Butler Rose is working with one of the largest housing associations in London and the South East in their search for a Finance System Analyst to join their team. This is a permanent role, offering hybrid working and paying up to £43,132 per annum. As a Finance Systems Analyst, you'll play a pivotal role in ensuring our finance systems operate efficiently, accurately, and in line with business needs. Acting as the first point of contact for finance systems support, you'll combine technical expertise with strong stakeholder engagement to deliver a high-quality, customer-focused service. This is an exciting opportunity for a technically capable finance professional who thrives on problem-solving, collaboration, and making systems work smarter. Responsibilities: Provide first-line support for all finance IT system queries, resolving issues in line with Service Level Agreements and escalating complex cases where required. Act as system custodian, ensuring the completeness, integrity, and effective control of finance IT systems. Maintain and update approval chains and workflows within the D365 purchase order system, ensuring compliance with Financial Regulations. Monitor and troubleshoot finance system processes, including weekly and monthly interfaces, ensuring alignment with reporting timetables. Support month-end finance system activities and ensure all scheduled jobs run accurately and on time. Maintain user accounts and security profiles within finance systems, ensuring compliance with the Authorised Signatory List. Support change requests, ensuring alignment with the chart of accounts design framework and governance controls. Develop, maintain, and update procedure manuals and system documentation. Deliver training and guidance to staff on finance systems functionality, promoting best practice and effective system usage. Track and document system queries and resolutions to maintain a robust knowledge base. Support annual interim and final audit requirements from a finance systems perspective. Contribute to KPI tracking and performance reporting, identifying opportunities for continuous improvement. Required Experience: Demonstrable experience working with a finance IT system, ideally Microsoft D365. Experience maintaining strong financial system controls and data integrity. Experience working with large volumes of financial transactions within computerised systems. CCAB qualification (ACA, ACCA, CIPFA or equivalent) or actively studying, with ongoing CPD. Strong understanding of finance processes, procedures, and data management. Ability to manage multiple priorities and meet deadlines with minimal supervision. Strong analytical and problem-solving skills with excellent attention to detail. Confident communicator with the ability to engage effectively with a wide range of stakeholders. We can offer you a full insight and job description on applying, please dont delay with your application. Please contact Cerys Kirby Thirlwell for further information. Butler Rose is committed to equality in the workplace and is an equal opportunity employer.Butler Rose Ltd is acting as an Employment Business in relation to this vacancy.
Mar 10, 2026
Full time
Butler Rose is working with one of the largest housing associations in London and the South East in their search for a Finance System Analyst to join their team. This is a permanent role, offering hybrid working and paying up to £43,132 per annum. As a Finance Systems Analyst, you'll play a pivotal role in ensuring our finance systems operate efficiently, accurately, and in line with business needs. Acting as the first point of contact for finance systems support, you'll combine technical expertise with strong stakeholder engagement to deliver a high-quality, customer-focused service. This is an exciting opportunity for a technically capable finance professional who thrives on problem-solving, collaboration, and making systems work smarter. Responsibilities: Provide first-line support for all finance IT system queries, resolving issues in line with Service Level Agreements and escalating complex cases where required. Act as system custodian, ensuring the completeness, integrity, and effective control of finance IT systems. Maintain and update approval chains and workflows within the D365 purchase order system, ensuring compliance with Financial Regulations. Monitor and troubleshoot finance system processes, including weekly and monthly interfaces, ensuring alignment with reporting timetables. Support month-end finance system activities and ensure all scheduled jobs run accurately and on time. Maintain user accounts and security profiles within finance systems, ensuring compliance with the Authorised Signatory List. Support change requests, ensuring alignment with the chart of accounts design framework and governance controls. Develop, maintain, and update procedure manuals and system documentation. Deliver training and guidance to staff on finance systems functionality, promoting best practice and effective system usage. Track and document system queries and resolutions to maintain a robust knowledge base. Support annual interim and final audit requirements from a finance systems perspective. Contribute to KPI tracking and performance reporting, identifying opportunities for continuous improvement. Required Experience: Demonstrable experience working with a finance IT system, ideally Microsoft D365. Experience maintaining strong financial system controls and data integrity. Experience working with large volumes of financial transactions within computerised systems. CCAB qualification (ACA, ACCA, CIPFA or equivalent) or actively studying, with ongoing CPD. Strong understanding of finance processes, procedures, and data management. Ability to manage multiple priorities and meet deadlines with minimal supervision. Strong analytical and problem-solving skills with excellent attention to detail. Confident communicator with the ability to engage effectively with a wide range of stakeholders. We can offer you a full insight and job description on applying, please dont delay with your application. Please contact Cerys Kirby Thirlwell for further information. Butler Rose is committed to equality in the workplace and is an equal opportunity employer.Butler Rose Ltd is acting as an Employment Business in relation to this vacancy.
Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.
Mar 04, 2026
Full time
Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.
SAP Basis Administrator 60,000 - 65,000 + Bonus and Benefits Full Time / Permanent Hybrid / Birmingham The Role I am looking for a driven SAP Basis Administrator / Analyst to join a large and nationally recognised manufacturing client based in the Birmingham area as the continue on their digital evolution. As a SAP Basis Administrator / Analyst you will be a key member of a dynamic internal IT team acting as the technical subject matter expert for all things SAP infrastructure. The successful candidate will work across a broad technical landscape - translating business needs into innovative SAP platform solutions, ensuring system availability, security, and performance. Responsibilities Lead SAP infrastructure service management activities, ensuring reliable, secure and cost-effective solutions. Manage third-party SAP hosting providers, ensuring delivery against SLAs and governance standards. Acting as SAP SME on IT and business transformation projects. Monitor system performance, capacity, and availability - and planning smart enhancements. Support compliance with SOx, audit and security standards such as ISO27001 and Cyber Essentials. Investigate and resolve incidents, support users, and ensure root cause analysis is actioned. The Person Experience in a similar SAP Basis Administration role in a large enterprise environment Extensive experience of SAP infrastructure and associated technologies Strong knowledge of IT governance, audit, and service management principles Ability to translate business requirements into robust, scalable solutions Excellent communication and stakeholder engagement skills Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Oct 09, 2025
Full time
SAP Basis Administrator 60,000 - 65,000 + Bonus and Benefits Full Time / Permanent Hybrid / Birmingham The Role I am looking for a driven SAP Basis Administrator / Analyst to join a large and nationally recognised manufacturing client based in the Birmingham area as the continue on their digital evolution. As a SAP Basis Administrator / Analyst you will be a key member of a dynamic internal IT team acting as the technical subject matter expert for all things SAP infrastructure. The successful candidate will work across a broad technical landscape - translating business needs into innovative SAP platform solutions, ensuring system availability, security, and performance. Responsibilities Lead SAP infrastructure service management activities, ensuring reliable, secure and cost-effective solutions. Manage third-party SAP hosting providers, ensuring delivery against SLAs and governance standards. Acting as SAP SME on IT and business transformation projects. Monitor system performance, capacity, and availability - and planning smart enhancements. Support compliance with SOx, audit and security standards such as ISO27001 and Cyber Essentials. Investigate and resolve incidents, support users, and ensure root cause analysis is actioned. The Person Experience in a similar SAP Basis Administration role in a large enterprise environment Extensive experience of SAP infrastructure and associated technologies Strong knowledge of IT governance, audit, and service management principles Ability to translate business requirements into robust, scalable solutions Excellent communication and stakeholder engagement skills Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Job Title: Cryptography Analyst Location: Hybrid working - 2 days a week in Knutsford Cheshire Duration: Till 31st December 2025 Rate: 445.00 per day (Inside IR35) Successful candidates will be required to go through a BPSS Clearance We are looking for an experienced Cryptography Analyst to join a dedicated security team. You will be supporting the integrity and availability of the clients cryptographic infrastructure. You will play a key role in supporting cryptographic hardware, key management services, certificate management, and ensuring adherence to IT security standards. Your expertise will help shape and secure the operations, aligning with the Crypto strategy and wider departmental goals. Key Responsibilities Manage cryptographic hardware (HSMs - Thales, Entrust, Gemalto, etc.), including installation, configuration, and on-site activities Perform SSH key and certificate management Support cryptographic key lifecycle activities: generation, distribution, storage, recovery, and deletion Maintain accurate documentation and perform regular risk and compliance checks Handle incident, problem, and change management processes (aligned with ITIL best practices) Ensure strong governance, audit trails, and adherence to Barclays' IT Security Standards Contribute to automation and scripting efforts (e.g., Python) to streamline operations Participate in out-of-hours support and provide monthly risk/management reporting Collaborate with global teams across diverse platforms (IBM, Tandem, Unix) Essential Skills & Qualifications Proven experience in cryptography or information security roles Hands-on experience with HSMs from vendors such as Thales, Entrust, or Gemalto Familiarity with HSM monitoring tools Strong scripting or coding skills (Python preferred) ITIL Foundation Certification Bachelor's Degree in Computer Science or related field Strong stakeholder management and communication skills Excellent attention to detail and ability to multitask Proficient in Microsoft Office tools Desirable Skills Operational experience in IT Security environments Industry certifications in security and/or project management Experience with Unix/Windows operating systems Proficiency in tools such as SharePoint, Confluence, and JIRA Understanding of compliance, data protection, and incident response best practices Experience creating and maintaining operational documentation If you are interested and looking for your next role, please apply with a copy of your CV or email - (url removed)
