Information security jobs in NorwichCreate job alerts

Business Analyst: Working within the CISO department as part of the security engineering team, the BA will be working with internal and external stakeholders (both IT and non-IT areas). Accountable for managing key business stakeholders to define requirements for change initiatives aimed at improving processes and systems ensuring alignment to business benefits and assuring quality delivery & testing of these requirements as per business protection standards and technical specifications. The “Cyber Security Business Analyst” are responsible for • Lead the facilitation of business workshops to elicit, challenge, develop and convert business, functional, and non-functional requirements into process/systems solutions considering IT and business drivers., • Ensure all documented requirements are delivered in a clear, concise, and timely fashion, suitable for handover to the Project delivery teams including Solution Architects and Test Leads., • Ensure that the requirements’ acceptance criteria, integrity and traceability is maintained throughout the project lifecycle working alongside both internal and external suppliers. • Qualification and quantification of business benefits relating to requirements for change and improved business processes, including impact assessment of change requests to scope and requirements., • Ensure the quality & timeliness of the analysis, requirements, specifications & acceptance criteria produced with the security engineering function to guide the strategy around new security technology controls as well as with infrastructure engineering and application development programs and teams to advise on the security risks they need to address and the correct selection and implementation of controls., • work directly with multiple IT infrastructure and application development projects and teams to apply standard technical risk assessment methods to identify and prioritize risks for remediation, • Review architecture and design documents to help ensure the correct implementation of security technology controls, • contribute to the development of improved risk assessment approaches, • contribute to the systemization of the delivery of security advisory services Experience: Knowledge of risk management concepts including risk assessment and risk treatment techniques and methodologies, including: • Risk Assessment methods and frameworks (IRAM2, OCTAVE, NIST, ISO 27005 etc), • Information Security Management System frameworks and standards and their application, • Compliance frameworks relevant to financials services including SOX, PCI DSS, SSAE16, etc), • Good working knowledge of one or more security technologies and domains, including, but not limited to network security, cyber security, data security, identity and access management, application security & cloud security(SaaS,IaaS,PaaS), • Experience in advising on or developing security architectures and designs for one or more security technology domains, • Security technologies (firewalls, WAFs, DLP, cryptography, vulnerability scanning, identity and access management, etc.), • Delivering security changes to meet the CISO business needs. • Appreciation of different cyber threats such as malicious cyber-attacks, phishing, data theft, domain fronting, HTML smuggling etc., • Good understanding of cyber security working in financial organizations., • Good understanding of the need for tight data loss prevention controls to protect financial organisations from data theft and leakage etc, • Good understanding of networks, firewalls, proxies, traffic routing and management., • A good understanding of risk and issue management., • Basic cloud knowledge on any of cloud like AWS, Azure, GCP Skills: • Proven business analysis, problem solving, issue tracking and resolution skills, • An in-depth understanding of cyber security and security operations concepts, tooling and practices, • Experience as Agile Business Analyst within a cyber security environment, • Good communication skills and the ability to capture requirements and express them in a clear and concise manner, • Ability to develop user flows and process diagrams and documentation, • An appreciation of threat intelligent techniques and the threat landscape for Financial Services organizations, • Created and published procedural and policy documentation and guidance, • Bridge the communications gap between the business users and security functions during process analysis., • Bridge the communications gap between the CISO teams and cyber security tool providers during solution analysis., • Impact assess security problems raised by CISO teams., • Map current and target security operations model and processes., • Gather business requirements to assist with finding appropriate solutions to cyber security problems., • Facilitate ‘show and tell’ sessions with business users and/or CISO teams to demonstrate security solutions., • Security qualifications, which may include CISM, CISA, CISSP, BS7799 Auditor or other. Wipro is an exciting organization to work for. We ranked as a “Top Employer” as part of the Top Employer Institute annual listings. We were assessed on several key HR practices including Diversity and Inclusion. Benefits: You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic business. Your benefits include • Contributory pension of up to 5%, • Extra holiday purchase, • 4x life insurance policy Wipro is an advocate for positive change and conscious inclusion. As a global employer, we strive to create a diverse Wipro family by remaining committed to the development of our culture, diversity, equality, and inclusion in the workplace. All applicants welcome.

