Security Consultant

Join Smartdesc as an Information Security ConsultantLocation: Field-based, primarily in the London areaEmployment Type: Full-timeSalary: £70,000 - £80,000As an Information Security Consultant at Smartdesc, you will collaborate with the Information Security and technical delivery teams to implement robust security solutions for our clients.Your role will involve providing strategic guidance on Information Security, aiding clients in enhancing their security posture, and overseeing a variety of security projects. This includes assisting clients in implementing security controls, conducting assessments based on industry best practices, and delivering assessment reports to Senior Leadership Teams to bolster their security measures.The position encompasses a diverse array of responsibilities, from strategic governance and risk management to advising non-profit organizations on maximizing the value of Microsoft Business Premium, E3, and E5 security solutions. You should be comfortable presenting security information to varied audiences, from part-time volunteers to executive boards.This customer-facing role demands a meticulous eye for detail and a proven track record in delivering exemplary Information Security practices.Key ResponsibilitiesAssess and identify steps organizations must take to enhance their security posture, creating roadmaps for continuous improvement while maximizing existing Microsoft licensing.Align security practices with frameworks and standards such as Cyber Essentials, NCSC CAF, and ISO 27001.Own or oversee key Information Security processes and procedures.Manage the Smartdesc MDR management service.Implement and oversee Information Security Risk Management programs.Identify and manage remediation actions to mitigate risks.Develop and maintain Information Security Policies.Create and deliver general and role-specific Information Security Training and Awareness programs.Raise, investigate, and manage IT Security incidents, ensuring appropriate follow-up actions.Provide IT security support to various business functions, including digital teams, IT infrastructure, and IT Service Desk.Develop and oversee Information Security Internal Audit programs.Supervise ongoing security testing, reviews, and audits.

Kroo Bank is redefining banking by creating a customer-centric experience that prioritizes responsible financial management and leverages technology to simplify, democratize, and enhance transparency in everyday banking. As a fully regulated UK bank, we are supported by dedicated investors and are on a mission to grow our customer base while pursuing ambitious goals. Our commitment to excellence is evident in our fast-paced operations, thoughtful decision-making, and adherence to the highest standards of service, product development, risk management, and employee care.Job Overview:We are seeking a dynamic Head of Information Security (HoIS) to lead our IT security strategy and safeguard the organization against security threats targeting our digital assets. In this role, you will direct the security strategy, oversee operations, and drive product development to protect our enterprise information. Your responsibilities will include fostering security awareness, managing security operations, and ensuring robust policies and procedures are in place.Key Responsibilities:Oversee the daily operations and execution of the information security strategy.Design and maintain a proactive security roadmap encompassing cloud, mobile, AI, and software platforms.Work collaboratively with technology leaders to implement innovative security technologies and next-generation solutions.Guarantee secure configurations and ensure continuous compliance across IaaS, PaaS, and SaaS environments.Conduct ongoing assessments of existing security practices and systems, identifying and addressing areas for enhancement.Perform security audits and risk assessments, providing recommendations to mitigate threats and vulnerabilities.Manage the Information Security Management System (ISMS) and uphold ISO 27001 certification.Ensure adherence to relevant compliance and governance standards.Collaborate with operational teams to develop, implement, and test business continuity plans for security breaches and disaster recovery scenarios.Safeguard the organization's intellectual property consistently.Monitor security vulnerabilities and potential hacking threats across network and host systems.Lead security operations, including Managed SOC, threat intelligence, detection, and response capabilities.Establish KPIs and KRIs to measure security maturity and provide consistent security reporting to Executive and Board stakeholders.Manage and nurture the information security team.Promote and educate the organization on the latest security strategies and technologies.Oversee the IT security budget and communicate effectively with stakeholders.

