Information Security Analyst - ISO 27001, SOC2, PCI DSS Audit & Compliance - Large Government Projects London Hybrid. Full-Time Permanent 80,000 - 90,000 plus bonus & benefits We're working with a global leader in workforce management solutions to find a certified Information Security Analyst well versed in ISO Audit & Compliance. You'll join a talented team and contribute towards delivering compliance with leading security frameworks, preparing for and conducting audits, and contributing to security operations. You'll be joining a collaborative, ambitious team delivering GRC initiatives across large government projects. The Role Lead and conduct internal audits across ISO 27001, GDPR, DORA, Cyber Essentials & more. Prepare teams for external audits and manage the audit process end-to-end. Monitor changes in compliance frameworks and maintain alignment. Support the Cyber Security Operations Centre (CSOC) in incident monitoring and response. Develop and maintain policies, procedures, and security documentation. Collaborate with IT & Security teams to identify and remediate vulnerabilities. What We're Looking For Strong knowledge of audit & compliance frameworks (ISO 27001, Cyber Essentials, GDPR, DORA). Experience with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience with internal/external audits and compliance assessments. Relevant security/audit certifications (CISA, CISM, CISSP, ISO 27001 Lead Auditor, Cyber Essentials Assessor, or equivalent). Eligible for UK Security Clearance. This is a great opportunity to work with Hit apply to upload your CV Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Jun 22, 2026
Full time
Information Security Analyst - ISO 27001, SOC2, PCI DSS Audit & Compliance - Large Government Projects London Hybrid. Full-Time Permanent 80,000 - 90,000 plus bonus & benefits We're working with a global leader in workforce management solutions to find a certified Information Security Analyst well versed in ISO Audit & Compliance. You'll join a talented team and contribute towards delivering compliance with leading security frameworks, preparing for and conducting audits, and contributing to security operations. You'll be joining a collaborative, ambitious team delivering GRC initiatives across large government projects. The Role Lead and conduct internal audits across ISO 27001, GDPR, DORA, Cyber Essentials & more. Prepare teams for external audits and manage the audit process end-to-end. Monitor changes in compliance frameworks and maintain alignment. Support the Cyber Security Operations Centre (CSOC) in incident monitoring and response. Develop and maintain policies, procedures, and security documentation. Collaborate with IT & Security teams to identify and remediate vulnerabilities. What We're Looking For Strong knowledge of audit & compliance frameworks (ISO 27001, Cyber Essentials, GDPR, DORA). Experience with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience with internal/external audits and compliance assessments. Relevant security/audit certifications (CISA, CISM, CISSP, ISO 27001 Lead Auditor, Cyber Essentials Assessor, or equivalent). Eligible for UK Security Clearance. This is a great opportunity to work with Hit apply to upload your CV Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Ruleguard have an exciting opportunity for a Solutions Engineer to join the team based in London on a hybrid basis . You will join us on a full-time, permanent contract and in return, you will receive a competitive salary of £100,000 - £120,000 per annum. The Solutions Engineer role: This is a pre-sales and solutions role sitting at the intersection of compliance expertise and technology. You will lead the technical and functional dimension of the sales process, running product demonstrations, shaping solution narratives, and ensuring that what we propose is grounded in industry realities and how the platform actually works. You will work closely with our sales team, providing the compliance depth and platform fluency that turns an interested prospect into a confident buyer. Responsibilities of our Solutions Engineer include: Demonstrations and Pre-Sales Engagement Lead product demonstrations across the full Ruleguard platform, tailoring the narrative to the prospect's regulatory profile, firm type, and priority compliance obligations Prepare thoroughly for each demo, researching the prospect's context and structuring the session around their specific pain points rather than a generic feature walkthrough Handle functional and technical questions during demonstrations with confidence, distinguishing clearly between current platform capability and the product roadmap Work with sales colleagues to plan and sequence the pre-sales process, advising on when and how to deploy demonstrations, proof-of-concept exercises, and follow-up sessions Coach and support sales colleagues through demonstrations where a subject matter lead is not present, providing briefing materials, talk tracks, and objection-handling guidance Configure AI agents using goals, intent, constraints, guardrails and context to demonstrate real efficiencies that this technology can bring to our clients Solution Design and Proposals Translate prospect requirements into clear, well-structured solution design and scoping documents for internal use and client presentation Map client workflows to platform capabilities, identifying where configuration can meet requirements directly, where bespoke approaches are needed, and where gaps exist Contribute to proposal and RFP responses, providing the functional and technical content that underpins the commercial offer Collaborate closely with Product and Engineering teams to surface recurring customer requirements, implementation patterns, and opportunities for product enhancement. Support proof-of-concept and implementation activities, helping clients configure workflows, troubleshoot issues, and optimise operational adoption. Translate complex compliance and operational requirements into scalable platform configurations, workflow logic, governance controls, and solution designs. Work with clients to operationalise Ruleguard within real-world enterprise environments, including integration into internal