About the Information Security Officer role
My client, a Financial Services institute based in London, is looking to hire an Information Security & Compliance Officer to support and strengthen their security and compliance posture. No sponsorship can be offered for this role, and the successful candidate is expected to be in the office up to 3 days per week.
This role is responsible for coordinating security activities across the business, supporting compliance initiatives, managing third‑party risk, and acting as the internal liaison with their outsourced SOC and Virtual CISO. The successful candidate will help implement security governance, risk management, and compliance frameworks while ensuring security best practices are embedded across the organisation. This role is ideal for someone with experience in security operations, governance, risk, and compliance (GRC) who enjoys working across teams to improve organisational security maturity.
Key Responsibilities
Security Operations Oversight
- Act as the primary internal liaison with the outsourced SOC provider
- Monitor and coordinate responses to alerts generated through Microsoft Sentinel and Microsoft Defender
- Support incident response coordination and internal communications
- Track remediation of security vulnerabilities and incidents
Governance, Risk & Compliance
- Support the implementation and maintenance of security frameworks such as:
- ISO 27001
- Cyber Essentials Plus
- NIST / CIS frameworks
- Maintain and develop security policies, standards, and procedures
- Conduct risk assessments and track remediation actions
- Coordinate internal and external security audits
- Coordinate with other governance teams to ensure alignment around key initiatives
Third Party Risk Management (TPRM)
- Lead the rollout and ongoing management of a Third Party Risk Management programme
- Perform vendor security assessments and due diligence
- Maintain vendor risk registers and track remediation activities
- Work with procurement and legal teams to embed security requirements into supplier onboarding
Security Governance & Awareness
- Support security awareness and training initiatives across the organisation
- Work with IT and engineering teams to ensure security best practices are followed
- Maintain risk registers and compliance documentation
- Provide reporting and metrics on security posture to leadership
Security Projects & Initiatives
- Support compliance initiatives and security improvement programmes
- Work with the virtual CISO to implement strategic security improvements
- Assist with policy development and control implementation
- Help coordinate vulnerability management and remediation programmes
- Provide input into client security questionnaires and audits where appropriate
Skills & Experience
- 3-5 years experience in information security, IT security, or compliance
- Understanding of security governance, risk, and compliance (GRC)
- Experience with Microsoft security tooling (Sentinel, Defender, or Microsoft Security stack)
- Familiarity with security frameworks (ISO 27001, NIST, CIS, Cyber Essentials)
- Experience working with third party vendors or supplier risk assessments
- Strong communication and stakeholder management skills
- Ability to translate security requirements into practical business processes
Desirable
- Experience working with outsourced SOC providers
- Knowledge of Third Party Risk Management (TPRM) programmes
- Experience supporting ISO 27001 certification or audits
- Certifications such as:
- ISO 27001 Lead Implementer / Lead Auditor
- CISSP
- CISM
- Security+
Key Competencies
- Strong organisational and documentation skills
- Ability to manage multiple compliance initiatives simultaneously
- Analytical thinking and risk assessment capability
- Collaborative approach to working across technical and non-technical teams
- Proactive mindset with a focus on continuous improvement
What Success Looks Like
Within the first 12 months you will:
- Establish a structured Third Party Risk Management programme
- Improve visibility and reporting of security risks
- Strengthen security governance processes
- Develop an ISO 27001 implementation roadmap and compliance processes to ensure group compliance can evolve to a recognised standard within the next 12‑18 months.
- Improve collaboration between internal teams, the SOC provider, and the virtual CISO
About the Job
- Contract Type: Permanent
- Specialism: Technology & Digital
- Focus: Information Security
- Industry: Banking
- Salary: £55,000 – £60,000 per annum
- Workplace Type: Hybrid
- Experience Level: Mid Management
- Location: London
- Job Reference: BPFVDV-A5691021
EEO Statement
Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates.