AJ Bell seeks an Information Security Architect to safeguard digital assets and advance security practices. This hybrid role is available in either Manchester or London. Key responsibilities Design and implement security frameworks that protect company systems and sensitive data. Identify vulnerabilities across digital platforms, providing recommendations to address risks. Ensure security measures align with industry standards and compliance requirements. Collaborate with teams throughout the business to shape security strategies that support organizational objectives. Location This position offers a hybrid work model, with the option to be based in Manchester or London.

AJ Bell seeks a Senior Information Security Engineer to strengthen the protection of company information systems and support compliance initiatives. The position is offered as a hybrid role, with the option to work from either the Manchester or London office and some flexibility for remote work. Key responsibilities Identify and assess security vulnerabilities within company systems Implement and maintain security controls to protect data and infrastructure Collaborate with teams across the business to promote effective security practices Assist in maintaining compliance with relevant regulations and internal policies Location This role is based in Manchester or London with a hybrid work arrangement, allowing for both office presence and remote work.

Role overview The Chief Information Security Officer at mangroup will lead information security efforts from the London office. This executive position carries responsibility for shaping the overall security strategy, protecting digital assets, and managing risks throughout the company. Key responsibilities Direct the creation and rollout of cybersecurity programs Safeguard company data and digital systems from security threats Identify, evaluate, and manage information security risks Work closely with senior leadership to ensure security initiatives support business objectives Maintain compliance with applicable regulations and industry standards Location This position is based in London.

Starling Bank brings together over 3,000 professionals across London, Southampton, Cardiff, and Manchester to deliver digital banking services in the UK. The company is known for combining technology-driven solutions with the reliability expected from a fully licensed bank. Its culture centers on values such as Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Role overview The Director of Information Security leads the Office of the CISO and reports directly to the Chief Information Security Officer. This position manages a team of Information Security analysts and plays a key role in shaping and strengthening Starling Bank's security capabilities and governance. This role is designed for a seasoned information security leader who has experience building teams and driving continuous improvement. It offers a path for those considering future advancement to a CISO role. Main responsibilities Oversee the Information Security Policy Framework, ensuring alignment with the needs of Starling Group and its stakeholders, and maintaining compliance with legislation and industry standards. Develop and maintain standards for implementing security controls and procedures. Collaborate with external organizations and regulatory bodies to enhance Starling’s security posture. Location This position is based in London, England, United Kingdom.

Join Palantir Technologies as an Information Security Engineer in London, where you will play a critical role in safeguarding our cutting-edge technology and sensitive data. Your expertise will help us develop and implement robust security strategies, ensuring that our platforms remain secure against evolving threats.

Isomorphic Labs is looking for an Information Security Engineer based in either Lausanne or London. This role centers on safeguarding digital assets and upholding effective security practices throughout the company. Key responsibilities Collaborate with teams across departments to design and implement security controls Monitor systems and workflows to identify and address security threats Keep up to date with emerging security risks and trends Location This position is available in both Lausanne and London.

Join our dynamic team at bmlltech as a Senior Information Security Analyst specializing in ISMS Management. You will play a crucial role in safeguarding the integrity and confidentiality of our information assets. Your expertise will help us to establish, implement, and maintain an effective Information Security Management System (ISMS) that aligns with international standards.As part of your responsibilities, you will conduct risk assessments, develop security policies, and collaborate with cross-functional teams to ensure compliance with data protection regulations. You will also lead security awareness initiatives and provide guidance on best practices to enhance our security posture.

