Rodeo
ResourcesPartnersSign in

Deciphex

Information Security Specialist (UK based)

United Kingdom
Posted about 23 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Location: UK based ONLY Occasional travel to Dublin HQ (Glasnevin) as needed (once a quarter, 1/2 days max)
Infrequent travel to UK locations - if required

Right to Work
We are unable to offer UK visa sponsorship for this role.

Reporting & work team
You'll report to and work closely with the Information Security Lead, as well as Cybersecurity Engineering, DevOps, IT, Data Governance, and AI Governance to embed secure-by-design practices across the organisation.

About this Role

Information security underpins all of our business activities, including AI development and compliance with Medical Device regulations.

This role is ideal for a hands-on security specialist who supports the ISMS, validates controls for themselves, and drives continuous improvement with energy and pragmatism. This role moves away from traditional GRC and leans into modernising it - moving teams towards always-on compliance and consistently demonstrating business value in the activities we run.

You'll work across the business as someone who meets challenges head-on, brings people with them, and makes security work in practice, not just on paper.

What This Is Not

  • Not a paper-only ISMS role or tick-box compliance exercise. The clear expectation here is you take hands-on ownership of effective controls, not just documentation.
  • Not a technical incident response role. Security operations is handled separately.
  • Not a bureaucratic or gatekeeping function. Our priority goal is to enable the business, not slow it down.
  • Not a role for someone who prefers to escalate as a first port of call. We value/ reward people who find the answer and move things forward.
  • Not a 'policing' role. We focus on shared responsibility and enabling teams to move fast safely.

More specifically;

This role involves protecting systems and data that directly support cancer diagnostics and drug development, security work with real-world consequence. This is a hands-on, delivery-focused role suited to someone who thrives in a very fast-moving environment. Success requires a pragmatic approach, strong judgement, and the ability to navigate challenges, remove obstacles, and drive progress at pace.

ISMS & Certifications

We hold ISO 27001 certification across our core business units and are expanding coverage as we grow.

  • Support the day-to-day running of the ISO 27001 ISMS across our Deciphex business units (Deciphex, Diagnexia & Patholytix)
  • Prepare for internal and external audits so that teams are ready, controls are functioning, and evidence is complete. Audit readiness as a steady state.
  • Contribute to continuous improvement initiatives. Identify what needs to change, make the case, and see it through.
  • Proactively identify and close gaps in the control framework, driving corrective actions (CAPAs) to closure
  • Build and maintain a reliable evidence pipeline with clear ownership and high completeness.
  • Assess which ISMS activities deliver measurable business value - and be willing to challenge or retire processes that aren't.

Reasons to use Rodeo

Iโ€™m in my final year doing Economics and I donโ€™t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer โ€” it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) donโ€™t need a masters. Letโ€™s look at the ones youโ€™d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet โ€” that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant โ€” 2026 Scheme

PwCยทLondon, UK
ยฃ35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

Youโ€™ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon โ€” deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme โ€” client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right โ€” and where to focus when applying.

Security Governance & Risk

  • Maintain a live, decision-oriented risk register with owners and mitigation plans.
  • Champion a risk-aware culture where decisions are informed by risk, not paralysed by it.
  • Develop and maintain policies and procedures that reflect how the business actually operates (not a unworkable bottleneck)
  • Support vendor and customer security due diligence in support of commercial and product needs.
  • Contribute to tabletop exercises (e.g. incident response, business continuity)
  • Maintain awareness of applicable regulatory requirements (EU AI Act, GDPR, HIPAA, MDR/IVD) and ensure the ISMS remains aligned with our other Certifications and Standards

Technical Oversight

  • Define evidence expectations for technical controls (SIEM, EDR, MFA, RBAC, vulnerability management).
  • Go and check: verify controls independently rather than relying on assertions; if something looks wrong, investigate and resolve it.
  • Support site reliability and resilience initiatives

Awareness & Security Culture

  • Build engaging security awareness training that changes behaviour, not just completion rates.
  • Act as a visible, approachable point of contact for information security questions to enable change across the business
  • Translate security requirements into plain language for non-technical audiences without losing accuracy or impact.

