & Compliance Professional (GRCP) ISO27001 Lead Auditor
Information Security Assurance & Cyber Specialist
Proactive Appointments
Oct 02, 2025
Full time
Information Security Assurance & Cyber Specialist - Hybrid Our client is urgently looking for an experienced Information Security Assurance & Cyber Specialist to join their team based in London on a permanent basis. Please note, the role is hybrid, with 2-4 days per week on-site. You will assist the Cyber & Information Security Specialist in ensuring our firm adheres to governance and assurance obligations, such as ISO 27001:22. You will also collaborate closely with the Information Security Technology Manager to safeguard the company using the latest and most advanced security tools. This multifaceted role combines security governance and assurance with hands-on technical skills, utilising state-of-the-art security products to proactively protect the firm and its valuable assets. Your organisational skills and responsiveness will be crucial, as you will need to maintain a keen eye for detail and adapt to a flexible work schedule with shifting priorities. A positive, can-do attitude is essential as you tackle various tasks with enthusiasm and diligence. You will be rewarded with an excellent salary, as well as a brilliant benefits package including discretionary bonus, annual leave, pension scheme, private medical cover, life assurance, season ticket loan, cycle to work scheme, discounted gym membership and many, many more perks! Information Security Assurance & Cyber Specialist - Key Skills: Highly experienced in information security governance, risk management, and compliance. Demonstrated experience with developing and implementing information security policies, procedures, and standards. Experience with SOC 2, ISO 27001, NIST 800-53 and GDPR compliance frameworks is highly preferred. Strong understanding of security risk management principles and methodologies. Excellent communication, collaboration, and interpersonal skills. Ability to work independently and as part of a team. Proficient in Microsoft Office Suite and security information management tools. Experience with security awareness and training programs. Experience with GRC (Governance, Risk, and Compliance) tools. Certified Information Systems Security Professional (CISSP) or equivalent certification. Information Security Assurance & Cyber Specialist - Hybrid Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Senior Cyber Security Risk Specialist
UK Power Networks (Operations) Ltd
Sep 23, 2025
Full time
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025