Home
Jobs
Jagex
Senior Cyber Security Manager - GRC

Senior Cyber Security Manager - GRC

Hybrid

Cambridge, United Kingdom

Full Time

11-03-2025

Share this job:

Score my CV Apply

Job Specifications

Are you a GRC specialist? Want to play a crucial role in the development, implementation, and management of the Jagex's Governance, Risk, and Compliance (GRC) framework? Want to do that for one of the worlds leading online games companies?
This position will report to the Director of Cyber Security to ensure the company's information security policies and practices align with both industry regulations and internal strategic objectives, particularly focusing on supporting game development processes.
This is an opportunity
What you'll be doing{{:}
}GRC Framework Development{{:
}
} Develop and implement a comprehensive GRC framework that aligns with industry standards such as ISO 27001, NIST CSF, PCI-DSS, and GD
P
R Manage and update the information security policies, ensuring they are current and relevant to evolving ris
k
s Ensure alignment with legal, regulatory, and contractual obligations specific to the game development indust
r
y Oversee the creation, implementation, and regular review of security policies, standards, and procedur
e
s Collaborate with business units to ensure that policies are understood, accessible, and appropriately enforc
e
d Risk Management{{
:
}} Identify, assess, and manage technical and non-technical security risks associated with game development, live operations, and supporting infrastruct
u
re Develop risk treatment plans, work with game development teams to mitigate identified risks, and track remediation effo
r
ts Compliance & Audit Management{
{
:}} Lead internal and external audits for compliance certifications, ensuring successful completion with minimal business disrup
t
ion Manage the lifecycle of compliance initiatives such as PCI-DSS, GDPR, and other regional requirements affecting game development operat
i
ons Stay informed of industry trends and changes in regulations that may impact security compliance eff
o
rts Training & Awareness{
{:}} Develop and deliver a security awareness program that targets various departments, with an emphasis on secure coding and game development prac
t
ices Ensure continuous education across the company on security policies, risks, and compl
i
ance Vendor & Third-Party Risk Management
{
{:}} Evaluate the security posture of third-party vendors and partners, ensuring their practices align with the company's security po
l
icies Oversee the third-party risk management process, conducting vendor security assessments and managing associated

risks What you'll nee
d
{{:}} Extensive experience in a GRC role within the gaming, technology, or software development ind
u
stries Proven experience in managing security policies, risk assessments, and compliance programs (such as ISO 27001, PCI-DSS, GDPR
,
etc.) Knowledge & Skil
l
s{{:}} Deep understanding of governance, risk, and compliance processes as they relate to game dev
e
lopment Strong knowledge of security frameworks and standards like ISO 27001, NIST CSF, SOC 2,
a
nd GDPR Experience leading security audits and working with both internal and external
a
uditors Strong risk management skills, including conducting risk assessments, developing treatment plans, and overseeing remediation
efforts Excellent written and verbal communication skills, with the ability to convey complex security topics to technical and non-technical stak
e
holders Relevant security certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Imp
l
ementer Soft Ski
l
ls{{:}} Strong leadership and project management abilities, with a track record of managing cross-functio
n
al teams High attention to detail, proactive in identifying risks, and a solution-oriented
approach Ability to thrive in a dynamic, fast-paced game development en
v
ironment What we o
ffer{{:}}When you join Jagex you can look forward to a generous Perks & Benefits package incl
u
ding{{:}} Private Healthcare, including
D
ental Plan Minimum 6% Pension co
n
tributions Employee Assistance Programme & onsite
C
ounselling Lif
e
Insurance Discretionary annual perfor
m
ance bonus Enhanced family leave policies
from day 1 Flexible wo
r
king hours 25 days annual leave + Bank holidays & the option to buy/sell holidays + so