Salary: £55,000-£60,000 (DOE) per annum plus pension, & excellent benefits package? Job type: Permanent, full-timeWe are on the lookout for an experienced Cloud Information Security Officer to help drive forward our commitment to providing a world-class information security management system fo

We are looking for an Information Governance/Security Analyst to support one of our NHS customers in the North West. Review contracts for: - Cybersecurity clauses - Right to audit - Data protection clauses - Incident breach notification requirements - Details of sub-processors - Review contracts for

As the Information Security Officer for Risk your primary purpose will be to become a trusted cyber security risk advisor, ensuring the business is compliant against security policy, acting as advisory, collaborating with stakeholders and management to assess risks, review and advise ratings for IT/

Define and lead a global information security vision aligned with the mission to support fair and secure digital taxation across jurisdictions. Integrate security into development pipelines (DevSecOps), ensuring secure coding, automated checks, and security validation across modules. Shape the secur

Extensive experience (8+ years) in Information Security, with significant time in a senior leadership or CISO/Interim CISO role. Group Information Asset Register (IAR) Review. Establish a repeatable, documented process for the continuous identification, registration, and risk-linkage of all high-val

Chief Information Security Officer (CISO) - Critical Infrastructure. Lead the transformation to a "world-class software organisation" by embedding DevSecOps and "security as code.

As Senior Information Security Manager, you will be responsible for defining, implementing, and managing their information security strategy across the business. Proven experience in a senior information security leadership role, ideally within financial services or another regulated sector. Senior

Enterprise IT Security, Information Governance and Cyber Security. We currently require the services of a Security Consultant (Governance, Risk, Compliance - GRC) to strengthen our delivery capability in the security consulting space. Information Security Consultant (Governance, Risk, Compliance - G

Strong understanding of information security and cyber threat defence. Title: Information Security Analyst. The ideal candidate will be responsible for tracking vulnerabilities, managing threats and coordinating responses to emerging threats, supporting ISO 27001 implementation and ongoing ISMS acti

As an Information Security Compliance Analyst, you will support the development and maintenance of the EMEA wide information security management system in accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR.

Our investment advisory client is seeking an experienced Director of Information Security to lead the cybersecurity program of a prestigious, globally recognised portfolio company, ensuring the protection of sensitive intellectual property, critical resources, and global operations. Define and drive

The role will provide hands-on support to the Security Engineer and Information Security Manager, with a focus on monitoring, reporting, and routine security tasks, while developing knowledge in incident response and infrastructure security. Experience of working in a technical information security

Information Security Officer - Physical Asset Security. Information Security Officer with experience specifically around the security of physical asset that help this organisation work and run to deliver their essential services. As the Information Security Officer for the Supply Chain assessing the

If you’re an experienced Information Security Analyst who enjoys combining technical security insight with governance and assurance, this short-term remote contract offers an opportunity to make a meaningful impact. Senior Information Security Analyst – 3-Month Remote Contract. We’re supportin

Proven experience in information security compliance, risk management, and audit. We are looking for a detail-oriented and proactive Information Security Compliance Analyst to join our team on a permanent basis. This role is pivotal in supporting the development and continuous improvement of our glo

Are you interested in building large-scale distributed security systems and tools for the cloud? Do you enjoy all aspects of security, from end user devices and traditional information technology (IT), to hyperscale cloud and multicloud services, to hardware and operational technology (OT)? A securi

Translate complex technical PCI DSS requirements and security findings into clear, business-oriented language for senior stakeholders, including C-level executives. Broad knowledge of complementary security domains and standards (e. ISO 27001, Cyber Essentials, cloud security, risk management).

You will be contributing to the development, implementation and enforcement of information security policies, procedures and measures to ensure the confidentiality, integrity and availability of the IT systems and business information. BAM UK & Ireland are recruiting an Information Security Assuranc

Developing and report cyber security metric scorecards to reflect the level of adoption and compliance to security policies/standards. You will have expertise in Cyber Security, including incident response, risk management, and governance, by developing innovative strategies and security programs. E

Author, review, certify, and/or maintain security management plans and RMF package artifacts including but not limited to: RMF Implementation Plans, System Security Management Plans, Information Support Plans, Program Protection Plans (PPPs), Security Risk Analyses, Security Vulnerability and Counte

This role offers broad exposure to information security frameworks, compliance standards, and client advisory work. A foundational understanding of information security frameworks (ISO 27001, SOC 2, Cyber Essentials). Interest in risk, compliance, and information security.

Get notified about new Head of Information Security jobs in. Head of Information Security - FinTech - £100K+. Based in central London, hybrid working, they’re looking for a Head of InfoSec to join them, champion security and take the lead across DevSecOps, application security, ops and governance

Enterprise IT Security, Information Governance and Cyber Security. Information Security Consultant (Governance, Risk, Compliance - GRC). We currently require the services of a Security Consultant (Governance, Risk, Compliance - GRC) to strengthen our delivery capability in the security consulting sp

Extensive knowledge of information security frameworks, governance, and compliance standards. Leading and developing the organization’s information security strategy, policies, and programs. Managing and mentoring the cybersecurity team to strengthen the organization’s security posture.

