• Security Risk and Compliance Specialist

    Location(s) UK-Greater London-Hayes
    Req #
    Cyber Security
  • About Rackspace

    Rackspace is modernizing IT in today’s multi-cloud world. We have been honored by Fortune, Forbes, Glassdoor and others as one of the best places to work. We serve over 50% of the Fortune 100 companies & customers in 120 countries around the globe. Our achievements are powered by our people – we call them Rackers.  We grow & thrive through world-class development opportunities, learning & selling bleeding-edge technologies & solutions, and most importantly, connecting with each other (the best & brightest in the industry). Are you a Racker? Join us!


    More on Rackspace


    Rackers aren’t all alike. We look different. We think uniquely. We are from many places and our beliefs & backgrounds vary. But, being a Racker — a valued member of a winning team on an inspiring mission – is what connects us all. Rackers are encouraged to bring their whole self to work every day, as we know that unique perspectives fuel innovation and enable us to best serve our customers & communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.

    Overview & Responsibilities

    Acts as an advocate in development of overall information security program globally. Creates and performs global IT Risk and Compliance assessments.  Assists in development and execution of information security, compliance, and risk best practices globally through audits, assessments, and policy-making. 

    • Collaborates across the organization to execute and mature the Risk Assessment process, including developing all necessary charters, processes, methodologies, and reports.
    • Participates in cross-functional workgroups and planning meetings to promote ideal solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team. 
    • Where ideal solutions cannot be found, identifies and reports enterprise level risks and failures to management for escalation. 
    • Promotes sharing of expertise through consulting, presentation, and documentation.  Assists in training other Information Security, IT Risk, and compliance staff.
    • Communicates the value of IT Risk, Compliance, and Information Security within the organization. 
    • Continuously validates the organization against additional mandates, as developed, to ensure full compliance. 
    • Promotes sharing of expertise through consulting, presentation, and documentation.  Assists in training other Compliance or Security staff where necessary. 
    • Continuously validates the organization against additional mandates, as developed, to ensure full compliance. 
    • Coordinates cross-functionally to ensure a holistic approach to security and compliance across the organization. 
    • Evaluates, monitors, and ensures compliance with IT Risk and Information Security policies, standards, guidelines and relevant legal and regulatory requirements. 



    • Excellent written and verbal communication skills. 
    • Able to communicate with all levels of the organization. 
    • Aptitude to develop and maintain internal and external business relationships and to leverage those relationships in pursuit of goals and responsibilities. 
    • Excellent analytical skills to analyze and evaluate technical information. 
    • Strong knowledge of application and system vulnerabilities and exposures.  Knowledge of basic system, network, and operating system hardening techniques. 
    • Excellent knowledge of Information Assurance (IA) principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation). 
    • Strong knowledge of network architecture concepts including topology, protocols, and components. 
    • Knowledge of network communication protocols and directory services.  Knowledge of network security architecture and risks associated. 
    • Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems. 
    • Strong knowledge of security policies and practices, including ISO 27001 and Payment Card Industry (PCI).  Ability to work independently on tasks and take ownership of projects.