cover image
MarkJames Search

Cyber Security Program Lead – Payments

Hybrid

London, United Kingdom

£ 700 / day

Freelance

19-03-2025

Share this job:

Score my CV

Job Specifications

Job Title: Cyber Security Program Lead – Payments
Location: Amsterdam, NL or London, UK
Contract: 8-9 months (option to extend)
Pay Rate: €500-€£700 per day

About the Role

We are seeking a Cyber Security Program Lead to drive and enhance the cybersecurity and operational resilience framework for regulated payments entities. You will lead technology and security programs, manage risk exposure, and ensure compliance with regulatory requirements (e.g., PSD2, DORA/ORA). This role involves collaborating with internal teams to strengthen security processes, conduct scenario exercises, and improve business continuity measures.

Key Responsibilities

Manage and maintain the cybersecurity framework for regulated payments entities.
Oversee risk exposure, remediation, and compliance with operational resilience regulations.
Lead business continuity planning, testing, and reporting.
Collaborate with legal, security, and business teams to align on security strategies.
Provide training and briefings to stakeholders and leadership.

What You’ll Need

6+ years in IT Risk Management, Information Security, or IT Audit in financial/tech sectors.
3+ years in Information Security (CISSP, CISM preferred).
Strong understanding of security frameworks (ISO 27001, NIST CSF, SOC2) and regulatory requirements (PSD2, DORA/ORA).
Expertise in IT security technologies, network protocols, and cloud security.
Excellent communication and stakeholder management skills.
Solution-oriented, proactive, and adaptable in dynamic environments.

Apply now to play a key role in securing and enhancing our clients payments infrastructure!

About the Company

We're hiring MarkJames Search Ltd is a global recruitment business specialising in recruiting experienced and senior hires across the UK, EMEA and US. Based in the UK, we manage recruitment for business critical and growth hires across Commercial, IT & Operational categories on behalf of our clients. We offer the following core services - * Permanent recruitment of business professionals * Contract & Interim recruitment of business professionals * Retained search for senior hire and head hunting services We are passion... Know more

