InfoSec People Ltd

About the Company

InfoSec People is a specialist IT and Information Security recruitment business. We are committed to providing best-practice recruitment solutions, upholding the highest levels of service and delivery for our clients and candidates alike.

InfoSec People provide Permanent, Contract and Executive Search recruitment solutions in the Information Security sector, working closely with our clients to find the right career move or the best talent in the industry to drive business forward.

Our capability to supply includes:
- Technical Security Professionals
- Governance & Compliance Professionals
- Security Executive Management & Directors
- Design and Development teams
- Penetration Testing & Digital Forensics
- Cyber & Security Sales teams

InfoSec also hold the following certifications and memberships as a testament to our Best Practice approach:
- Full APSCo Corporate Membership
- Full REC Corporate Membership
- IISP (Institute of Information Security Professionals) Silver Membership
- Cyber Essentials Certified
- FSQS Certified
- GCloud Supplier

Call 01242 507 100 for a confidential discussion.

Listed Jobs

Company Name

InfoSec People Ltd

Job Title

Cyber Security Consultant

Job Description

**Job title:** Cyber Security Consultant **Role Summary:** Provide strategic security guidance to platform and engineering teams, focusing on secure design, configuration hygiene, and risk reduction for SaaS and PaaS services. Serve as an independent advisor, translating complex security concepts into actionable, implementation‑ready recommendations that align with business objectives. **Expectations:** - Act as a trusted security advisor across engineering, platform, and product functions. - Influence architecture and operations without direct authority. - Maintain up‑to‑date knowledge of cloud platforms, CI/CD, and IaC security. - Deliver practical, fast‑to‑implement solutions that accelerate delivery while reducing risk. **Key Responsibilities:** - Conduct security reviews and advisory assessments of configuration, access, identity, and platform risk. - Advise on IAM, least privilege, Zero Trust, secure platform patterns, API, and database security. - Support embedding security into CI/CD pipelines and IaC workflows; recommend guardrails. - Translate security risk into clear, pragmatic recommendations for delivery teams. - Produce guidance, standards, documentation, and facilitate workshops and knowledge‑sharing sessions. - Act as liaison between security, engineering, vendors, and third‑party partners. **Required Skills:** - Proven experience in cyber security advisory, consulting, or internal consulting role. - Strong foundation in Identity & Access Management: SSO, JWT, OAuth/OIDC, RBAC/ABAC, and least privilege. - Solid grasp of API security and database security fundamentals. - Working knowledge of Terraform, CI/CD pipelines, and automation concepts. - Risk assessment, constructive design challenge, and influence skills. - Ability to communicate effectively with senior engineers, architects, and product stakeholders. - Pragmatic mindset focused on enabling delivery. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Systems, Cyber Security, or related field. - Professional certifications such as CISSP, CISM, or CSX preferred. ---

London, United kingdom

Hybrid

13-01-2026

Company Name

InfoSec People Ltd

Job Title

Cyber Risk Compliance Officer

Job Description

**Job title** Cyber Risk Compliance Officer **Role Summary** The Cyber Risk Compliance Officer develops, manages, and audits the organization’s information security risk and compliance framework. The role leads security risk assessments, internal audits, and ensures regulatory compliance (NIS, PCI DSS, GDPR). It also mentors junior staff and communicates findings to senior stakeholders. **Expectations** * Drive alignment between risk management and business objectives. * Maintain up‑to‑date compliance with regulated standards. * Deliver timely risk metrics and reporting to governance forums. * Provide subject‑matter expertise to a small cross‑functional team. **Key Responsibilities** 1. Develop and maintain the information security risk and compliance framework. 2. Build, monitor, and report risk metrics and management information. 3. Lead security risk assessments for key services and third‑party providers. 4. Plan and conduct internal security audits and technical control assessments using NIST, CIS Controls, and other frameworks. 5. Manage compliance with NIS‑R, PCI DSS, GDPR, and other data‑protection regulations. 6. Review, update, and enforce security policies, standards, and procedures. 7. Design and deliver security awareness and education programs. 8. Coach and support analysts/associates within the team. 9. Engage with senior internal and external stakeholders on risk and compliance matters. **Required Skills** * ≥3 years cyber/security experience in a GRC, risk, compliance, or assurance role. * Proven knowledge of security control frameworks (NIST, CIS, PCI DSS). * Practical audit and assessment experience (internal and external). * Strong understanding of risk management, risk assessment, and risk treatment. * Experience with regulatory compliance (NIS, GDPR, PCI DSS). * Excellent written and verbal communication; ability to influence senior leaders. * Leadership or mentoring experience. * Self‑development mindset; current with emerging cyber threats and best practices. **Required Education & Certifications** * Bachelor’s degree in Information Security, Computer Science, Business, or related field. * Professional certifications (CISM, CRISC, CISSP, PCI ISA, or equivalent) highly desirable. * Eligibility for standard security clearance (SC) is preferable but not mandatory.