The impact you'll make:As the Information Security Team Lead, you will spearhead the daily operations and enhancement of Elliptic's information and cyber security initiatives. Your role will involve driving the adoption of SSDLC v2.0, strengthening our cloud and SaaS security frameworks, and ensuring readiness for external audits and customer due diligence. Collaborate closely with Engineering, Platform, Legal, Procurement, and Customer teams to mitigate risks while facilitating delivery and revenue, including the implementation of Enterprise Tier security features.Your responsibilities will include:Programme Ownership and ExecutionLead the execution of the InfoSec roadmap and performance metrics. Transform strategic objectives into actionable quarterly plans with quantifiable results.Establish necessary gates, controls, and reporting mechanisms for SSDLC v2.0 across build and deployment pipelines.Direct the baselining of CSPM/SSPM and the targeted reduction of misconfigurations and vulnerabilities.Risk Management, Assurance, and Audit PreparednessOversee ISMS processes in compliance with ISO 27001. Organize evidence collection for customer audits and external assurances (e.g., penetration testing, TPOs).Lead or contribute to risk management forums. Ensure prompt remediation, risk acceptance, and tracking of exceptions.Cloud and SaaS Security EnhancementsCollaborate with the Platform team to fortify AWS (IAM, KMS, network segmentation, Security Hub, GuardDuty, logging).Enhance endpoint security, identity and access management, vulnerability management, and logging throughout the organization.Leadership and Team CollaborationProvide daily guidance to TISO, Analysts, and cross-functional contributors.Foster a pragmatic, developer-friendly security culture through enablement, playbooks, and training.Vendor Management and Data GovernanceManage vendor security due diligence with defined SLAs and documentation trails. Assist data protection and BC/DR control owners.Required Qualifications:Demonstrated experience leading security initiatives in a cloud-native product environment.Deep understanding of security frameworks and compliance standards.Strong communication skills with the ability to collaborate effectively across teams.

Engine by Starling is a pioneering cloud-native SaaS platform developed by Starling Bank, the UK's first and leading digital bank. We empower over 4.6 million customers and small businesses with intuitive financial tools that help them manage their money efficiently and effectively. Our mission is to spread this innovative approach to banking globally.As a cloud-native solution, Engine offers a robust platform that supports banks, building societies, and credit unions around the globe. We enable our partners to leverage advanced digital features and streamlined back-office processes that have contributed to Starling's remarkable success.At Engine, we embrace five core principles: listen, keep it simple, do the right thing, own it, and aim for greatness. Since our inception in 2022, we have rapidly grown, adopting an agile mindset that fosters innovation and adaptability. We cultivate an environment where our team members and partners can collaborate openly, take ownership, and drive projects forward.Hybrid Working EnvironmentOur headquarters are located in London, with additional offices in Manchester, Cardiff, and Southampton, as well as international locations in Dublin, Sydney, Dubai, Toronto, and New York. We prefer that our team members are within a reasonable commuting distance from one of our UK offices to facilitate in-person collaboration.Role OverviewAs the Business Information Security Officer (BISO), you will be instrumental in defining our security objectives and practices, leading the ongoing enhancement of our Information Security capabilities, and managing a dedicated Information Security Team. You will act as the primary liaison between Engine and Starling Bank’s Information Security teams, addressing all security-related inquiries from clients and auditors.We seek a curious and adaptable information security professional with strong leadership abilities who enjoys a collaborative and dynamic work environment. If you are passionate about problem-solving and engaging with diverse stakeholders, we would love to hear from you.

Join P.A. Consulting Group as a Security Architect, where you will be pivotal in designing robust security infrastructures for our diverse clientele. In this role, you'll leverage your extensive knowledge in cybersecurity principles and practices to develop innovative security solutions tailored to meet the unique needs of each client. Collaborate with cross-functional teams to ensure that security considerations are integrated into all aspects of system design and implementation.

Role Overview Sword Group is looking for an Information Management Consultant to support clients in improving their information systems and strategies. This remote position is based in London, England. What You Will Do Advise clients on optimizing information management practices Help organizations use data more effectively Contribute to the development and improvement of information systems and processes Location Remote , London, England, United Kingdom

Role Overview Evelyn Partners is looking for an Information Security Compliance Analyst in London. This position helps ensure the company’s security policies and procedures meet government regulations and industry standards. The analyst works closely with teams across the business to strengthen security practices. What You Will Do Monitor and assess compliance with security policies and procedures Support risk assessments and internal audits Participate in compliance reviews to identify gaps and recommend improvements Work with other departments to build awareness and improve security controls

