Description At Engine by Starling , we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role In this role you will be instrumental in helping us maintain and mature our governance, risk, and compliance program. You'll play a crucial part in ensuring our ongoing adherence to security standards and regulations, building a foundation of trust for our clients and stakeholders. This is a hands-on role, ideally suited to someone who can engage with stakeholders across our business. What you'll get to do: Compliance Management: Support the day-to-day management of our compliance programs, with a primary focus on ISO 27001 , SOC 2 , and PCI DSS/3DS . Audit Support: Act as a key liaison for internal and external auditors, helping to gather evidence, prepare for audits, and track the timely remediation of any findings. Risk Management: Participate in our risk assessment process, helping to identify, analyse, and document information security risks. You'll also assist in developing and monitoring risk treatment plans. Policy & Procedure Maintenance: Help to develop, update, and maintain our information security policies, standards, and procedures to ensure they are current, accurate, and aligned with compliance requirements. Evidence Collection & Review: Automate and streamline the collection of evidence for our various compliance frameworks to ensure audit readiness. Cross-Functional Collaboration: Work closely with our Engineering, Product and Security Operations teams to embed security controls into our processes and culture. Continuous Improvement: Identify opportunities to improve the effectiveness and efficiency of our GRC program and related processes. Requirements Essential A minimum of 3 years of experience in an information security role. Proven experience in supporting and managing compliance efforts for ISO 27001, SOC 2, and PCI DSS. Strong skills in security metrics and reporting. Experience with audit processes and evidence collection. A proactive, organized, and detail-oriented approach to your work. Experience with GRC software is a plus. Desired qualifications, if you have some of these great! CompTIA Security+ Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP) Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: Stage 1 - 45 mins with BISO Stage 2 - 60 min with Team Members Stage 3 - Final with CTO Benefits 33 days holiday (including public holidays, which you can take when it works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Incentives refer a friend scheme Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Engine by Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Dec 05, 2025
Full time
Description At Engine by Starling , we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role In this role you will be instrumental in helping us maintain and mature our governance, risk, and compliance program. You'll play a crucial part in ensuring our ongoing adherence to security standards and regulations, building a foundation of trust for our clients and stakeholders. This is a hands-on role, ideally suited to someone who can engage with stakeholders across our business. What you'll get to do: Compliance Management: Support the day-to-day management of our compliance programs, with a primary focus on ISO 27001 , SOC 2 , and PCI DSS/3DS . Audit Support: Act as a key liaison for internal and external auditors, helping to gather evidence, prepare for audits, and track the timely remediation of any findings. Risk Management: Participate in our risk assessment process, helping to identify, analyse, and document information security risks. You'll also assist in developing and monitoring risk treatment plans. Policy & Procedure Maintenance: Help to develop, update, and maintain our information security policies, standards, and procedures to ensure they are current, accurate, and aligned with compliance requirements. Evidence Collection & Review: Automate and streamline the collection of evidence for our various compliance frameworks to ensure audit readiness. Cross-Functional Collaboration: Work closely with our Engineering, Product and Security Operations teams to embed security controls into our processes and culture. Continuous Improvement: Identify opportunities to improve the effectiveness and efficiency of our GRC program and related processes. Requirements Essential A minimum of 3 years of experience in an information security role. Proven experience in supporting and managing compliance efforts for ISO 27001, SOC 2, and PCI DSS. Strong skills in security metrics and reporting. Experience with audit processes and evidence collection. A proactive, organized, and detail-oriented approach to your work. Experience with GRC software is a plus. Desired qualifications, if you have some of these great! CompTIA Security+ Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP) Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: Stage 1 - 45 mins with BISO Stage 2 - 60 min with Team Members Stage 3 - Final with CTO Benefits 33 days holiday (including public holidays, which you can take when it works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Incentives refer a friend scheme Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Engine by Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Are you an accomplished IT Security Engineer (Application &/or Infrastructure / Cloud focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity to work with one of the UK s leading independent Software houses , with a global footprint (but UK HQ), 500 staff & a focus on technical excellence? If so, we are looking for an experienced IT Security Engineer to join our growing Security Ops team, working closely with the wider GRC & policy team, DevOps teams, Dev team & internal IT teams to make sure security is at the heart of all our technical process'. This role will cover a wide array of security areas across our SaaS private and public cloud environments, as well as corporate domains & internal infrastructure and will require a skilled individual to spearhead efforts in fortifying both infrastructure and application platforms, against potential threats. Job title: IT Security Engineer. Also known as: Cyber Security Engineer, Security Engineer, Information Security Engineer, or similar! Salary: £75K - £80K Basic + 10% Bonus + Extensive Benefits package Location: London office, but nearly 100% remote (UK) role 1 day per month in London for a Team meet up & after bedding in for 6 months this can become even less. We d hope that an experienced individual will know what the role entails, but some key points to be considered: Must have skills and experience: At least 3 years of hands-on, proven industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security operations checks using security monitoring tools and responding to alerts. Proactive in staying updated with the latest security threats, vulnerabilities, and mitigation techniques. Ability to work independently with minimal guidance, take initiative, and think creatively, while also being collaborative and team-oriented with good communication skills. Advantageous skills/ experience: Bachelor/master s degree in computer science, Information Security, or related Security certification: CISSP, CISM, or similar. Experience with security tools such as Alert Logic, Qualys, M365 Security, and AWS Security Products. Understanding security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We value teamwork, collaboration & technical excellence the company are heavily weighted toward technical staff (as you would hope, for a Software company!) so you must be comfortable within this environment. An excellent opportunity for an IT Security professional to make their mark, at a global, UK driven, SaaS product company. Please apply now or give me a call directly to speak about this.
Dec 03, 2025
Full time
Are you an accomplished IT Security Engineer (Application &/or Infrastructure / Cloud focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity to work with one of the UK s leading independent Software houses , with a global footprint (but UK HQ), 500 staff & a focus on technical excellence? If so, we are looking for an experienced IT Security Engineer to join our growing Security Ops team, working closely with the wider GRC & policy team, DevOps teams, Dev team & internal IT teams to make sure security is at the heart of all our technical process'. This role will cover a wide array of security areas across our SaaS private and public cloud environments, as well as corporate domains & internal infrastructure and will require a skilled individual to spearhead efforts in fortifying both infrastructure and application platforms, against potential threats. Job title: IT Security Engineer. Also known as: Cyber Security Engineer, Security Engineer, Information Security Engineer, or similar! Salary: £75K - £80K Basic + 10% Bonus + Extensive Benefits package Location: London office, but nearly 100% remote (UK) role 1 day per month in London for a Team meet up & after bedding in for 6 months this can become even less. We d hope that an experienced individual will know what the role entails, but some key points to be considered: Must have skills and experience: At least 3 years of hands-on, proven industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security practices Experience conducting security operations checks using security monitoring tools and responding to alerts. Proactive in staying updated with the latest security threats, vulnerabilities, and mitigation techniques. Ability to work independently with minimal guidance, take initiative, and think creatively, while also being collaborative and team-oriented with good communication skills. Advantageous skills/ experience: Bachelor/master s degree in computer science, Information Security, or related Security certification: CISSP, CISM, or similar. Experience with security tools such as Alert Logic, Qualys, M365 Security, and AWS Security Products. Understanding security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We value teamwork, collaboration & technical excellence the company are heavily weighted toward technical staff (as you would hope, for a Software company!) so you must be comfortable within this environment. An excellent opportunity for an IT Security professional to make their mark, at a global, UK driven, SaaS product company. Please apply now or give me a call directly to speak about this.