Coventry, United kingdom

Hybrid

Junior

29-01-2026

Company Name

InfoSec People Ltd

Job Title

Cyber Security Supply Chain Analyst

Job Description

Job title: Cyber Security Supply Chain Analyst Role Summary: Evaluate and enhance the cyber posture of key suppliers, ensuring compliance with leading security frameworks and driving risk mitigation across the supply chain. Expectations: Conduct end‑to‑end risk assessments, review security artefacts, coordinate penetration testing, and report on compliance metrics while collaborating with internal technology and procurement stakeholders. Key Responsibilities: • Assess supplier cyber security posture • Review security documentation and evidence • Manage information security risk across the supply chain • Align controls to NIST & CIS frameworks • Scope and manage penetration testing activities (OWASP Top 10) • Report on KPIs and compliance metrics • Support secure‑by‑design initiatives • Collaborate with technology, procurement, and stakeholder teams Required Skills: • Experience in cyber security, supplier assurance, or information security • Knowledge of NIST and CIS control frameworks • Understanding of GDPR, NISR, PCI DSS, and related regulations • Strong communication, negotiation, and influence skills • Ability to articulate risk clearly to technical and non‑technical audiences Required Education & Certifications: • Bachelor’s degree in Cyber Security, Information Technology, or related field (preferred) • Relevant certifications such as CISSP, CISA, or equivalent (preferred)

Coventry, United kingdom

On site

05-02-2026

Company Name

InfoSec People Ltd

Job Title

Cyber Security Architect

Job Description

Job title: Cyber Security Architect Role Summary: Lead the development and implementation of enterprise-wide security strategy, driving secure‑by‑design practices and ensuring all technology investments adhere to modern security standards within a utilities sector environment. Expectations: - 5+ years of experience in information or cyber security, with 3+ years in a security architecture capacity. - Proven ability to influence senior stakeholders and manage product ownership for flagship security programs. - Knowledge of ISO27001, NIST, ITIL, and CobIT frameworks and experience supporting compliance initiatives (PCI, GDPR, NISD). - Hands‑on experience with SIEM, IAM, DLP, EPP, CASB, PAM, and cloud security (Azure, AWS, or O365). - Strong communication, stakeholder engagement, and Agile delivery skills. - Relevant certifications (CISSP, CISM, CCSP, CRISC, ISO Lead Auditor, etc.) required. Key Responsibilities: - Design and evolve the cyber architecture framework across the organization. - Own the vision, roadmap, backlog, and delivery of major security initiatives. - Collaborate with Agile Release Trains and Cyber Operations to integrate security controls into all technology projects. - Conduct security architecture reviews, risk assessments, and gap analyses. - Guide the selection and implementation of security solutions (SIEM, IAM, DLP, etc.). - Drive secure‑by‑design best practices and knowledge transfer across engineering teams. - Monitor compliance and audit readiness, ensuring alignment with applicable regulations and standards. Required Skills: - Enterprise security architecture, threat modeling, and risk management. - Deep technical knowledge of SIEM, IAM, DLP, endpoint protection, CASB, PAM, and cloud security solutions. - Experience with ISO27001, NIST, ITIL, CobIT frameworks. - Expertise in PCI, GDPR, NISD compliance. - Proficiency in Azure, AWS, and O365 environments. - Excellent stakeholder communication, influence, and team collaboration. - Agile product ownership and backlog management. Required Education & Certifications: - Bachelor’s degree or equivalent in Computer Science, Information Security, or related field. - Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) mandatory. - Additional certifications such as CCSP, CRISC, or ISO Lead Auditor strongly preferred.

Coventry, United kingdom

Hybrid

Mid level

10-02-2026