systems, workflows, data sources, and approval processes. Maintain a working knowledge of how Ruleguard is configured across different client types, using that pattern recognition to sharpen pre-sales conversations Platform Knowledge and Collateral Develop and maintain deep working knowledge of the Ruleguard platform across all solution modules, including regulatory change, policy management, conflicts of interest, personal account trading, gifts and entertainment, and related areas Stay current with regulatory developments relevant to Ruleguard's client base, ensuring that demonstrations and solution narratives reflect the compliance environment prospects are operating in Contribute to the development of demo environments, scenario libraries, and pre-sales collateral, improving the quality and consistency of how the platform is presented to market What we are looking for in our Solutions Engineer: Compliance and Domain Knowledge Prior experience working within or alongside a risk or compliance function in financial services, whether as a compliance analyst, associate, or officer, or in a consulting or advisory role serving compliance teams Solid working knowledge of core compliance disciplines including regulatory change management, conflicts of interest, policy and procedure governance, and employee monitoring Familiarity with the regulatory environment relevant to asset managers, wealth managers, broker-dealers, or similar regulated firms Genuine curiosity about how regulation is evolving and how technology can help compliance teams keep pace Pre-Sales and Client-Facing Skills Confident and credible in front of senior compliance and risk stakeholders, able to lead a conversation rather than present slides Able to read a room, adapt a demonstration in real time, and handle questions without losing the thread of the narrative Clear written communication; produces documentation that is precise, well-organised, and appropriate for a client audience Technical and Analytical Comfortable learning and administering SaaS platforms; picks up new systems quickly and applies that knowledge practically Proficient with data, dashboards, and reporting, and able to work with the outputs of a compliance platform and interpret them for a client audience Comfortable troubleshooting complex SaaS implementations across integrations, workflow configuration, user permissions, and data quality issues. Familiarity with workflow automation, AI-assisted operations, or agentic SaaS concepts, including approval flows, retrieval-driven workflows, permissions, and human-in-the-loop controls. Familiar with AI tools and their application in compliance operations and the broader GRC technology market Organised and methodical; able to manage multiple pre-sales engagements in parallel without losing track of detail or follow-up If you are looking for a new challenge, please click apply now to be considered as our Solutions Engineer - we d love to hear from you!
Jun 19, 2026
Full time
Ruleguard have an exciting opportunity for a Solutions Engineer to join the team based in London on a hybrid basis . You will join us on a full-time, permanent contract and in return, you will receive a competitive salary of £100,000 - £120,000 per annum. The Solutions Engineer role: This is a pre-sales and solutions role sitting at the intersection of compliance expertise and technology. You will lead the technical and functional dimension of the sales process, running product demonstrations, shaping solution narratives, and ensuring that what we propose is grounded in industry realities and how the platform actually works. You will work closely with our sales team, providing the compliance depth and platform fluency that turns an interested prospect into a confident buyer. Responsibilities of our Solutions Engineer include: Demonstrations and Pre-Sales Engagement Lead product demonstrations across the full Ruleguard platform, tailoring the narrative to the prospect's regulatory profile, firm type, and priority compliance obligations Prepare thoroughly for each demo, researching the prospect's context and structuring the session around their specific pain points rather than a generic feature walkthrough Handle functional and technical questions during demonstrations with confidence, distinguishing clearly between current platform capability and the product roadmap Work with sales colleagues to plan and sequence the pre-sales process, advising on when and how to deploy demonstrations, proof-of-concept exercises, and follow-up sessions Coach and support sales colleagues through demonstrations where a subject matter lead is not present, providing briefing materials, talk tracks, and objection-handling guidance Configure AI agents using goals, intent, constraints, guardrails and context to demonstrate real efficiencies that this technology can bring to our clients Solution Design and Proposals Translate prospect requirements into clear, well-structured solution design and scoping documents for internal use and client presentation Map client workflows to platform capabilities, identifying where configuration can meet requirements directly, where bespoke approaches are needed, and where gaps exist Contribute to proposal and RFP responses, providing the functional and technical content that underpins the commercial offer Collaborate closely with Product and Engineering teams to surface recurring customer requirements, implementation patterns, and opportunities for product enhancement. Support proof-of-concept and implementation activities, helping clients configure workflows, troubleshoot issues, and optimise operational adoption. Translate complex compliance and operational requirements into scalable platform configurations, workflow logic, governance controls, and solution designs. Work with clients to operationalise Ruleguard within real-world enterprise environments, including integration into internal systems, workflows, data sources, and approval processes. Maintain a working knowledge of how Ruleguard is configured across different client types, using that pattern recognition to sharpen pre-sales conversations Platform Knowledge and Collateral Develop and maintain deep working knowledge of the Ruleguard