Hays Specialist Recruitment Limited
PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance.Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute to the development and refinement of controls and processes to ensure the safety, confidentiality, integrity, availability, and overall security of data stored on systems. You will be responsible for identifying gaps in existing cybersecurity policies and procedures and, in collaboration with security, network, information governance, and technical leads, developing new measures to address these gaps. KEY RESPONSIBILITIES: You will work closely with system and service owners, as well as internal and external stakeholders, to design, implement, and enforce appropriate protective and detective security controls, policies, and procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root cause analysis. You must be able to communicate effectively about security incidents and cyber risks to both technical and non-technical stakeholders. The role works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post-incident reviews, recommend control and process improvements, and contribute to the creation and maintenance of cybersecurity governance documentation. You will also research emerging cyber threats and mitigation strategies and provide reports or presentations to senior stakeholders as required. The role supports cybersecurity training and awareness initiatives, promoting a strong security culture and helping to upskill colleagues in cybersecurity best practices. You will also collaborate with solution architects and project teams to ensure security is embedded into system and application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies. Strong analytical, communication, and problem-solving skills, including the ability to produce clear technical and non-technical reports. Ability to analyse and interpret security events/logs and perform remediation work to address security issues. Desirable: Recognised cybersecurity certifications (e.g., CompTIA Security+, CEH, GIAC, CISSP). Experience with DarkTrace Qualifications Bachelor's degree in Cybersecurity or Computer Science Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance.Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute to the development and refinement of controls and processes to ensure the safety, confidentiality, integrity, availability, and overall security of data stored on systems. You will be responsible for identifying gaps in existing cybersecurity policies and procedures and, in collaboration with security, network, information governance, and technical leads, developing new measures to address these gaps. KEY RESPONSIBILITIES: You will work closely with system and service owners, as well as internal and external stakeholders, to design, implement, and enforce appropriate protective and detective security controls, policies, and procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root cause analysis. You must be able to communicate effectively about security incidents and cyber risks to both technical and non-technical stakeholders. The role works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post-incident reviews, recommend control and process improvements, and contribute to the creation and maintenance of cybersecurity governance documentation. You will also research emerging cyber threats and mitigation strategies and provide reports or presentations to senior stakeholders as required. The role supports cybersecurity training and awareness initiatives, promoting a strong security culture and helping to upskill colleagues in cybersecurity best practices. You will also collaborate with solution architects and project teams to ensure security is embedded into system and application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies. Strong analytical, communication, and problem-solving skills, including the ability to produce clear technical and non-technical reports. Ability to analyse and interpret security events/logs and perform remediation work to address security issues. Desirable: Recognised cybersecurity certifications (e.g., CompTIA Security+, CEH, GIAC, CISSP). Experience with DarkTrace Qualifications Bachelor's degree in Cybersecurity or Computer Science Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
GlobalData UK Ltd
City, London
Who we are GlobalData is a specialist information services business helping clients decode the future, make better decisions and reach more customers. Through our data, expert analysis and innovative solutions, we provide intelligence across the world s largest industries to companies, governments and industry professionals. Formed in 2016 through the combination of multiple specialist firms, we are now a fully integrated global platform with 3,500+ colleagues across 20+ industries, supporting over 5,000 customers worldwide. Why join GlobalData? We are at a pivotal stage of growth, supported by recent investment and ambitious plans. It s a fast-paced, entrepreneurial environment where collaboration drives success, and where curious, ambitious individuals can make a real impact as we work towards becoming the world s most trusted source of strategic industry intelligence. The role As Information Security Manager, you will lead the strategy and delivery of initiatives that strengthen GlobalData s cybersecurity posture across global operations. You ll ensure our people, systems and infrastructure remain secure, resilient and able to support continued growth. Reporting to the Chief Information Security Officer, you will lead a team of security professionals, drive key security programmes, and work closely with stakeholders across technology and business teams to improve cyber governance, data security and operational resilience. This role requires strong expertise in information security, AI and data governance, alongside experience in vendor management and third-party risk. What you ll be doing Lead and deliver the information security strategy aligned to business goals Develop and maintain security frameworks, policies and standards Oversee risk management, threat assessment and vulnerability programmes Ensure compliance with ISO 27001, ISO 42001, GDPR and other relevant frameworks Manage security operations including incident response, monitoring and investigations Partner with IT, engineering, legal and business teams to embed security best practice Lead internal/external audits, assessments and remediation plans Manage third-party and vendor security risk programmes Build, mentor and lead a high-performing security team Provide executive reporting on security risks, metrics and improvement plans Monitor emerging threats, technologies and regulations What we re looking for 8+ years experience in senior cybersecurity or information security roles Leadership experience within a complex, multinational business Experience managing global teams across multiple regions Strong knowledge of ISO 27001, NIST, CIS Controls or similar frameworks Proven experience in security operations, risk management and compliance Experience handling security incidents and crisis management Strong commercial awareness and budget management experience Excellent communication and stakeholder management skills, including senior leadership exposure Strong understanding of IT infrastructure, cloud technologies and enterprise systems Experience managing third-party vendors and technology partners Preferred Certifications CISM or similar ISO 27001 Lead Implementer / Lead Auditor ISO 42001 (desirable) Technical Skills Security architecture and cloud security (AWS) SIEM, EDR and SOC tools ISO 27001 / ISO 42001 implementation Vulnerability management and penetration testing oversight Data protection, encryption and privacy controls Third-party risk management tools and processes Leadership & Competencies Inspiring leader who develops teams and delegates effectively Strategic thinker with strong decision-making skills Able to influence senior stakeholders and collaborate cross-functionally Hands-on and comfortable operating at all levels Calm under pressure with strong prioritisation skills Able to translate technical risk into clear business impact Highly organised with strong attention to detail In addition to a rewarding career, we support our GlobalData colleagues with a range of benefits across health, finances, fitness, travel, tech and more. To find out more about the roles and benefits on offer in your region, visit (url removed) GlobalData believes strongly in the value of diversity and creating supportive, inclusive environments where our colleagues can succeed. As such, we are proud to be an Equal Opportunity Employer. GlobalData is determined to ensure that no applicant or employee receives less favourable treatment on the grounds of gender, age, disability, religion, belief, sexual orientation, marital status, race, or is disadvantaged by conditions or requirements which cannot be shown to be justifiable.