Related Jobs

Company background Company brand
Company Name
Membership Bespoke
Job Title
Data Security Compliance Advisor
Job Description
Data Security Compliance Advisor 12 Month FTC, Full Time Hybrid – WFH and 1-2 Days in the East Grinstead Office Basic Salary £47,000-£50,000 with excellent benefits including 25 Days holiday, Pension Scheme, Life Assurance, Private Health Scheme and family (AXA), Discounts on insurance products, are a wide range of retailers and service providers via the ‘SMILE’ portal. Savings on fuel with My Esso Card Wellbeing allowance (£150 a year). There is further assistance for work related training available. Eye Care Voucher Scheme, Employee Advisory Service Reason for Vacancy – Workload Key Tasks / Accountabilities: Be primarily responsible for the end-to-end process of fulfilling data subject requests made under the UK General Data Protection Regulation (UK GDPR), such as subject access requests and erasure requests, as well as requests for information from other organisations, such as law firms, law enforcement or government departments Build on existing internal documentation and communications regarding the data subject request process so that: Other departments are clear about their responsibilities, and The Data Security Compliance Team handles requests in the most structured, efficient and cost-effective manner possible, while complying with UK data protection legislation and meeting legal deadlines Work with members of the team on the development and integration of tools involved in the data subject request process, such as the OneTrust Privacy Rights Automation module and other internal platforms Share the responsibility to conduct reviews of existing assessment and accountability processes and work with business stakeholders to create new ones where required. Assist with the recommendation of improvements to achieve compliance and reduce risk and help to ensure the delivery of agreed recommendations. Examples of processes are: Data Protection Impact Assessments (DPIAs) Legitimate Interest Assessments (LIAs) Legal Basis for Processing Checklists Records of Processing Activities (ROPA) Assist with the optimisation of the above record, list and assessment processes and the continual improvement of associated documentation Contribute to the application of organisation wide processes such as Data Protection by Default and by Design, working with business teams and the IS department as necessary Assist in the refresh and communication of the organisation's Data Security Policy set Contribute to the development and execution of data protection and data security training, awareness campaigns and eLearning training rollouts Support the Data Protection Officer in ensuring the importance of data security compliance is appropriately communicated across the organisation by assisting with the production of communications as well as articles and guidance for the team’s intranet presence Assist with the production of well written and carefully considered advice and guidance in response to data protection and data security enquiries, both internal and external Be willing to take on ad hoc challenges and find solutions for implementation Represent the team in meetings and for projects and initiatives, where required Attend industry events, conferences and seminars to keep up to date with the threat landscape and any upcoming legislative change Essential Skills & Experience Required: Strong knowledge and experience of current and upcoming UK data protection law, e.g. the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, Privacy and Electronic Communication Regulations (PECR) and familiarity with guidance published by the Information Commissioner’s Office One or more recognised data protection qualifications, e.g. UK GDPR Practitioner, CIPP/E, CIPM Extensive experience of fulfilling data subject requests made under the UK GDPR Experience of working in a team where providing guidance and advice about UK data protection law to internal and external stakeholders is a primary focus Proven experience in handling confidential and sensitive information First rate planning and organisation skills with the ability to manage conflicting priorities while meeting tight deadlines Must have the ability to work well under pressure while maintaining discretion Ability to work with minimum supervision, as well as collaboratively and flexibly with others to achieve team objectives Excellent written English coupled with clear and articulate verbal communication skills Methodical, with a high attention to detail and accuracy Highly motivated and focused with a desire to help, use initiative and add value Confident general IT skills, ideally primarily with use of Google Workspace and Adobe Acrobat Pro (see below) but as a minimum, with Microsoft Office / O365 software suites Desirable Skills & Experience Required: Highly proficient use of Google Workspace (Gmail, Drive etc), Microsoft Office (Outlook, Word and Excel in particular) and use of the redaction tools and other key features in Adobe Acrobat Pro Familiar with information security best practice, e.g. ISO 27001, Cyber Essentials Awareness of payment card industry standards and requirements, i.e. Payment Card Data Security Standard (PCI DSS) To apply to this role of Data Security Compliance Advisor please send your CV. Closing date for applications is Wednesday 26th March. Due to the volume of applications we are only able to contact successful applicants. Therefore if you have not heard from us within 10 working days please deem your application as unsuccessful on this occasion. Membership Bespoke is acting as a recruitment business in relation to this role. Membership Bespoke positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. Membership Bespoke is the most experienced membership-focused recruitment firm in the UK, with 10+ years of experience delivering tailored permanent, temporary, interim, and Executive Search recruitment solutions to Trade Associations, Regulatory Bodies, Political Parties, and Professional Bodies.
West Sussex, United Kingdom
Hybrid
Freelance
20-03-2025
Company background Company brand
Company Name
Insight International (UK) Ltd.
Job Title
Cybersecurity Policy Specialist
Job Description