platform across all solution modules, including regulatory change, policy management, conflicts of interest, personal account trading, gifts and entertainment, and related areas Stay current with regulatory developments relevant to Ruleguard's client base, ensuring that demonstrations and solution narratives reflect the compliance environment prospects are operating in Contribute to the development of demo environments, scenario libraries, and pre-sales collateral, improving the quality and consistency of how the platform is presented to market What we are looking for in our Solutions Engineer: Compliance and Domain Knowledge Prior experience working within or alongside a risk or compliance function in financial services, whether as a compliance analyst, associate, or officer, or in a consulting or advisory role serving compliance teams Solid working knowledge of core compliance disciplines including regulatory change management, conflicts of interest, policy and procedure governance, and employee monitoring Familiarity with the regulatory environment relevant to asset managers, wealth managers, broker-dealers, or similar regulated firms Genuine curiosity about how regulation is evolving and how technology can help compliance teams keep pace Pre-Sales and Client-Facing Skills Confident and credible in front of senior compliance and risk stakeholders, able to lead a conversation rather than present slides Able to read a room, adapt a demonstration in real time, and handle questions without losing the thread of the narrative Clear written communication; produces documentation that is precise, well-organised, and appropriate for a client audience Technical and Analytical Comfortable learning and administering SaaS platforms; picks up new systems quickly and applies that knowledge practically Proficient with data, dashboards, and reporting, and able to work with the outputs of a compliance platform and interpret them for a client audience Comfortable troubleshooting complex SaaS implementations across integrations, workflow configuration, user permissions, and data quality issues. Familiarity with workflow automation, AI-assisted operations, or agentic SaaS concepts, including approval flows, retrieval-driven workflows, permissions, and human-in-the-loop controls. Familiar with AI tools and their application in compliance operations and the broader GRC technology market Organised and methodical; able to manage multiple pre-sales engagements in parallel without losing track of detail or follow-up If you are looking for a new challenge, please click apply now to be considered as our Solutions Engineer - we d love to hear from you!
Solus Accident Repair Centres
Birchanger, Hertfordshire
Overview At Solus, we are strengthening our technology governance and cyber resilience as we continue to grow. We are looking for an IT Governance, Risk and Compliance (GRC) Analyst to help us maintain a secure, well governed and compliant technology environment across the business. This is a great role for someone who enjoys analysing detail, challenging constructively, influencing stakeholders and helping teams make confident, risk-based decisions. About the role As our IT GRC Analyst, you will support the Cyber Security, Risk and Assurance function with a mixture of governance activity, assurance reviews, supplier assessments and compliance oversight. You will help us meet Aviva Group requirements, regulatory expectations and industry standards while ensuring our technology risks are understood and well managed. Location: Fully remote (UK based). Responsibilities Maintain and improve our IT risk register, ensuring risks are clear, evidenced and tracked Support risk owners with guidance on controls, remediation and governance requirements Complete compliance reviews, control testing and assurance activities Produce risk and compliance reporting for leadership forums Carry out supplier assurance assessments, recommend improvements and escalate risk where needed Keep IT policies and standards up to date and aligned with Aviva and recognised frameworks Provide clear insight to non technical colleagues on risk, controls and potential impacts Support Group assurance activity and represent Solus in relevant forums This is an individual contributor role with a high level of ownership and plenty of opportunity to influence how we operate. Qualifications You will thrive in this role if you have: Knowledge of GRC frameworks such as ISO 27001, NIST CSF, Cyber Essentials or DPA Experience in risk management, governance or cyber/security assurance The ability to analyse complex information and turn it into clear, meaningful insight Confidence challenging and advising colleagues at all levels Strong communication and stakeholder management skills Certifications such as CISM, CRISC or CGRC are desirable but not essential. Who are Solus? Solus, who are owned by Aviva, are one of the UK leaders in vehicle repairs, returning cars to the road in just 11 days on average and a 4.6/5 star customer rating. With an award-winning apprenticeship programme and winners of other recognised industry awards Solus are proud to be shaping the future of vehicle repair. Why Join Solus? We have so much to offer when it comes to being a Solus colleague: Competitive salary based on location, skills, experience, and qualifications. Bonus opportunity tied to your performance and the overall success of Solus. Company pension scheme with employer contributions. 33 days' holiday (including bank holidays), with the option to buy or sell up to 5 days. Save money with up to 40% discount on Aviva products and other retailer discounts. Share in Aviva's success through the Aviva Save As You Earn scheme. Supportive policies including parental and carer's leave. Wellbeing focus with tools like Group Income Protection and 24/7 GP access. At Solus, we value inclusivity and welcome all applicants. If you're excited but don't tick every box, we encourage you to apply-your unique skills might be just what we need. We guarantee an interview for disabled applicants meeting the minimum criteria-just email us after applying to let us know. Ready to join us? Apply online today, and our team will be in touch within 14 days.