Skills and Experience

Required

  • 5+ years in Information Security / ISMS operations.
  • Ideally in med tech/ clinical or lifesciences
  • Hands-on ISO 27001 exposure โ€” internal audit and management review experience.
  • Experience with external audit from both certified bodies and clients
  • Strong documentation and stakeholder-management discipline.
  • Ability to translate technical controls into practical action.
  • Familiarity with cloud security fundamentals

Preferred

  • Hands-on experience with SOC2, CIS, ISO 27701, CE+
  • CISSP or equivalent
  • Technical background and control implementation experience
  • Experience working with engineering teams.
  • Experience with cloud environments

Success Indicators

  • Audits donโ€™t have surprises, are predictable, well-prepared, and low friction.
  • Responses to security reviews enable rather than delay business outcomes.
  • Security risks are visible, owned, and actively managed.
  • Security is seen as a trusted business partner with teams proactively involving security early in product and commercial decisions rather than at the end

Soft skills (we hire for will as equally as skill)

This role is likely to suit someone who enjoys working in a fast-paced, growing environment where resources may be more limited and priorities can shift quickly. Those accustomed to highly structured organisations with large, specialised teams may find the pace and breadth of responsibility either challenging or highly rewarding, depending on their preferred way of working.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job
  • Comfortable working with a high degree of autonomy - you naturally lead & take ownership of priorities and make progress without the need for close supervision or extensive direction.
  • You're well able to navigate ambiguity, exercise sound judgement, and build effective relationships across a matrixed, globally distributed organisation to deliver results.

What are the benefits of working with Deciphex?

๐Ÿ”ฌ Work that saves lives. Every day, your contribution moves the needle on patient outcomes that actually matter.
๐Ÿš€ Join a team people leave other companies for. World-class talent, hyper-growth environment, zero mediocrity.
๐Ÿ“ˆ Grow fast, on purpose. Regular feedback, clear progression, and real career momentum built in from day one.
๐Ÿก Work from where you do your best thinking. A flexible, hybrid model that trusts you to manage your time like an adult.
โœˆ๏ธ Take your work global. Eligible employees can work from abroad for up to a month each year. Yes, really.
๐Ÿ’ฐ Paid fairly, rewarded for performance. Competitive salary with annual increments tied to what you actually deliver.
๐ŸŽ„ Recharge properly. Generous annual leave plus a fully paid Christmas shutdown.
๐ŸŒ A team that spans cultures, not just time zones. Genuinely collaborative, genuinely supportive, no politics.

The above Job Description reflects the requirements of this position at the time of issue. As duties and responsibilities change and develop, this will be reviewed and may be subject to amendments.

About Us

Through the work that we do, the team at Deciphex helps pharma to accelerate the process of essential drug development and helps cancer patients get a timely and accurate diagnosis.

Founded in Dublin in 2017, Deciphex has scaled rapidly to a team of over 230 people and counting who are providing software solutions to address the pathology gap in research pathology and clinical areas. We have offices in Dublin, Exeter, Oxford, Chicago and Toronto, and are expanding our team throughout the world.

We are software developers, clinical specialists, artificial intelligence engineers, operations professionals and so much more, all working as one team to support our customers and patients.

Read more about Deciphex here and more about our incredible team on our Careers Page here

Deciphex is an equal opportunities employer and we are committed to the principle of equality. All qualified applicants will be considered for employment without regard to age, race, religious beliefs, political views, gender identity, affectional or sexual orientation, national origin, family or marital status (including pregnancy), disability, membership of the travelling community or any other classification protected by applicable law.

A copy of our Privacy Policy can be viewed here

Trusted by 25,000+ job seekers

โ€œIt took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what Iโ€™ve been looking for.โ€

Jessica, London

Get help applying for this job

Skills

Information Security
ISMS Operations
ISO 27001
Documentation
Stakeholder Management
Cloud Security
Risk Management
Policy Development
Technical Controls
Security Awareness Training
Audit Preparation
Continuous Improvement
Vendor Security Due Diligence
Incident Response
Business Continuity
Data Governance

Location

United Kingdom

Sign up to applySee more jobs like this