Who we are GlobalData is a specialist information services business helping clients decode the future, make better decisions and reach more customers. Through our data, expert analysis and innovative solutions, we provide intelligence across the world s largest industries to companies, governments and industry professionals. Formed in 2016 through the combination of multiple specialist firms, we are now a fully integrated global platform with 3,500+ colleagues across 20+ industries, supporting over 5,000 customers worldwide. Why join GlobalData? We are at a pivotal stage of growth, supported by recent investment and ambitious plans. It s a fast-paced, entrepreneurial environment where collaboration drives success, and where curious, ambitious individuals can make a real impact as we work towards becoming the world s most trusted source of strategic industry intelligence. The role As Information Security Manager, you will lead the strategy and delivery of initiatives that strengthen GlobalData s cybersecurity posture across global operations. You ll ensure our people, systems and infrastructure remain secure, resilient and able to support continued growth. Reporting to the Chief Information Security Officer, you will lead a team of security professionals, drive key security programmes, and work closely with stakeholders across technology and business teams to improve cyber governance, data security and operational resilience. This role requires strong expertise in information security, AI and data governance, alongside experience in vendor management and third-party risk. What you ll be doing Lead and deliver the information security strategy aligned to business goals Develop and maintain security frameworks, policies and standards Oversee risk management, threat assessment and vulnerability programmes Ensure compliance with ISO 27001, ISO 42001, GDPR and other relevant frameworks Manage security operations including incident response, monitoring and investigations Partner with IT, engineering, legal and business teams to embed security best practice Lead internal/external audits, assessments and remediation plans Manage third-party and vendor security risk programmes Build, mentor and lead a high-performing security team Provide executive reporting on security risks, metrics and improvement plans Monitor emerging threats, technologies and regulations What we re looking for 8+ years experience in senior cybersecurity or information security roles Leadership experience within a complex, multinational business Experience managing global teams across multiple regions Strong knowledge of ISO 27001, NIST, CIS Controls or similar frameworks Proven experience in security operations, risk management and compliance Experience handling security incidents and crisis management Strong commercial awareness and budget management experience Excellent communication and stakeholder management skills, including senior leadership exposure Strong understanding of IT infrastructure, cloud technologies and enterprise systems Experience managing third-party vendors and technology partners Preferred Certifications CISM or similar ISO 27001 Lead Implementer / Lead Auditor ISO 42001 (desirable) Technical Skills Security architecture and cloud security (AWS) SIEM, EDR and SOC tools ISO 27001 / ISO 42001 implementation Vulnerability management and penetration testing oversight Data protection, encryption and privacy controls Third-party risk management tools and processes Leadership & Competencies Inspiring leader who develops teams and delegates effectively Strategic thinker with strong decision-making skills Able to influence senior stakeholders and collaborate cross-functionally Hands-on and comfortable operating at all levels Calm under pressure with strong prioritisation skills Able to translate technical risk into clear business impact Highly organised with strong attention to detail In addition to a rewarding career, we support our GlobalData colleagues with a range of benefits across health, finances, fitness, travel, tech and more. To find out more about the roles and benefits on offer in your region, visit (url removed) GlobalData believes strongly in the value of diversity and creating supportive, inclusive environments where our colleagues can succeed. As such, we are proud to be an Equal Opportunity Employer. GlobalData is determined to ensure that no applicant or employee receives less favourable treatment on the grounds of gender, age, disability, religion, belief, sexual orientation, marital status, race, or is disadvantaged by conditions or requirements which cannot be shown to be justifiable.