Jun 19, 2026
Full time
Overview At Solus, we are strengthening our technology governance and cyber resilience as we continue to grow. We are looking for an IT Governance, Risk and Compliance (GRC) Analyst to help us maintain a secure, well governed and compliant technology environment across the business. This is a great role for someone who enjoys analysing detail, challenging constructively, influencing stakeholders and helping teams make confident, risk-based decisions. About the role As our IT GRC Analyst, you will support the Cyber Security, Risk and Assurance function with a mixture of governance activity, assurance reviews, supplier assessments and compliance oversight. You will help us meet Aviva Group requirements, regulatory expectations and industry standards while ensuring our technology risks are understood and well managed. Location: Fully remote (UK based). Responsibilities Maintain and improve our IT risk register, ensuring risks are clear, evidenced and tracked Support risk owners with guidance on controls, remediation and governance requirements Complete compliance reviews, control testing and assurance activities Produce risk and compliance reporting for leadership forums Carry out supplier assurance assessments, recommend improvements and escalate risk where needed Keep IT policies and standards up to date and aligned with Aviva and recognised frameworks Provide clear insight to non technical colleagues on risk, controls and potential impacts Support Group assurance activity and represent Solus in relevant forums This is an individual contributor role with a high level of ownership and plenty of opportunity to influence how we operate. Qualifications You will thrive in this role if you have: Knowledge of GRC frameworks such as ISO 27001, NIST CSF, Cyber Essentials or DPA Experience in risk management, governance or cyber/security assurance The ability to analyse complex information and turn it into clear, meaningful insight Confidence challenging and advising colleagues at all levels Strong communication and stakeholder management skills Certifications such as CISM, CRISC or CGRC are desirable but not essential. Who are Solus? Solus, who are owned by Aviva, are one of the UK leaders in vehicle repairs, returning cars to the road in just 11 days on average and a 4.6/5 star customer rating. With an award-winning apprenticeship programme and winners of other recognised industry awards Solus are proud to be shaping the future of vehicle repair. Why Join Solus? We have so much to offer when it comes to being a Solus colleague: Competitive salary based on location, skills, experience, and qualifications. Bonus opportunity tied to your performance and the overall success of Solus. Company pension scheme with employer contributions. 33 days' holiday (including bank holidays), with the option to buy or sell up to 5 days. Save money with up to 40% discount on Aviva products and other retailer discounts. Share in Aviva's success through the Aviva Save As You Earn scheme. Supportive policies including parental and carer's leave. Wellbeing focus with tools like Group Income Protection and 24/7 GP access. At Solus, we value inclusivity and welcome all applicants. If you're excited but don't tick every box, we encourage you to apply-your unique skills might be just what we need. We guarantee an interview for disabled applicants meeting the minimum criteria-just email us after applying to let us know. Ready to join us? Apply online today, and our team will be in touch within 14 days.