much more! Please note that due to us approaching the Christmas & New Year break, we have many people among the hiring teams who are on annual leave or will be absent due to the studio closing over the holi
day period.This means that, in most cases, applications made during December are unlikely to proceed to interview until January 2025. We appreciate your patience during
this time. Collaboration is at the heart of Jagex. We love getting together with our teams to share ideas and
socialise.Flexibility really is the key to how we set up working schedules, we'll discuss your needs with you and be transparent about the working schedules of the team you'll be working with during our intervi
e
w process. About
Jagex{{:}}Make forever ga
mes with us.Jagex is a thriving international games company with a growing library of forever game IPs for core gamers. We have such huge expertise at running games for the long term that we re-define expectations for what evergreen success
looks like.We create spaces for our players to come together - with each other and with us - inside and outside of our games. We empower our players with real influence on the game's evolution. We help our players belong. Our community experiences give players a greater stake in what they're playing, creating loyal f
orever fans.These strengths inform our vision of our studio as a thriving international games company with a growing library of forever game IPs for core gamers. Our forever games will nurture sizable communities whose loyalty provides consiste
nt revenues.This in turn drives our mission{{:}} We create forever fans by empowering our community. We give players experiences worthy of their long-term time investment and actively collaborate with them to shape the games and the community fo
r the better.If this is something you want to be a part of,
get in touch.We have 500 of the industry's most talented individuals in our Cambridge studio; if you share our values and ambition, we'd love to talk to you. Worried you don't meet all the requirements in the spec? Your attitude, fresh perspective and experience is just as important to us; if you think this could be the perfect job for you
, let's talk.

About the Company

A leader in creating deep and engaging forever games on PC, Console & Mobile that empower our communities. Jagex was founded in 2001 and is today one of the UK’s biggest and most respected video game developers and publishers. Famed for its flagship MMOs RuneScape and Old School RuneScape, Jagex has welcomed more than 300 million player accounts to its world and created a $1bn lifetime franchise revenue. Today the RuneScape franchise exists beyond running games in live operations; our titles are forever games that connect a... Know more

Related Jobs

Company Name: TieTalent
Job Title: Staff Platform Engineer AWS - Cyber Security
Job Description: About Staff Platform Engineer London to £160k Are you a technologist looking for an opportunity to make an impact and progress your career in a senior, hands-on role with complex and challenging work? You could be joining a highly successful and scaling Cyber Security technology company that has just received an additional £20 million investment. As a Staff Platform Engineer you will collaborate with engineering teams across the business to examine and find ways to scale, optimise and improve the infrastructure via automation. You'll be working with a modern cloud (AWS) based infrastructure, using tools such as AWS CDK, Kubernetes, Amazon EKS, Python and Github Actions. You'll be the sole DevOps in the London office, collaborating with a small team based near Manchester. Location: You'll join colleagues in amazing offices in London five days a week with a wide range of facilities and an array of perks. There's a 37.5 hour working week with early finishes on Friday and no expectation to work beyond your hours as work life balance is a huge part of the culture. About You You are an experienced DevOps / Platform Engineer You have strong technical skills with AWS You have expertise with Containerisation (Kubernetes, Docker) and Infrastructure as Code (IaC) using AWS CDK or similar You have Python and/ or Java coding skills You are experienced with CI/CD pipelines to ensure scalable, reliable systems You're able to manage large scale systems efficiently with a focus on reducing manual intervention You have advanced analysis and problem solving skills You have excellent communication, collaboration and stakeholder management skills You are degree educated in Computer Science or closely related discipline What's In It For You As a Staff Platform Engineer you will earn a highly competitive package including: Salary to £160k (with performance related rises) Equity 8% pension contribution Life Assurance and Income Protection Enhanced paternity packages Private Medical care for you and your family including same day GP appointments and prescriptions Flexible working hours Charitable donations matching scheme and much more Apply now to find out more about this Staff Platform Engineer opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values. Nice-to-have skills AWS Kubernetes Python Docker London, England Work experience DevOps Languages English