Location: London (onsite 2 days per week) Duration: 6 months Rate: Inside IR35, rate to be discussed Are you an experienced Head of Information Security Governance, Risk and Compliance looking for your next opportunity to make an impact within an evolving and fast paced environment? Do you have strong experience of leading 3rd party security assurance processes? If so, apply now. We are seeking an experienced Head of InfoSec GRC & Awareness to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements. The key responsibilities of the Head of Information Security GRC & Awareness are: Lead the development and enforcement of enterprise-wide information security policies and standards. Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis. Oversee the Information Security Risk Management process Conducting in depth supplier due diligence / third party assurance processes Manage audit readiness and support internal/external audit activities. Own and deliver the organisation's security awareness programme, including campaigns and tailored training. Depending on the candidate, you would also be involved in developing and implementing an Operational Technology (OT) Security Assurance Framework. The successful candidate will have the following skills, experience and qualifications: Professional certifications such as CISSP, CISM, ISO27001 Lead Auditor, CLAS etc Extensive experience in information security or IT governance within large, complex environments. Strong knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials). Proven track record in risk management, policy development, and security awareness initiatives. Excellent communication, leadership, and influencing skills. Very strong experience of driving 3rd party due diligence Any experience of driving Technical Assurance, Operational Technology (OT) Security Assurance and Penetration Testing would be a bonus This is an excellent opportunity to lead a critical function within a dynamic organisation, ensuring security resilience and cultural change across the enterprise. The rate is competitive and we can discuss this directly. For further information, please apply and I will be in touch. Head of InfoSec GRC & Awareness Head of Information Security Governance, Risk and Compliance
Dec 02, 2025
Contractor
Location: London (onsite 2 days per week) Duration: 6 months Rate: Inside IR35, rate to be discussed Are you an experienced Head of Information Security Governance, Risk and Compliance looking for your next opportunity to make an impact within an evolving and fast paced environment? Do you have strong experience of leading 3rd party security assurance processes? If so, apply now. We are seeking an experienced Head of InfoSec GRC & Awareness to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements. The key responsibilities of the Head of Information Security GRC & Awareness are: Lead the development and enforcement of enterprise-wide information security policies and standards. Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis. Oversee the Information Security Risk Management process Conducting in depth supplier due diligence / third party assurance processes Manage audit readiness and support internal/external audit activities. Own and deliver the organisation's security awareness programme, including campaigns and tailored training. Depending on the candidate, you would also be involved in developing and implementing an Operational Technology (OT) Security Assurance Framework. The successful candidate will have the following skills, experience and qualifications: Professional certifications such as CISSP, CISM, ISO27001 Lead Auditor, CLAS etc Extensive experience in information security or IT governance within large, complex environments. Strong knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials). Proven track record in risk management, policy development, and security awareness initiatives. Excellent communication, leadership, and influencing skills. Very strong experience of driving 3rd party due diligence Any experience of driving Technical Assurance, Operational Technology (OT) Security Assurance and Penetration Testing would be a bonus This is an excellent opportunity to lead a critical function within a dynamic organisation, ensuring security resilience and cultural change across the enterprise. The rate is competitive and we can discuss this directly. For further information, please apply and I will be in touch. Head of InfoSec GRC & Awareness Head of Information Security Governance, Risk and Compliance
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
Oct 04, 2025
Full time
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
Oct 04, 2025
Full time
If you are a current Jazz employee please apply via the Internal Career site. Jazz Pharmaceuticals is a global biopharma company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines, including leading therapies for sleep disorders and epilepsy, and a growing portfolio of cancer treatments. Our patient-focused and science-driven approach powers pioneering research and development advancements across our robust pipeline of innovative therapeutics in oncology and neuroscience. Jazz is headquartered in Dublin, Ireland with research and development laboratories, manufacturing facilities and employees in multiple countries committed to serving patients worldwide. Please visit for more information. Brief Description: The Senior Analyst of Medical Affairs (Medical Education Grants) will be an integral member of the Medical Affairs, Medical Education Grant team. This role is essential for enhancing efficiency and effectiveness of the department's operational and management of Independent Medical Education grant requests from external organizations. Essential Functions Monitor the Educational