Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Coordinate security activities and manage compliance initiatives across the organisation.
- Company: Join PEI Group, a leading business intelligence company with a global presence.
- Benefits: Flexible working arrangements, inclusive culture, and opportunities for career growth.
- Other info: Dynamic environment with a focus on continuous improvement and professional development.
- Why this job: Make a real impact on organisational security and compliance while collaborating with diverse teams.
- Qualifications: 3-5 years in information security or compliance, with strong communication skills.
The predicted salary is between 45000 - 55000 £ per year.
We are seeking an Information Security & Compliance Officer to support and strengthen our organisation’s security and compliance posture. This role is responsible for coordinating security activities across the business, supporting compliance initiatives, managing third-party risk, and acting as the internal liaison with our outsourced Security Operations Centre (SOC) and Virtual CISO. The successful candidate will help implement security governance, risk management, and compliance frameworks while ensuring security best practices are embedded across the organisation. This role is ideal for someone with experience in security operations, governance, risk, and compliance (GRC) who enjoys working across teams to improve organisational security maturity.
Key Responsibilities
- Security Operations Oversight
- Act as the primary internal liaison with the outsourced SOC provider
- Monitor and coordinate responses to alerts generated through Microsoft Sentinel and Microsoft Defender
- Support incident response coordination and internal communications
- Track remediation of security vulnerabilities and incidents
- Governance, Risk & Compliance
- Support the implementation and maintenance of security frameworks such as:
- ISO 27001
- Cyber Essentials Plus
- NIST / CIS frameworks
- Maintain and develop security policies, standards, and procedures
- Conduct risk assessments and track remediation actions
- Coordinate internal and external security audits
- Coordinate with other governance teams to ensure alignment around key initiatives
- Lead the rollout and ongoing management of a Third Party Risk Management programme
- Perform vendor security assessments and due diligence
- Maintain vendor risk registers and track remediation activities
- Work with procurement and legal teams to embed security requirements into supplier onboarding
- Support security awareness and training initiatives across the organisation
- Work with IT and engineering teams to ensure security best practices are followed
- Maintain risk registers and compliance documentation
- Provide reporting and metrics on security posture to leadership
- Support compliance initiatives and security improvement programmes
- Work with the virtual CISO to implement strategic security improvements
- Assist with policy development and control implementation
- Help coordinate vulnerability management and remediation programmes
- Provide input into client security questionnaires and audits where appropriate.
About You
Requirements Skills & Experience
- 3–5 years experience in information security, IT security, or compliance
- Understanding of security governance, risk, and compliance (GRC)
- Experience with Microsoft security tooling (Sentinel, Defender, or Microsoft Security stack)
- Familiarity with security frameworks (ISO 27001, NIST, CIS, Cyber Essentials)
- Experience working with third party vendors or supplier risk assessments
- Strong communication and stakeholder management skills
- Ability to translate security requirements into practical business processes
Desirable
- Experience working with outsourced SOC providers
- Knowledge of Third Party Risk Management (TPRM) programmes
- Experience supporting ISO 27001 certification or audits
- Certifications such as:
- ISO 27001 Lead Implementer / Lead Auditor
- CISSP
- CISM
- Security+
Key Competencies
- Strong organisational and documentation skills
- Ability to manage multiple compliance initiatives simultaneously
- Analytical thinking and risk assessment capability
- Collaborative approach to working across technical and non-technical teams
- Proactive mindset with a focus on continuous improvement
What Success Looks Like
Within the first 12 months you will:
- Establish a structured Third Party Risk Management programme
- Improve visibility and reporting of security risks
- Strengthen security governance processes
- Develop ISO 27001 implementation roadmap and compliance processes to ensure group compliance can evolve to a recognized standard within the next 12-18 months.
- Improve collaboration between internal teams, the SOC provider, and the virtual CISO
About Us
Who we are:
PEI Group is a subscriber-focused business intelligence company. With our multi-talented global team of over 490 people, spread across EMEA, USA & Asia, our purpose is to inform and connect investment professionals across global, specialised markets. We identify specific high growth, high value investment sectors and themes where deep insight, strong market relationships and active capital flows are critical for success.
What we do:
PEI Group provides industry-leading journalism, data, and market insight to subscribing clients via a wide portfolio of specialist brands supported by our robust and scalable digital publishing, analytics, and database platform. We also track the firms and individuals who shape markets and bring client-communities together to enable knowledge sharing, profile building and relationship development through professional networks and events. Wherever our markets are active – in New York, Los Angeles, Tokyo, Sydney, Hong Kong, Singapore, London and elsewhere – PEI is hard at work examining crucial market forces and shifting investment themes, identifying active investors and their capital allocations, and scanning ahead for regulatory changes, new compliance requirements and other risk factors.
At PEI we value diverse talent and welcome applications from everyone – regardless of background. We are an equal opportunity employer and our inclusive culture at PEI is reflected in every stage of the recruitment journey. Please inform us at initial stages of the recruitment process if you require any reasonable adjustments and we can accommodate this.
PEI Group supports flexible working arrangements, and we welcome career returners.
Information Security & Compliance Officer in City of London employer: PEI Group
Contact Detail:
PEI Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security & Compliance Officer in City of London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its security practices. Be ready to discuss how your experience aligns with their needs, especially around GRC and third-party risk management. Show them you’re not just a fit, but the perfect fit!
✨Tip Number 3
Practice your responses to common interview questions, especially those related to security operations and compliance frameworks. Use the STAR method (Situation, Task, Action, Result) to structure your answers and make them impactful.
✨Tip Number 4
Don’t forget to follow up after interviews! A quick thank-you email can keep you top of mind and show your enthusiasm for the role. Plus, it’s a great chance to reiterate why you’d be an awesome addition to their team.
We think you need these skills to ace Information Security & Compliance Officer in City of London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security & Compliance Officer role. Highlight your experience with security frameworks and any relevant certifications. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security and compliance, and how your background makes you a great fit for our team. Keep it engaging and personal – we love a good story!
Showcase Your Communication Skills: Since this role involves liaising with various teams, it's crucial to demonstrate your strong communication skills. In your application, mention specific examples where you've successfully collaborated across departments or managed stakeholder relationships.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our awesome team at StudySmarter!
How to prepare for a job interview at PEI Group
✨Know Your Security Frameworks
Familiarise yourself with key security frameworks like ISO 27001, NIST, and Cyber Essentials. Be ready to discuss how you've applied these in past roles or how you would implement them in this position.
✨Showcase Your Communication Skills
As an Information Security & Compliance Officer, you'll need to liaise with various teams. Prepare examples of how you've effectively communicated complex security concepts to non-technical stakeholders in the past.
✨Demonstrate Risk Management Experience
Be prepared to talk about your experience with risk assessments and third-party vendor management. Highlight specific instances where you've identified risks and implemented remediation strategies.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills. Think through potential security incidents and how you would coordinate responses, ensuring you can articulate your thought process clearly.