#J-18808-Ljbffr”, “datePosted”: “2026-05-12”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Cyber Security training courses”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__429301250__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=33” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “London” } } }About the Information Security Officer role
My client, a Financial Services institute based in London, is looking to hire an Information Security & Compliance Officer to support and strengthen their security and compliance posture. No sponsorship can be offered for this role, and the successful candidate is expected to be in the office up to 3 days per week.
This role is responsible for coordinating security activities across the business, supporting compliance initiatives, managing third‑party risk, and acting as the internal liaison with their outsourced SOC and Virtual CISO. The successful candidate will help implement security governance, risk management, and compliance frameworks while ensuring security best practices are embedded across the organisation. This role is ideal for someone with experience in security operations, governance, risk, and compliance (GRC) who enjoys working across teams to improve organisational security maturity.
Key Responsibilities
Security Operations Oversight
- Act as the primary internal liaison with the outsourced SOC provider
- Monitor and coordinate responses to alerts generated through Microsoft Sentinel and Microsoft Defender
- Support incident response coordination and internal communications
- Track remediation of security vulnerabilities and incidents
Governance, Risk & Compliance
- Support the implementation and maintenance of security frameworks such as:
- ISO 27001
- Cyber Essentials Plus
- NIST / CIS frameworks
- Maintain and develop security policies, standards, and procedures
- Conduct risk assessments and track remediation actions
- Coordinate internal and external security audits
- Coordinate with other governance teams to ensure alignment around key initiatives
Third Party Risk Management (TPRM)
- Lead the rollout and ongoing management of a Third Party Risk Management programme
- Perform vendor security assessments and due diligence
- Maintain vendor risk registers and track remediation activities
- Work with procurement and legal teams to embed security requirements into supplier onboarding
Security Governance & Awareness
- Support security awareness and training initiatives across the organisation
- Work with IT and engineering teams to ensure security best practices are followed
- Maintain risk registers and compliance documentation
- Provide reporting and metrics on security posture to leadership
Security Projects & Initiatives
- Support compliance initiatives and security improvement programmes
- Work with the virtual CISO to implement strategic security improvements
- Assist with policy development and control implementation
- Help coordinate vulnerability management and remediation programmes
- Provide input into client security questionnaires and audits where appropriate
Skills & Experience
- 3-5 years experience in information security, IT security, or compliance
- Understanding of security governance, risk, and compliance (GRC)
- Experience with Microsoft security tooling (Sentinel, Defender, or Microsoft Security stack)
- Familiarity with security frameworks (ISO 27001, NIST, CIS, Cyber Essentials)
- Experience working with third party vendors or supplier risk assessments
- Strong communication and stakeholder management skills
- Ability to translate security requirements into practical business processes
Desirable
- Experience working with outsourced SOC providers
- Knowledge of Third Party Risk Management (TPRM) programmes
- Experience supporting ISO 27001 certification or audits
- Certifications such as:
- ISO 27001 Lead Implementer / Lead Auditor
- CISSP
- CISM
- Security+
Key Competencies
- Strong organisational and documentation skills
- Ability to manage multiple compliance initiatives simultaneously
- Analytical thinking and risk assessment capability
- Collaborative approach to working across technical and non-technical teams
- Proactive mindset with a focus on continuous improvement
What Success Looks Like
Within the first 12 months you will:
- Establish a structured Third Party Risk Management programme
- Improve visibility and reporting of security risks
- Strengthen security governance processes
- Develop an ISO 27001 implementation roadmap and compliance processes to ensure group compliance can evolve to a recognised standard within the next 12‑18 months.
- Improve collaboration between internal teams, the SOC provider, and the virtual CISO
About the Job
- Contract Type: Permanent
- Specialism: Technology & Digital
- Focus: Information Security
- Industry: Banking
- Salary: £55,000 – £60,000 per annum
- Workplace Type: Hybrid
- Experience Level: Mid Management
- Location: London
- Job Reference: BPFVDV-A5691021
EEO Statement
Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates.
#J-18808-Ljbffr…