London, United Kingdom

On site

Full Time

12-03-2025

Company Name: Thales
Job Title: Junior Security researcher
Job Description: Location: Reading, United Kingdom In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible. Together we offer fantastic opportunities for committed employees to learn and develop their career with us. At Thales UK, we research, develop, and supply technology and services that impact the lives of millions of people each day to make life better, and keep us safer. We innovate across the major industries of Aerospace, Defence, Security and Space. Your health and well-being matters to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions. Junior Security Researcher Location: Reading Hours of work: 37 Hrs/Week (Monday-Friday) – Minimum 3 days at office Do you have an inquisitive and technical problem-solving mind? Are you a good communicator and a team player? Would you like to work in a supportive environment? Got your interest, then look no further… Our Opportunity We have an exciting opportunity in our Research, Technology and Innovation business. Due to a rapid period of growth we are looking to add a Security Research Engineer to the team. You will work in an applied research environment to investigate and develop new technologies and concepts across a wide range of Thales’s application areas. The type of activities will include: Fundamental feasibility studies and state-of-the-art surveys Development of proof of concept demonstrators using appropriate software and hardware implementations Work within a research team to invent and explore new concepts and technologies and demonstrate their applicability to the Thales businesses. The focus of this role is on information security at system level, rather than the security of the development process or IT environments. The systems are typically safety or security critical in nature (requiring high assurance) and involving distributed IoT / Edge platforms. Key Responsibilities and Tasks: As a Security Researcher you will: Carry out fundamental feasibility studies and state-of-the-art surveys Develop proof of concept demonstrators using appropriate software and hardware implementations Define and deliver experimentation and evaluation of security techniques against use case constraints Work within a group of other research staff, as well as being self-motivated to work individually, and be flexible to adapt into new research areas and ways of working. Effective Team Member, well-motivated and enthusiastic. Show initiative in the efficient and correct execution of the project and take responsibility for own project work. Innovate in developing solutions and meet team and individual objectives. Maintain professional and technical skills and be willing to learn new skills. Provide accurate estimates for own work and deliver it within budget. Follow processes and procedures as defined by the Project Management Plan. Presentation of technical information at reviews. Technical liaison with customer representatives to transfer technology. About You The successful candidate should have the following experience: Broad grounding in the fundamentals of information security from university courses or industrial experience. Understanding of experimental/practical work on security, with demonstrated ability to develop and test proof-of-concept implementations in software and/or hardware Additionally, the successful candidate should have experience in some of the following: Cryptography Security solution design and implementation Security risk management and/or threat modelling approaches Security architecture Security assurance Artificial Intelligence and Machine Learning techniques and methodologies MATLAB, Mathematica or other computer algebra system Algorithm development Embedded programming Experience: The successful candidate will typically have some experience in a research or advanced development environment role and have a good awareness of the Thales businesses, structure, governance and processes. We also expect candidates to be proficient in the use of standard PC-based office tools. We currently use Microsoft tools: Windows, Word, Excel, PowerPoint. Access, Project & Visio Qualifications: Because of the advanced nature of our work, the successful candidate will typically have an honours degree (minimum 2.1), a master's degree, or a PhD in any of the following disciplines: Cybersecurity/ Information security/ Computer Science or equivalent training and experience, Security Clearance statement Due to the nature of the work that we do at Thales, many of our roles are subject to security restrictions. This role requires you to be a UK National and achieve Security Clearance (SC) without any caveats. It would be advantageous if currently held, however, if not currently held, it is a requirement that the successful applicant undergo, achieve, and maintain SC Clearance prior to commencing employment. If approved by the MOD, a dual national from a Non-ITAR country may be considered. Please visit the UKSV website for further guidance- United Kingdom Security Vetting - GOV.UK (www.gov.uk) To be eligible for full SC, you generally need to have resided in the UK for the last 5 years. In some circumstances, a minimum of 3 years’ residence in the UK over the last 5 years may be accepted, with additional overseas checks. What we can offer: We are committed to giving you opportunities to be your best. We believe in embracing the passion and potential of our people, and to achieve this we offer market leading training, development and experiences, along with the opportunity to be mentored and coached by some of the smartest minds in the industry. We hire from within as our first priority, so you will have a myriad of opportunities within our diverse, global organisation. Flexibility Your health and well-being matters to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions. Benefits At Thales Alongside a competitive base salary, we offer benefits package, which includes: Half day every Friday, usually finishing around 13:00pm Pension Scheme 28 days annual leave (Plus Bank Holidays) Life Cover Progression and Development Opportunities 24/7 Employee Assistance Program and access to mental wellbeing app Employee discount shopping schemes on major brands and retailers Thale...

