At a Glance
- Tasks: Enhance cybersecurity policies and ensure compliance with evolving regulations.
- Company: Global tech firm focused on cybersecurity and risk management.
- Benefits: Hybrid work model, career development, and exposure to complex challenges.
- Other info: Collaborative environment with opportunities for professional growth.
- Why this job: Join a dynamic team and influence security strategy across the organisation.
- Qualifications: 5+ years in Information Security with strong GRC knowledge.
The predicted salary is between 60000 - 80000 € per year.
Location: Central London (Hybrid - 2/3 days per week on site)
About the Role
We’re looking for an experienced Information Security Governance, Risk & Compliance Specialist to join a high-performing global technology team. This role is ideal for someone who enjoys working at the intersection of cybersecurity, risk management, and regulatory compliance, with the opportunity to influence security strategy across both technical and business functions. You’ll play a key role in strengthening security posture, embedding best practices, and ensuring compliance with evolving regulatory requirements within a complex, fast-paced environment.
Key Responsibilities
- Governance & Policy
- Develop, maintain, and enhance cybersecurity policies, standards, and procedures
- Ensure alignment with industry frameworks such as ISO 27001 and NIST
- Support integration of security controls across technical and non-technical teams
- Conduct risk assessments to identify vulnerabilities and threats
- Support and oversee implementation of mitigation strategies
- Define and evaluate control effectiveness through meaningful metrics
- Embed cyber risk into enterprise risk frameworks and reporting
- Compliance & Regulation
- Ensure adherence to internal policies and external regulatory requirements
- Work closely with Technology, Legal, Compliance, and Audit teams
- Produce clear and detailed reports for senior stakeholders
- Monitor regulatory developments and support compliance planning
- Contribute to cybersecurity awareness programmes
- Promote a strong security culture across the organisation
- Provide guidance on cybersecurity best practices to wider teams
- Assist in responding to security incidents
- Support post-incident reviews and reporting
- Help implement improvements to strengthen future resilience
- Stakeholder Engagement
- Communicate effectively with stakeholders at all levels
- Provide subject matter expertise on security, risk, and compliance
- Collaborate cross-functionally to deliver security objectives
Skills & Experience
- 5+ years’ experience in Information Security, ideally within a GRC-focused role
- Strong understanding of security frameworks (e.g. ISO 27001, NIST)
- Experience with risk assessment and compliance processes
- Knowledge of financial services regulations (e.g. FCA, DORA, SEC, MAS)
- Familiarity with cloud security (AWS, Azure, SaaS, PaaS, IaaS)
- Understanding of IAM principles (SSO, MFA, RBAC)
- Solid knowledge of network security fundamentals (firewalls, TCP/IP, DNS, etc.)
- Exposure to DevSecOps / CI/CD governance is advantageous
- Relevant certifications such as CISSP, CISM, or CISA preferred
- Degree in Cybersecurity, IT, or related field (or equivalent experience)
What You’ll Bring
- Strong analytical and problem-solving skills
- Ability to communicate complex security concepts clearly
- Collaborative mindset with the ability to influence stakeholders
- Proactive approach to identifying and addressing risk
What’s on Offer
- Hybrid working environment
- Opportunity to work in a global, collaborative team
- Exposure to complex regulatory and security challenges
- Career development within a growing cybersecurity function
Information Technology Security Specialist employer: idpp
Join a dynamic and innovative global technology team in Central London, where we prioritise a collaborative work culture and offer a hybrid working model that promotes work-life balance. As an Information Technology Security Specialist, you will have the opportunity to influence security strategy while benefiting from career development within a rapidly growing cybersecurity function, all within a supportive environment that values your expertise and contributions.
StudySmarter Expert Advice🤫
We think this is how you could land Information Technology Security Specialist
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cybersecurity field. Attend meetups, webinars, or industry conferences. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or a personal website showcasing your projects, certifications, and any relevant experience. This is your chance to shine and demonstrate your expertise in information security and compliance.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to governance, risk, and compliance. Be ready to discuss how you've tackled challenges in past roles and how you can contribute to strengthening security posture in a new position.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for talented individuals like you. Plus, it’s a great way to ensure your application gets seen by the right people.
We think you need these skills to ace Information Technology Security Specialist
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Information Technology Security Specialist. Highlight your experience with cybersecurity frameworks like ISO 27001 and NIST, and don’t forget to mention any relevant certifications you hold!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how your skills align with our needs. Be sure to mention your experience in risk management and compliance, as these are key for us.
Showcase Your Problem-Solving Skills:In your application, give examples of how you've tackled complex security challenges in the past. We love seeing candidates who can think critically and come up with innovative solutions to security issues.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity in our global technology team!
How to prepare for a job interview at idpp
✨Know Your Frameworks
Make sure you brush up on key security frameworks like ISO 27001 and NIST. Be ready to discuss how you've applied these in your previous roles, as this will show your understanding of the industry standards and your ability to align with them.
✨Showcase Your Risk Assessment Skills
Prepare to talk about your experience with risk assessments. Have specific examples ready where you identified vulnerabilities and implemented mitigation strategies. This will demonstrate your hands-on experience and analytical skills.
✨Communicate Clearly
Since you'll be engaging with stakeholders at all levels, practice explaining complex security concepts in simple terms. This will highlight your communication skills and your ability to influence others, which is crucial for this role.
✨Stay Updated on Regulations
Familiarise yourself with current financial services regulations like FCA and DORA. Being able to discuss recent developments and how they impact cybersecurity will show that you're proactive and well-informed, making you a strong candidate.