Role: Cybersecurity Policy Specialist Location: London, UK Job Type: Contract Key Responsibilities Include: Develop and maintain security policies, procedures, and guidelines. Ensure alignment with NIST and CIS standards. Collaborate with teams to gather requirements and ensure policies meet organizational needs. Review and update policies regularly to ensure compliance with industry standards and regulatory requirements. Provide guidance on policy implementation and adherence. Conduct training sessions and workshops to educate employees on security policies and best practices. Monitor policy effectiveness and recommend improvements. Stay updated on cybersecurity standards and best practices. Develop policies for Cloud Technical Security Standards, ensuring secure cloud environments. Create guidelines for cryptographic algorithms to protect data. Implement Zero Trust security principles, including least privilege access and continuous verification. Establish network security policies, including firewalls, VPNs, and intrusion detection systems. Develop Identity and Access Management (IAM) policies, including SSO, MFA, and role-based access control. Formulate data security measures, including encryption, data masking, and data loss prevention. Maintain a risk register to document, prioritize, and manage risks effectively. Skills and Qualifications Proven experience as a Security Policy Writer on Cloud Technical Security Standards. Excellent writing and communication skills. Ability to translate technical concepts into clear policies. Strong understanding of cybersecurity principles. Expertise in Zero Trust security principles. Proficiency in network security. Experience with Identity and Access Management (IAM). Good understanding of NIST and CIS standards. Familiarity with regulatory requirements (e.g., GDPR, PCI-DSS, ISO 27001). Understanding of cryptographic algorithms. Knowledge of data security measures. Experience in maintaining a risk register. Ability to work independently and collaboratively. Analytical and problem-solving skills. Experience with risk assessment and management. Proficiency in policy management tools. Strong attention to detail and organizational skills. Ability to handle multiple projects and meet deadlines. Bachelor’s degree in information security, Computer Science, or related field. Other Desirable Skills The Open Group Architecture Framework certification. Certification – CISSP, CISM or ISACA
London, United Kingdom
Hybrid
Freelance
20-03-2025
Company background Company brand
Company Name
Lakarya
Job Title
Network Security Engineer Checkpoint& F5 (5 Days Onsite)
Job Description
Lakarya is seeking skilled Network L2 and L3 Engineer for network infrastructure of a leading airline. Location : Heathrow , London 12 month Contract Key Responsibilities: Possess a strong understanding of OSI layers 1-7 to effectively analyze and troubleshoot complex networking issues. Monitor network performance using various tools, identifying and addressing hardware, software, and event alerts. Follow Standard Operating Procedures to triage and resolve incidents, coordinating with third-party vendors and internal IT teams as necessary. Develop and maintain strong relationships with customers and supporting departments. Support and troubleshoot Cisco WLAN Controllers, SSIDs, and Access Points. Implement and manage firewall security, VPNs, NAT policies, and oversee software patch management. Configure and troubleshoot routing and switching protocols, including OSPF, BGP, EIGRP, VLANs, STP, VRF, MC-LAG, FHRP, DMVPN, and NAT policies. Understand LAN, WAN, and SDWAN concepts, supporting enterprise-class routers and switches in a global environment. Implement and troubleshoot DNS (internal and external), IPAM, and DHCP for IP management. Administer F5 LTM, including SSL certificate renewals, iRules creation, and software upgrades. Proactively analyze data from network monitoring tools to prevent potential issues. Test and implement software patches and firmware updates for network and security devices. Coordinate with vendors and suppliers, manage major incidents, and handle problem and vendor management tasks. Key Skills and Experience: Must-Have: Experience with Cisco and Juniper routing and switching in data centers. Understanding of BGP and OSPF protocols. Knowledge of Checkpoint Firewall, network security, and VPN concepts. Familiarity with Cisco Wireless and SDWAN concepts. Good-to-Have: Experience with Cisco Meraki. Knowledge of AWS Networking. Understanding of Cisco ISE and security protocols. Familiarity with network management systems like BIG IQ, SolarWinds, CA Spectrum, ThousandEyes, NetBrain, and firewall monitoring tools such as Checkpoint. Person Specification: Candidates must have strong communication skills for this client-facing role. L2 Administrators are required to cover 24x7 shifts, while L3 Administrators will work during UK business hours and participate in an on-call rota during off-hours. This opportunity allows professionals to engage with cutting-edge technology in a dynamic industry, contributing significantly to the operational excellence of a major airline
Waterside, United Kingdom
On site
Freelance
19-03-2025
Company background Company brand
Company Name
Opus Recruitment Solutions
Job Title
Security Solution Engineer
Job Description
Job Title: Technical ITVM Security Engineer (Contract) Day Rate: £450-£475 Contract Duration: 3-Month Rolling Location: Remote with occasional office visits in London A leading consultancy is searching for a Security Engineer to join their team on a contract basis. The role focuses on enhancing security measures and managing vulnerabilities. This is ideal for professionals with strong technical skills and experience in security tool integration. Key Responsibilities Implement Technical Designs: Execute high- and low-level designs, including data flow diagrams and workflows, for vulnerability management. Configure security architectures for monitoring and remediation. Tool Integration and Configuration: Integrate and configure security tools like ServiceNow and Defender to manage vulnerabilities across cloud and on-prem systems. Vulnerability Scanning and Remediation: Conduct assessments and scans using Microsoft Defender VM and other platforms. Maintain Security Baselines:Monitor systems to ensure they meet industry standards (e.g., CIS benchmarks), updating baselines as needed. Security Monitoring and Incident Response: Continuously monitor systems, respond to incidents, and document security events. Automation: Develop scripts using PowerShell and Azure DevOps to automate scanning and patch management. Compliance Reporting and Dashboards: Maintain dashboards in ServiceNow, providing regular reports on vulnerabilities and compliance gaps. Security Patch Management: Oversee patching processes with SCCM and Intune, ensuring timely updates. Training:Train staff on ITVM resources related to vulnerability management. If you you have the relevant experience and feel like this role would make an ideal fit for you, please feel free to apply, or email me directly on anthony.towey@opusrs.com
London, United Kingdom
On site
Freelance
19-03-2025