Grant Management System and perform initial review of grant requests for completeness and alignment to industry and company guidelines Partner with Grants Manager to track routed requests against the budget to ensure approvals do not exceed the target forecast Process grant requests, to include communication of grant decisions to internal and external parties and issuing of payment to requestors Maintain a schedule of supported educational events across all Neuroscience molecules Track outcomes from supported programs Gather and assist analyze performance metrics under Grant Managers' oversight and communicate the results to stakeholders within the organization as needed. Prepare presentations for use by Grants Manager and other internal departments as needed Respond to reported problems and work with a diverse team of internal and external stakeholders to identify resolutions Schedule monthly EGRC meetings, distribute review materials to the team prior to the meeting, and prepare presentation materials Identify potential process improvements related to the grant workflow Update documentation related to IME grant processes and workflow diagrams to ensure business continuity and aid in continuous improvement efforts Communicate regularly with grant requestors regarding status, payment, program materials and outcomes of supported activities Analyze operational processes and systems and establish best practices Participate in professional meetings to evaluate the impact that regulatory and policy decisions have on IME grants Partner with IME Director on special projects Required Knowledge, Skills, and Abilities Pharmaceutical industry and/or agency/medical education company experience is required Experience working with Microsoft Office, including Excel, PowerPoint, Outlook and Word is required Experience working with Pivot Tables, Macros and/or Visual Basic for Applications is preferred Experience working with publication software (e.g., Microsoft Publisher, Adobe InDesign) is desired Knowledge/understanding of FDA and regulatory guidelines for industry support of medical education events (e.g., PhRMA guidelines, OIG, AMA, ACCME, Sunshine Act) is desired Knowledge of CME/CE outcomes assessments (e.g., MOOREs, TELMs) is desired Experience working with reporting solutions (e.g., Izenda, SmartSheets) is desired Experience working with a request management or customer management system is desired (e.g., CyberGrants, Vision Tracker, CRM systems) Required/Preferred Education and Licenses Relevant degree, direct experience working in independent medical education grants or a mix of both Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law. The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: .
Cyber and Information Security Lead Bath 75,000 - 85,000 Our client is looking for an ambitious Cyber and Information Security Lead to join their growing SaaS Business. They are seeking a conscientious, personable, and knowledgeable leader, ideally with commercial experience in the public sector. You may already be operating at the CISO level in a small company or have ambitions to reach the next level in your career. Key Responsibilities: Strategy and Compliance: Design and implement a comprehensive security strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a software development or health technology environment UK health sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System (ISMS), ideally to the 2022 standard. Security architecture & Secure by Design: Strong understanding and experience of secure software development lifecycles (SDLC) and embedding security by design into product development processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act 2018), NIS Directive, and their practical application within a health tech context. Stakeholder management: Excellent communication, influencing, and negotiation skills with the ability to articulate complex security concepts to technical and non-technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Please apply for more details
Oct 01, 2025
Full time
Cyber and Information Security Lead Bath 75,000 - 85,000 Our client is looking for an ambitious Cyber and Information Security Lead to join their growing SaaS Business. They are seeking a conscientious, personable, and knowledgeable leader, ideally with commercial experience in the public sector. You may already be operating at the CISO level in a small company or have ambitions to reach the next level in your career. Key Responsibilities: Strategy and Compliance: Design and implement a comprehensive security strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a software development or health technology environment UK health sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System (ISMS), ideally to the 2022 standard. Security architecture & Secure by Design: Strong understanding and experience of secure software development lifecycles (SDLC) and embedding security by design into product development processes, along with secure system architecture principles. Risk management: Demonstrated expertise in developing, implementing, and managing information security risk management frameworks, including risk assessment methodologies (eg OCTAVE, FAIR). Incident response: Proven track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act 2018), NIS Directive, and their practical application within a health tech context. Stakeholder management: Excellent communication, influencing, and negotiation skills with the ability to articulate complex security concepts to technical and non-technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Please apply for more details
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025
Sep 23, 2025
Full time
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025