Job Title: Data Resilience Analyst Location: Manchester, Birmingham, Edinburgh, or Bristol Remuneration: Daily rate 750pwd, via Umbrella Company Contract Details: 2 days in-office per week Responsibilities: Join the dynamic Data Resilience team within the Chief Data and Analytics Office (CDAO) and be a pivotal part of safeguarding our critical data services! Support the management of the Data Resilience Solution in ServiceNow by translating regulatory and business needs into actionable technical tooling requirements. Maintain resilience-focused datasets, ensuring critical data assets and dependencies are accurate and audit-ready. Analyse end-to-end data flows for Important Business Services (IBSs) to identify vulnerabilities and enhance data resilience controls. Coordinate Data Resilience BAU processes using ServiceNow, ensuring data integrity aligns with internal and regulatory expectations. Collaborate with Power BI teams to develop resilience-focused visualisations that deliver insights on the Group's Data Resilience Position. Create and maintain essential resilience artefacts and documentation, supporting audit and regulatory scrutiny. Engage stakeholders through workshops and training, embedding Data Resilience practises and driving adoption of tools and controls. Contribute to the Agile delivery of Data Resilience initiatives, ensuring continuous improvement in controls and processes. About Us: At our client, we're evolving alongside modern Britain. With significant investments in our people, data, and technology, we're transforming how we meet the ever-changing needs of our 26 million customers. We're on a purposeful growth journey, and we invite you to be a part of it! What You'll Need: Hands-on experience with ServiceNow GRC, CMDB modelling, Discovery, Flow Designer, and Workflow automation. Deep understanding of data models, asset relationships, and data flows across complex systems. Knowledge of Data Resilience principles, including integrity, availability, recovery, and encryption. Proficiency in Excel and M365 for MI, data analysis, and governance reporting. Familiarity with Power BI and data visualisation to support insight-driven decision-making. A strong mindset focused on data quality and control, ensuring accuracy and completeness. Expertise in requirements gathering and business analysis (user stories, workflows, data models). Experience in Agile environments across the full solution lifecycle. Ability to identify resilience risks and vulnerabilities in data and processes. Effective stakeholder engagement and communication skills, translating technical concepts into business insights. Strong analytical thinking and problem-solving abilities, with a continuous improvement mindset. Adaptability and learning agility in a rapidly evolving regulatory and technical landscape. Are you ready to make an impact? Join our client and play a vital role in shaping the future of data resilience in banking! Apply today! Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities , and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Due to the high volume of applications we receive, we are unable to respond to everyone individually. If you do not hear from us within 48 hours of applying, please assume that your application has been unsuccessful on this occasion.
Jun 16, 2026
Contractor
Job Title: Data Resilience Analyst Location: Manchester, Birmingham, Edinburgh, or Bristol Remuneration: Daily rate 750pwd, via Umbrella Company Contract Details: 2 days in-office per week Responsibilities: Join the dynamic Data Resilience team within the Chief Data and Analytics Office (CDAO) and be a pivotal part of safeguarding our critical data services! Support the management of the Data Resilience Solution in ServiceNow by translating regulatory and business needs into actionable technical tooling requirements. Maintain resilience-focused datasets, ensuring critical data assets and dependencies are accurate and audit-ready. Analyse end-to-end data flows for Important Business Services (IBSs) to identify vulnerabilities and enhance data resilience controls. Coordinate Data Resilience BAU processes using ServiceNow, ensuring data integrity aligns with internal and regulatory expectations. Collaborate with Power BI teams to develop resilience-focused visualisations that deliver insights on the Group's Data Resilience Position. Create and maintain essential resilience artefacts and documentation, supporting audit and regulatory scrutiny. Engage stakeholders through workshops and training, embedding Data Resilience practises and driving adoption of tools and controls. Contribute to the Agile delivery of Data Resilience initiatives, ensuring continuous improvement in controls and processes. About Us: At our client, we're evolving alongside modern Britain. With significant investments in our people, data, and technology, we're transforming how we meet the ever-changing needs of our 26 million customers. We're on a purposeful growth journey, and we invite you to be a part of it! What You'll Need: Hands-on experience with ServiceNow GRC, CMDB modelling, Discovery, Flow Designer, and Workflow automation. Deep understanding of data models, asset relationships, and data flows across complex systems. Knowledge of Data Resilience principles, including integrity, availability, recovery, and encryption. Proficiency in Excel and M365 for MI, data analysis, and governance reporting. Familiarity with Power BI and data visualisation to support insight-driven decision-making. A strong mindset focused on data quality and control, ensuring accuracy and completeness. Expertise in requirements gathering and business analysis (user stories, workflows, data models). Experience in Agile environments across the full solution lifecycle. Ability to identify resilience risks and vulnerabilities in data and processes. Effective stakeholder engagement and communication skills, translating technical concepts into business insights. Strong analytical thinking and problem-solving abilities, with a continuous improvement mindset. Adaptability and learning agility in a rapidly evolving regulatory and technical landscape. Are you ready to make an impact? Join our client and play a vital role in shaping the future of data resilience in banking! Apply today! Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities , and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Due to the high volume of applications we receive, we are unable to respond to everyone individually. If you do not hear from us within 48 hours of applying, please assume that your application has been unsuccessful on this occasion.