Reading, United Kingdom

Hybrid

Full Time

11-03-2025

Company Name: Mytos
Job Title: Senior Software Engineer (Platform & Security)
Job Description: About Mytos You rarely get the chance to change an entire industry. But that's the position we find ourselves in. Join us, and you’ll unleash scientists, accelerate their research and help get cures to patients sooner. We’ve developed machines to fully automate human cell production - the most manual process in Biotech. Cells are used to discover and develop new drugs, and now they're being cure diseases like Parkinson’s and age-related blindness. Mytos will impact cure development across the board. We're live in multibillion dollar biotechs on both coasts of the US, and raised $19m to expand into the market faster, and accelerate our development! Next year, neurons grown on our machines will be going into Parkinson patient brains. We’ve assembled a world-class team to take on this challenge, with ex-Dyson engineers and Nature-published scientists working hand-in-hand. You can learn more about your potential Mytos teammates here: Team Mytos is backed by Y Combinator, the most successful startup program in the world which produced companies such as AirBnb, Dropbox, and Ginkgo Bioworks. The Role As a Senior Software Engineer focused on Platform & Security, you'll take a leading role in evolving and maturing our security and compliance posture while building robust infrastructure for our cell manufacturing platform. Mytos is already SOC 2 Type 2 audited, but as our our customers move from research into production of cell therapies, they need our technology to be suitable for GMP environments. In this role, you'll be responsible for designing and implementing the infrastructure, processes, and features needed to support cell therapy manufacturing in regulated environments. You'll create elegant solutions that are secure, compliant, and reliable without sacrificing the speed and flexibility that make Mytos successful — enabling scientists to develop breakthrough therapies with confidence. What you'll do Build and maintain secure, scalable infrastructure for our distributed system, which spans cloud services and on-premise hardware Represent Mytos to customers' executive, security, and quality teams, effectively communicating our approach to security, compliance and risk management Own Mytos' information security program (e.g., SOC 2, ISO 27001) and work cross-discipline to bring the business and product into GMP environments Develop automated testing and validation strategies that build quality into our development process rather than bolting it on afterward Streamline our deployment processes enabling both rapid development and stable validated environments for manufacturing customers Implement and improve security practices, including code scanning, access controls, and audit logging, ensuring compliance with industry standards Build core product features like electronic signatures, audit logging, and data traceability for customers based on your own user research Collaborate with cross-functional teams to build a Quality Management System that aligns with regulatory requirements whilst preserving our engineering culture Develop core architecture improvements for system reliability, database performance, API security, and distributed system design Mentor the team on security and quality best practices, helping to build a culture where compliance is a natural outcome of good engineering Must-haves Experience with cloud infrastructure and DevOps practices (AWS preferred) Experience implementing and maintaining security controls and compliance frameworks Proficiency with infrastructure-as-code and GitOps methodologies Strong fundamentals in API design, databases, networks, and distributed systems Experience with CI/CD pipelines and automated testing TypeScript and Node.js proficiency in production environments Understanding of security principles and experience implementing them in production systems Ability to communicate complex technical concepts to non-technical stakeholders and interface directly with vendors and customers At least one of these areas Compliance framework experience: Implementation or maintenance of ISO 27001, ISO 9001, SOC 2, or similar frameworks Regulated industry background: Experience in healthcare, finance, or other regulated domains that required balancing innovation with compliance Lifecycle management expertise: Experience designing systems that maintain both rapidly changing and stable validated components Quality systems implementation: Experience building automated quality checks, validation frameworks, or similar systems Nice-to-haves Knowledge of relevant standards and compliance frameworks (e.g. ISO 27001, SOC 2, ISO 9001, GAMP 5, FDA 21 CFR Part 11, ALCOA+, BS 10008) Experience with regulated environments (GMP, HIPAA, etc.) Understanding of hardware-software integration Experience with containerisation and orchestration (Docker, Kubernetes) Experience with Python for tooling or data processing Background in manufacturing or laboratory automation Experience with database performance optimisation and data integrity enforcement Why You'll Love Working Here Impact: Your work will directly enable the production of cell therapies that can transform patients' lives. Growth: We're solving complex problems at the intersection of software, hardware, and biology—you'll constantly learn and develop new skills. Autonomy: You'll have the freedom to shape our approach to GMP readiness, with support from a talented cross-disciplinary team. Team: Work with the best engineers and scientists in a collaborative environment where diverse perspectives drive innovation. Salary and Benefits Competitive salary with stock options Lunch covered daily in-office with team Collaborative team environment with very high potential to learn new skills 32 days holiday (bank holidays, end-of-year closure, and 21 days discretionary PTO) Pension Awesome colleagues and an office in the Imperial College Innovation hub in White City, where you'll be based We're building a team that enjoys moving fast, strives for continuous improvement through learning from mistakes, and is passionate about work that contributes to solving real world problems. No GMP experience? No problem! We want someone who is motivated to deliver an innovative product into a regulated space with creative, efficient solutions. If you're excited about solving interesting problems at the intersection of software, hardware, and biology while helping us prepare for the next phase of our growth, we want to hear from you!

