Associate, Information Security professional at Santander focusing on Vulnerability Management and network security exposure. Collaborating with teams to enhance security posture and manage technology risks.
About the role
- Senior Information Governance Security Consultant at Civica improving information governance and cyber security for public and private sector clients. Leading security engagements and consultancy for resilience, compliance, and risk management.
Responsibilities
- Help organisations strengthen their information governance and cyber security posture.
- Deliver consultancy that directly improves resilience, compliance, and risk management.
- Lead meaningful security engagements, from gap analysis and risk assessments to certification support and security improvement programmes.
- Provide a strong mix of autonomy, variety, and influence.
- Enjoy solving complex security challenges and driving best practice.
- Work closely with clients to deliver real-world impact.
- This role can be performed predominantly from home, with occasional travel to offices.
Requirements
- Deliver Information Governance (IG) and Information Security (IS) consultancy services to clients
- Conduct gap analysis, risk assessments, and risk treatment planning
- Assess organisations against standards such as Cyber Essentials, Cyber Essentials Plus, and ISO 27001
- Support clients through certification processes and security improvement programmes
- Perform audits to ensure effectiveness of security controls
- Produce high-quality security reports and present findings to stakeholders
- Provide continuous assessment of client security practices and recommend improvements
- Contribute to the development and enhancement of IG and cyber security service offerings
- Deliver consultancy across recognised frameworks such as the NCSC Cyber Assessment Framework (CAF)
- Develop and review security policies, procedures, and controls
- Deliver security awareness training, workshops, and exercises
- Collaborate with internal teams and support pre/post sales activities
- Mentor colleagues and contribute to team knowledge sharing
- Maintain strong client relationships and stakeholder communication
- **Experience & Skills**
- Strong experience in IT Governance, Risk & Compliance (GRC) across cloud and on-premise environments
- Knowledge of security and data protection frameworks including ISO 27001, Cyber Essentials Plus, and GDPR
- Experience applying risk management principles and methodologies
- In-depth understanding of Cyber Essentials and NCSC CAF
- Ability to advise on security strategy and risk mitigation
- Strong knowledge of information security principles and technical controls
- Proven experience in client-facing roles
- Excellent communication skills, with the ability to engage stakeholders at all levels
- Strong organisational skills with attention to detail
- Ability to work independently with minimal supervision
- **Nice to have:**
- Experience implementing and auditing ISMS aligned to ISO 27001
- Relevant certifications such as CISSP, CISM, CISA, or CEH
- Experience working with frameworks such as DTAC, DSPT, CAF, or PSN
- Experience delivering security awareness programmes
- Experience in third-party assurance activities
- Ability to communicate complex security risks to both technical and non-technical audiences, including C-level stakeholders
- Strong presentation and reporting skills
- Experience working with Local Government
Benefits
- 25 Days Annual Leave + bank holidays – plus the option to buy up to 10 extra days!
- Days of Difference – Up to 3 extra days off for volunteering.
- Pension Contributions – 5% employer match to support your future.
- Income Protection – Up to 75% salary cover for long-term illness.
- Life Assurance – 4x salary tax-free lump sum.
- Critical Illness Cover – £25,000 lump sum (extendable to dependents).
- Private Medical Insurance – Fast access to private healthcare.
- Health Cash Plan – Claim back physio, therapies & more.
- Dental Insurance – Cover for routine & emergency care.
- Electric Vehicle (EV) Scheme – A wide range of electric & hybrid vehicles.
- Affinity Groups – Join employee-led communities.
- Bounty Bonus – Refer a friend & get rewarded.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IAM Security & Technology Governance person driving IAM technical program with cutting - edge technology to improve security posture at MUFG. Manage IAM requirements, standards, governance and solutions across global implementation.
Senior Analyst in Mastercard's newly created Vocalink Control Office supporting control testing across Security domains. Ensuring a strong control environment and identifying gaps for improvement.
Senior Analyst focusing on Information Security and Compliance at Cirque du Soleil. Engaging in threat analysis and improvement of security tools and processes, within a creative company culture.
Security Architect designing and implementing cybersecurity architectures for UK Defence projects. Collaborating with stakeholders to safeguard client data against cyber threats.
System Security Specialist analyzing risks and security controls for state agencies. Conducting assessments, providing advisory support, and strengthening cybersecurity posture.
Security Data Specialist supporting a large - scale cybersecurity assessment program for State government agencies. Transforming assessment data into actionable insights and enabling data - driven decision - making across stakeholders.
Trainee in Health & Safety supporting environmental and health safety processes at Hikma Pharmaceuticals. Collaborating on waste management and legal documentation while developing practical EHS skills.
Senior Security Engineer for Ro, enhancing SaaS security posture management and data loss prevention. Collaborating across teams to secure patient data and maintain compliance standards.
Senior Mainframe Security Engineer at Capital One, focusing on Identity Access Management using IBM z/OS and CICS Security. Collaborate on automation and security solutions in a fast - paced environment.