Oct 07, 2025
Contractor
Job Title: Cryptography Analyst Location: Hybrid working - 2 days a week in Knutsford Cheshire Duration: Till 31st December 2025 Rate: 445.00 per day (Inside IR35) Successful candidates will be required to go through a BPSS Clearance We are looking for an experienced Cryptography Analyst to join a dedicated security team. You will be supporting the integrity and availability of the clients cryptographic infrastructure. You will play a key role in supporting cryptographic hardware, key management services, certificate management, and ensuring adherence to IT security standards. Your expertise will help shape and secure the operations, aligning with the Crypto strategy and wider departmental goals. Key Responsibilities Manage cryptographic hardware (HSMs - Thales, Entrust, Gemalto, etc.), including installation, configuration, and on-site activities Perform SSH key and certificate management Support cryptographic key lifecycle activities: generation, distribution, storage, recovery, and deletion Maintain accurate documentation and perform regular risk and compliance checks Handle incident, problem, and change management processes (aligned with ITIL best practices) Ensure strong governance, audit trails, and adherence to Barclays' IT Security Standards Contribute to automation and scripting efforts (e.g., Python) to streamline operations Participate in out-of-hours support and provide monthly risk/management reporting Collaborate with global teams across diverse platforms (IBM, Tandem, Unix) Essential Skills & Qualifications Proven experience in cryptography or information security roles Hands-on experience with HSMs from vendors such as Thales, Entrust, or Gemalto Familiarity with HSM monitoring tools Strong scripting or coding skills (Python preferred) ITIL Foundation Certification Bachelor's Degree in Computer Science or related field Strong stakeholder management and communication skills Excellent attention to detail and ability to multitask Proficient in Microsoft Office tools Desirable Skills Operational experience in IT Security environments Industry certifications in security and/or project management Experience with Unix/Windows operating systems Proficiency in tools such as SharePoint, Confluence, and JIRA Understanding of compliance, data protection, and incident response best practices Experience creating and maintaining operational documentation If you are interested and looking for your next role, please apply with a copy of your CV or email - (url removed)
IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Oct 03, 2025
Full time
IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Oct 03, 2025
Full time
IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
Oct 02, 2025
Full time
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
IT Security Manager Hybrid We are seeking an experienced IT Security Manager to lead our clients security function across the EMEA region. Reporting to the Head of IT Infrastructure, you will manage a team of internal security analysts as well as external consultants and managed services providers. This role requires strong interpersonal skills to collaborate effectively with IT Infrastructure teams across multiple European sites, as well as wider business units within the group. The successful candidate will take ownership of their Information Security Management System (ISMS) , supporting ISO 27001 certification, ensuring compliance with relevant regulations, and safeguarding our IT assets. You will also play a proactive role in shaping and delivering future security programmes as part of the Global IT Security Team. Key Responsibilities Lead and manage the IT security team, including outsourced SOC/MDR/DFIR providers. Maintain and enhance our ISMS, including policies, procedures, registers, and reports. Ensure compliance with ISO 27001, ISAE 3402 Type II, and NIS2 requirements. Prepare and present regular security reports to senior management. Liaise with external auditors, customers, and vendors as required. Conduct regular security assessments, penetration tests, and risk analyses. Monitor networks and systems for breaches, incidents, and vulnerabilities. Respond to and manage security incidents, including investigation, mitigation, and reporting. Oversee user access controls, identity management, and data protection measures. Lead Business Continuity and Disaster Recovery (BC/DR) planning and testing. Manage and deliver IT security awareness training for staff and end users. Qualifications & Experience Bachelor's degree in Computer Science, Information Security, or related field. Professional certification (CISM, CISSP, or equivalent) required. 