Trainline connects millions of travelers with rail and coach tickets, offering a range of options through its app, website, and B2B channels. With a focus on making travel simpler and more sustainable, Trainline partners with over 270 transport companies in 40 countries. The company processes more than 135 million visits monthly and handles £6.3 billion in ticket sales each year. Headquartered in London and present in major European cities, Trainline's team includes more than 1,000 people from 50+ nationalities. The Security team works to strengthen risk management as technology and AI risks change. Collaboration with teams across the business helps keep systems and data secure. Role overview The Senior Information Security Risk Analyst, based in London and reporting to the GRC Manager, will play a key role in advancing Trainline’s security risk management program. This position focuses on addressing both established and emerging risks, particularly those related to AI and cloud technologies. What you will do Manage information security risks, including traditional cyber threats and AI-specific risks such as data quality and model bias. Align risk management activities with Trainline’s business risk appetite. Work with Engineering, Data Science, Legal, and Internal Audit teams to maintain a broad perspective on information, cyber, and AI risks. Promote strong risk governance in a cloud-first, AI-driven environment. Conduct risk assessments for both existing and new AI use cases. Collaboration This role requires frequent interaction with both technical and business teams. The aim is to make sure risk management practices are practical and integrated into daily operations.

Join Trustpilot as an Information Security Governance, Risk, and Compliance Analyst, where you'll play a pivotal role in enhancing our security posture. In this dynamic position, you will be responsible for identifying, assessing, and managing security risks while ensuring compliance with relevant regulations and best practices. You'll collaborate with cross-functional teams to promote a culture of security awareness and implement effective governance frameworks.

Join Turner Townsend as a Principal / Associate Digital Consultant specializing in Information Management. In this pivotal role, you will leverage your expertise to guide clients in the digital transformation of their infrastructure projects. Your insights will help optimize data management processes, ensuring that our clients achieve operational excellence and strategic objectives.As a leader in our team, you will be responsible for assessing client needs, developing tailored strategies, and implementing innovative solutions that drive results. Your contributions will directly impact the success of our projects and the satisfaction of our clients.

Role overview The Information Security Governance, Risk, and Compliance (GRC) Manager at AJ Bell will manage and strengthen the company’s information security policies. Based in either Manchester or London, this hybrid role centers on ensuring ongoing compliance with industry regulations and standards. Main responsibilities Develop and maintain the information security GRC framework. Assess risks across the business and implement mitigation strategies. Monitor and support adherence to industry standards and regulatory requirements. Lead internal audits and conduct compliance reviews. Report findings and progress to senior management. Work with teams throughout the organization to encourage security awareness and advance risk management initiatives. Work location This position is available in Manchester or London, with a hybrid working arrangement.

Veeva Systems is a pioneering, mission-driven organization that specializes in industry cloud solutions, dedicated to accelerating the delivery of therapies to patients worldwide. With remarkable growth as one of the fastest-growing SaaS companies in history, we achieved over $2 billion in revenue during our last fiscal year and are poised for continued expansion.Our core values at Veeva include Doing the Right Thing, Customer Success, Employee Success, and Speed. In 2021, we made history by becoming a public benefit corporation (PBC), committed to balancing the needs of our customers, employees, society, and investors.As a Work Anywhere company, we offer the flexibility to work from home or in the office, allowing you to thrive in an environment that suits you best.Join us in transforming the life sciences industry, and making a positive impact on our customers, employees, and communities.The RoleWe are seeking experienced consultants with a proven track record in system implementation and a passion for helping clients enhance their regulatory data and document management processes.Veeva’s Vault RIM suite is the only unified software solution offering fully integrated regulatory information management (RIM) capabilities, including data and document management, submission publishing, and archival, all on a single cloud-based platform.As part of our Professional Services team, you will assess our customers’ regulatory needs globally, convert those requirements into actionable solution designs, and configure our cloud-based platform to manage regulatory information across their enterprises.This is a remote position open to candidates located within the EU/UK, provided they are near an airport and can meet travel requirements. We encourage qualified candidates from the EU/UK to apply.