As Cornerstone's Information Security Manager, you will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS), ensuring alignment with ISO 27001:2022. Suitable candidates are likely to have prior experience in roles such as Information

Get notified about new Information Security Analyst jobs in. Information Security Compliance Analyst. EMEA-wide Information Security Management System.

Lead Information Security & GRC Analyst – Information Security, ISO 27001, ISMS, Implementation, Security Policies, GRC, Data Security, Data Privacy, Audit, Automation, OneTrust, ServiceNow GRC, Remote (UK). This is a fantastic Lead Information Security & GRC Analyst opportunity to work with a glo

If you’re an experienced Information Security Analyst who enjoys combining technical security insight with governance and assurance, this short‑term remote contract offers an opportunity to make a meaningful impact. Senior Information Security Analyst. Information Security, combining.

Extensive experience (8+ years) in Information Security, with significant time in a senior leadership or CISO/Interim CISO role. Interim Chief Information Security Officer. Group Information Asset Register (IAR) Review.

Are you interested in building large-scale distributed security systems and tools for the cloud? Do you enjoy all aspects of security, from end user devices and traditional information technology (IT), to hyperscale cloud and multicloud services, to hardware and operational technology (OT)? A securi

Title: Information Security Analyst. The ideal candidate will be responsible for tracking vulnerabilities, managing threats and coordinating responses to emerging threats, supporting ISO 27001 implementation and ongoing ISMS activities, leading company-wide Information Security training, as well as

Maintain and manage SIEM (Security Information and Event Management) tools and log analysis. Security certifications such as CompTIA Security+, SSCP, CEH, GSEC, or CISSP (or actively working toward one). Information Security Analyst - SecOps Detection.

Expertise in a wide range of security domains: access controls, network security, cloud security, application security, secure software design, security testing, and vulnerability remediation, and incident management. As the Information Security Officer, you will be the Security point of contact for

You will have practical workplace experience in information technology and information security. Information Security Lead Auditor. Due to our continued growth we are seeking professionals within information security to join our growing Lead Auditor teams who support a breadth of clients across the

Research and share information security best practices, emerging threats, and mitigation strategies with internal teams. We are seeking an experienced Head of Custody Security to lead our efforts in ensuring robust security for digital asset custody and blockchain infrastructure. Minimum of 8 years

Our investment advisory client is seeking an experienced Director of Information Security to lead the cybersecurity program of a prestigious, globally recognised portfolio company, ensuring the protection of sensitive intellectual property, critical resources, and global operations. Drive cloud secu

If you would like more information on this Information Security GRC Manager role, please get in touch. Information Security GRC Manager. I'm partnered with a specialist technology business who are now hiring their first dedicated Information Security GRC leader.

As the Information Security Officer for Risk your primary purpose will be to become a trusted cyber security risk advisor, ensuring the business is compliant against security policy, acting as advisory, collaborating with stakeholders and management to assess risks, review and advise ratings for IT/

Reporting to the Information Security Manager, you’ll join a supportive, security-focused IT team committed to strengthening our security posture. As an Information Security Officer, you’ll help embed good security practices across the Trust, supporting teams to understand governance, risk, and

You will work closely with the Information Security Manager and Chief Information Security Officer to maintain and improve Ping Identity’s Information Security Management System. You will develop and maintain security policies, assess and review policy compliance across the organisation, assess or

The British American Security Information Council (BASIC) is an independent, non‑partisan think tank working to advance global security and nuclear disarmament. BASIC’s work spans research, advocacy, and engagement through its programmes such as the Emerging Voices Network (EVN), Transatlantic S

Information Security Specialist – UK remote - £45,000 – £52,000 + Benefits. Information Security Specialist. Work closely with the IT Director and wider IT team to align security practices with business needs.

Enterprise IT Security, Information Governance and Cyber Security. Information Security Consultant (Governance, Risk, Compliance - GRC). We currently require the services of a Security Consultant (Governance, Risk, Compliance - GRC) to strengthen our delivery capability in the security consulting sp

If you're an experienced Information Security professional looking to take ownership of security strategy, operations, and compliance in a dynamic SaaS environment, this is the perfect opportunity to make your mark. A new position has opened at an exciting software company for an Information Securit

The Information Security Architect will be a gatekeeper of Information Security within the CC Architecture Community of Practice and make sure that all platforms are appropriately designed to mitigate information risk and are secured as appropriate and tested as required. Working as part of the wide

Requirements for Information Security Officer. Strong experience in information security within a SaaS or cloud–based software environment. Responsibilities for Information Security Officer.

Principal Information Security Consultant. Broad knowledge of complementary security domains and standards (e. ISO 27001, Cyber Essentials, cloud security, risk management).