London, United Kingdom

On site

Full Time

11-03-2025

Company Name: Ultima
Job Title: Security Engineer
Job Description: Security Engineer Location - Hybrid - Belfast KEY ACCOUNTABILITIES / ROLE PURPOSE For over 30 years Ultima has offered end to end solutions for clients across the globe including Fulfilment, Managed & Professional Services as well as innovation via our Ultima Labs division. Our Managed Services division is in a period of extensive growth; we utilise cutting edge technology & solutions to deliver a world class service to our clients. The Security Engineer will be responsible for ensuring all devices are patched and protected in compliance with industry standards and regulations on a schedule agreed with client as well as assisting the Deskside Support teams with security and patching related escalations. Engagement with client to investigate, present and implement project deliverables in line with the skills and experience of the role. The Engineer will be completely self-motivated with an ongoing desire to maintain and expand their knowledge with a focus on quality in line with Ultima's ISO certification and commitment to its clients. The candidate will be required to primarily work from within Ultima’s ITSM platform aligned with ITIL principles to troubleshoot and resolve incidents, along with completing service and change requests based on the associated Managed Service contract of the client. MAIN DUTIES AND RESPONSIBILITES Actively strive to improve technical ability through self-study, organised in-house training and attendance of external courses Continuously contributing to the Ultima Knowledge base with new/repeatable fixes and suggested edits to existing content. Contribute to the continuous service improvement plan for the team processes and procedures. Perform a series of routine proactive checks to ensure the prevention of incidents and service interruption. Escalate issues to relevant Partners, Internal Teams and Client Escalation contacts in line with the P1 Incident Management process. Act as a point of escalation for the wider team as well as to the Service Desk Teams for infrastructure and complex end user incidents. Prioritise and respond to incoming requests ensuring ITIL best practice ticket management is adhered to. Providing technical assistance to a key Ultima client and their IT teams in line with the agreed SLA’s. To always represent Ultima to our client in the most professional way and continually demonstrate our core company values. Supporting the Team Lead in the identification and delivery service improvement initiatives. Ensure that all assigned activities are approached and handled in a consistent logical way and, where possible, in line with the appropriate Standard Operating Procedures and/or Company (ISO) quality standards To always represent Ultima to our client in the most professional way and continually demonstrate our core company values. Additional activities and responsibilities not covered within the above may also be required as part of specific projects or the wider role of a Senior Technical Support Engineer ESSENTIAL KNOWLEDGE, SKILLS & EXPERIENCE To be knowledgeable and able to demonstrate in depth technical understanding across several of the skills and technologies below: General Microsoft Azure Platform knowledge and specifically around - Microsoft Azure Update Manager Concept of IaC (Infrastructure as Code) Deployment of AUM Maintenance Configurations AUM Configuration, Reporting and Troubleshooting Microsoft Intune Microsoft Defender for Endpoints Typical activities include (but not limited to): Plan and coordinate the deployment of operating system and app patches and updates. Test and validate patches before deployment to ensure compatibility and stability. Prioritize and schedule patches based on risk, urgency, and business impact. Create and maintain documentation for patching processes and procedures. Communicate patching schedules and status to relevant stakeholders. Monitor and troubleshoot patch deployment issues. Work with other IT teams to ensure that applications and systems are compatible with patches. Continuously review and update patching processes to improve efficiency and effectiveness. Document and report on patching metrics and compliance Ensure that patching is done in compliance with industry standards and regulations. Collaborate with vendor and third-party support teams to address any issues. Monitor and stay informed of new vulnerabilities and patches and make recommendations for future patching and Microsoft Defender configuration. Liaise with customer Compliance teams to convert business compliance requirements into technical implementation within the managed security tools. Ensure managed security tools are operational as per approved business requirements and agreed data is being fed into customer managed SIEM system if available. Attend weekly customer vulnerability meetings. Previous experience in a 2nd/3rd Line or similar Support role as part of a team. Experience using a ticket management system, creating/updating & logging tickets following an ITIL methodology. Experience managing multiple simultaneous activities. Excellent levels of both written and verbal communication skills. The ability to work both independently and as part of a team. The ability to manage time and prioritise activities. DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability to demonstrate knowledge in some of the below would add significant value to your application. Training and development in these technologies/solutions will be provided if required. ITIL Foundation v4 certification Certification in any of the above technologies Microsoft Azure infrastructure platform knowledge Foundational networking knowledge

Belfast, United Kingdom

Hybrid

Full Time

11-03-2025