Information Security Analyst 6 months Outside IR35 A client is seeking an Information Security Analyst to support the onboarding and implementation of a new Third-Party Risk Management (TPRM) platform. The successful candidate will be responsible for handling supplier due diligence processes, conducting risk assessments, reviewing security controls, overseeing continuous monitoring activities, supporting audits, tracking remediation efforts, and delivering technology risk reporting across the organisation's wider technology estate. Key Responsibilities of the Information Security Analyst: Managing and supporting the TPRM lifecycle Conducting supplier due diligence and risk assessments & checklists Reviewing security controls, contractual clauses, and exit strategies Supporting continuous monitoring and supplier assurance activities Assisting with internal and external technology audits Coordinating audit evidence, remediation tracking, and management responses Producing risk reporting, dashboards, and stakeholder updates Skills and Experience of the Information Security Analyst: Proven experience in Information Security and Governance, Risk and Compliance (GRC). Experience managing Third-Party Risk Management Systems Strong working understanding of supplier risk assessments, audit processes, and security controls. Knowledge of deployment and tailoring systems within a business is desirable Confident stakeholder engagement and communication skills The Successful Information Security Analyst will be expected to work 2 / 3 days a week onsite. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment
Jun 12, 2026
Contractor
Information Security Analyst 6 months Outside IR35 A client is seeking an Information Security Analyst to support the onboarding and implementation of a new Third-Party Risk Management (TPRM) platform. The successful candidate will be responsible for handling supplier due diligence processes, conducting risk assessments, reviewing security controls, overseeing continuous monitoring activities, supporting audits, tracking remediation efforts, and delivering technology risk reporting across the organisation's wider technology estate. Key Responsibilities of the Information Security Analyst: Managing and supporting the TPRM lifecycle Conducting supplier due diligence and risk assessments & checklists Reviewing security controls, contractual clauses, and exit strategies Supporting continuous monitoring and supplier assurance activities Assisting with internal and external technology audits Coordinating audit evidence, remediation tracking, and management responses Producing risk reporting, dashboards, and stakeholder updates Skills and Experience of the Information Security Analyst: Proven experience in Information Security and Governance, Risk and Compliance (GRC). Experience managing Third-Party Risk Management Systems Strong working understanding of supplier risk assessments, audit processes, and security controls. Knowledge of deployment and tailoring systems within a business is desirable Confident stakeholder engagement and communication skills The Successful Information Security Analyst will be expected to work 2 / 3 days a week onsite. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment
Information Security Analyst (GRC) Attractive salary & package. Hertfordshire - with flexibility to work from home. A global client of ours are looking to hire an Information Security Analyst. T his company offer the chance for you to work in a very attractive industry, with a great benefit package also. This Information Security Analyst (GRC) role would suit someone with experience with information security risk assessments, reporting risks and who holds the ISO 27001 lead implementer/auditor certification. Any other certifications that you hold will be beneficial. Experience dealing with non-UK entities & stakeholder management experience will also be very attractive. In this role you will be performing regular checks and audits of the Security environment. If you would like to know more, please do get in touch. Unfortunately, this company is unable to provide sponsorship
Oct 07, 2025
Full time
Information Security Analyst (GRC) Attractive salary & package. Hertfordshire - with flexibility to work from home. A global client of ours are looking to hire an Information Security Analyst. T his company offer the chance for you to work in a very attractive industry, with a great benefit package also. This Information Security Analyst (GRC) role would suit someone with experience with information security risk assessments, reporting risks and who holds the ISO 27001 lead implementer/auditor certification. Any other certifications that you hold will be beneficial. Experience dealing with non-UK entities & stakeholder management experience will also be very attractive. In this role you will be performing regular checks and audits of the Security environment. If you would like to know more, please do get in touch. Unfortunately, this company is unable to provide sponsorship
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
Oct 04, 2025
Full time
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
Oct 04, 2025
Full time
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Oct 03, 2025
Full time
IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Oct 03, 2025
Full time
IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Security Risk Analyst 6-month contract London/Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed , and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the Security Risk Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The Security Risk Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the Security Risk Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment.
Oct 02, 2025
Contractor
Security Risk Analyst 6-month contract London/Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed , and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the Security Risk Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The Security Risk Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the Security Risk Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment.
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025
Sep 23, 2025
Full time
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025