7+ years' experience in IT security, with at least 3 years in a leadership or managerial role. Strong knowledge of ISO 27001, ISAE 3402, and related frameworks. Experience with security technologies such as XDR, MDR, EDR, SIEM, NAC, IDS/IPS, and SASE. Proven background in incident response, risk management, and ISMS operation. Essential Skills Demonstrated leadership and team management experience. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to prioritise effectively and perform under pressure. What they Offer An influential leadership role in a global organisation. Opportunity to shape security programmes and strategy at an international level. Competitive salary and benefits package. Professional development and certification support. If you are a proven IT Security leader with the vision, expertise, and drive to safeguard critical systems and data, we would like to hear from you. IT Security Manager Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Oct 02, 2025
Full time
IT Security Manager Hybrid We are seeking an experienced IT Security Manager to lead our clients security function across the EMEA region. Reporting to the Head of IT Infrastructure, you will manage a team of internal security analysts as well as external consultants and managed services providers. This role requires strong interpersonal skills to collaborate effectively with IT Infrastructure teams across multiple European sites, as well as wider business units within the group. The successful candidate will take ownership of their Information Security Management System (ISMS) , supporting ISO 27001 certification, ensuring compliance with relevant regulations, and safeguarding our IT assets. You will also play a proactive role in shaping and delivering future security programmes as part of the Global IT Security Team. Key Responsibilities Lead and manage the IT security team, including outsourced SOC/MDR/DFIR providers. Maintain and enhance our ISMS, including policies, procedures, registers, and reports. Ensure compliance with ISO 27001, ISAE 3402 Type II, and NIS2 requirements. Prepare and present regular security reports to senior management. Liaise with external auditors, customers, and vendors as required. Conduct regular security assessments, penetration tests, and risk analyses. Monitor networks and systems for breaches, incidents, and vulnerabilities. Respond to and manage security incidents, including investigation, mitigation, and reporting. Oversee user access controls, identity management, and data protection measures. Lead Business Continuity and Disaster Recovery (BC/DR) planning and testing. Manage and deliver IT security awareness training for staff and end users. Qualifications & Experience Bachelor's degree in Computer Science, Information Security, or related field. Professional certification (CISM, CISSP, or equivalent) required. 7+ years' experience in IT security, with at least 3 years in a leadership or managerial role. Strong knowledge of ISO 27001, ISAE 3402, and related frameworks. Experience with security technologies such as XDR, MDR, EDR, SIEM, NAC, IDS/IPS, and SASE. Proven background in incident response, risk management, and ISMS operation. Essential Skills Demonstrated leadership and team management experience. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to prioritise effectively and perform under pressure. What they Offer An influential leadership role in a global organisation. Opportunity to shape security programmes and strategy at an international level. Competitive salary and benefits package. Professional development and certification support. If you are a proven IT Security leader with the vision, expertise, and drive to safeguard critical systems and data, we would like to hear from you. IT Security Manager Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate effectively across business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of security controls, including outcomes of penetration testing and red team exercises. Collaborate with business units - Act as a security advocate and guide cross-functional teams in secure practices. Lead technical initiatives - Provide hands-on leadership and mentor more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and experience required: Strong experience in risk & controls within the information security, ideally in a regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of control frameworks (NIST CSF, COBIT). Ability to run threat intelligence and vulnerability assessments. Experience collaborating with 2nd and 3rd line governance teams (e.g., audit, compliance). Strong stakeholder engagement and influencing skills. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
Sep 27, 2025
Full time
Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate effectively across business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of security controls, including outcomes of penetration testing and red team exercises. Collaborate with business units - Act as a security advocate and guide cross-functional teams in secure practices. Lead technical initiatives - Provide hands-on leadership and mentor more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and experience required: Strong experience in risk & controls within the information security, ideally in a regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of control frameworks (NIST CSF, COBIT). Ability to run threat intelligence and vulnerability assessments. Experience collaborating with 2nd and 3rd line governance teams (e.g., audit, compliance). Strong stakeholder engagement and influencing skills. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
LA International Computer Consultants Ltd
Leamington Spa, Warwickshire
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Sep 26, 2025
Contractor
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Sep 26, 2025
Contractor
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Regulatory Analyst - DORA Hybrid Our client, a leading financial services organisation, is seeking a Regulatory Analyst with strong expertise in Digital Operational Resilience (DORA) and European cyber regulations. As a subject matter expert, you will drive DORA implementation, collaborate with operational resilience teams, and influence policies, controls, and risk frameworks to safeguard critical business services. Key Responsibilities Regulatory Assurance (DORA): Lead gap analyses and implement solutions to ensure full DORA compliance . Embed DORA's six pillars: ICT Risk Management, Incident Reporting, Resilience Testing, Information Sharing, Third Party Risk, and Governance . Collaborate with operational resilience and business continuity teams. Design and execute testing initiatives to measure cyber and digital resilience. Assess third-party resilience as part of TPRM efforts. Partner with IT and Risk stakeholders on cross-functional initiatives. Act as a subject matter expert and champion of digital resilience. Policies & Standards: Develop and evolve policies to align with both local and enterprise-wide regulatory requirements. Contribute to the information security policy framework . Governance & Controls: Support ongoing control maintenance and internal audits. Work with stakeholders to assess risk and strengthen mitigation strategies . Build deep expertise around regulated business services . What You Bring Expertise & Education: Degree in IT, Information Security, Risk Management or a related field. Strong knowledge of DORA, NIS2, and UK/EU cyber regulations . Familiarity with frameworks: ISO27001, NIST, COBIT, CAF . Recognised certifications such as CISSP, CISM, CISA, CRISC, CTPRP . Experience with European financial regulations (BaFin, AMF, etc.). Proven background in information security, audit, or risk management . Skills & Traits: Financial services experience with strong awareness of cybersecurity trends . Proactive problem solver with excellent analytical skills . Collaborative with strong stakeholder management abilities .
Sep 23, 2025
Full time
Regulatory Analyst - DORA Hybrid Our client, a leading financial services organisation, is seeking a Regulatory Analyst with strong expertise in Digital Operational Resilience (DORA) and European cyber regulations. As a subject matter expert, you will drive DORA implementation, collaborate with operational resilience teams, and influence policies, controls, and risk frameworks to safeguard critical business services. Key Responsibilities Regulatory Assurance (DORA): Lead gap analyses and implement solutions to ensure full DORA compliance . Embed DORA's six pillars: ICT Risk Management, Incident Reporting, Resilience Testing, Information Sharing, Third Party Risk, and Governance . Collaborate with operational resilience and business continuity teams. Design and execute testing initiatives to measure cyber and digital resilience. Assess third-party resilience as part of TPRM efforts. Partner with IT and Risk stakeholders on cross-functional initiatives. Act as a subject matter expert and champion of digital resilience. Policies & Standards: Develop and evolve policies to align with both local and enterprise-wide regulatory requirements. Contribute to the information security policy framework . Governance & Controls: Support ongoing control maintenance and internal audits. Work with stakeholders to assess risk and strengthen mitigation strategies . Build deep expertise around regulated business services . What You Bring Expertise & Education: Degree in IT, Information Security, Risk Management or a related field. Strong knowledge of DORA, NIS2, and UK/EU cyber regulations . Familiarity with frameworks: ISO27001, NIST, COBIT, CAF . Recognised certifications such as CISSP, CISM, CISA, CRISC, CTPRP . Experience with European financial regulations (BaFin, AMF, etc.). Proven background in information security, audit, or risk management . Skills & Traits: Financial services experience with strong awareness of cybersecurity trends . Proactive problem solver with excellent analytical skills . Collaborative with strong stakeholder management abilities .
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025
Sep 23, 2025
Full time
Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
Sep 21, 2025
Full time
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
