1 to 25 of 32 ISO 27001 Lead Implementer Jobs in London

information security , Risk Management, or Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / … Experience Requirements: 3-5+ years of experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and regulators. More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments based on … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

expertise in information security to provide strategic guidance to clients on GRC activities, as well as on achieving their cyber and information security objectives. You will take the lead in managing technical consulting engagements and contribute to the successful delivery of complex security programs. Responsibilities Apply a strong knowledge of the cyber threats, hazards, risks, controls, and … cyber security threats and regulatory requirements relevant to their organisation. Design and deliver information security, cyber resilience and maturity assessments tailored to customer’s organisational and compliance needs. Lead and advise customers on the design, implementation and adoption of information security policies, procedures. Understand relevant frameworks for managing different areas of Information security, risk management and data … GRC initiatives to strengthen and manage information security frameworks Possess strong stakeholder engagement and management skills Hold relevant academic or professional certifications e.g. CISM, CISSP, PCIRM, MSc, ISO27001 (lead implementer / auditor), CIPPE Have the right to work in the UK and are eligible for UK security clearance What we look for in our More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank's information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

we recommend processes and procedures, which have an equally important role in limiting risk. We support our clients to achieve and maintain information security standards and frameworks, including ISO 27001, PCI DSS, NIST Cyber Security Framework (CSF), and data protection regulations. What you'll be doing: Engaging confidently with clients and colleagues, delivering consultative … of PGI's consultancy services in the UK and internationally in line with industry and globally recognised standards. Contribute towards the maintenance of PGI's own accreditations, including ISO 27001, ISO 9001 and business continuity as well as compliance with data protection regulations. Maintaining your own continuing professional development, keeping up … Qualified Security Assessor (QSA). PCI SSC Qualified Security Assessor expertise and experience. Experience in or knowledge of the PCI DSS standard, NIST CSF, DORA, GDPR / DPA. ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Cloud Security or More ❯

s Global Security Office is committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Information Security Risk Manager to lead on A&M wide information security risk management program and join our dynamic and growing team based in either our London or Tampa office. Position Summary: The Information … on the managing and maintaining the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the GRC Tool and can effectively assess and communicate technical security requirements to teams across the firm. Key Responsibilities: Risk … Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the end-to-end information security risk management process, to ensuring risks are proactively identified, assessed, recorded, and mitigated. Assess and prioritize security risks based on enterprise-wide impact, likelihood, and mitigation strategies. Act as a trusted security advisor, working cross-functionally with More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

Client: Expleo Location: London, United Kingdom Job Category: Other - EU work permit required: Yes Job Reference: c9b40ca495cb Job Views: 4 Posted: 29.06.2025 Expiry Date: 13.08.2025 Job Description: Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential skills Strong understanding of cybersecurity assurance principles, risk management More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

Cyber Essentials Plus and IT risk frameworks Excellent problem-solving and analytical skills Able to work independently and cross-functionally Strong written and verbal communication Desirable Qualifications: ISO27001 Lead Auditor / Implementer Certification Certified Information Systems Auditor (CISA) or equivalent Degree in IT, Computer Science, or a related field Understanding of cloud and infrastructure More ❯

reviews related to InfoSec and privacy compliance. You will work closely with IT and business functions to identify risks, manage incidents, and advise on good practices aligned with ISO 27001 and / or NIST. Key Responsibilities Develop, review, and update the Bank’s Information Security and Personal Data Protection ( PDP) Frameworks ( policies, directives, guidance … IT, Security, Risk Management, or a related field ( other fields will also be considered). Certifications : At least one recognised information security qualification ( e. g., CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer). At least one data protection certification ( e. g., EU- GDPR- P, CIPP / More ❯

high-impact role where you’ll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large-scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non-compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi-threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

high-impact role where you’ll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large-scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non-compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi-threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

Key Responsibilities Act as the Bank's IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Conduct security assessments and technical risk evaluations. Liaise with IT and MSSP teams to identify and remediate security risks … / incidents. Draft reports, risk register updates, and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business … What We're Looking For A Bachelor's or Master's degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in More ❯

Key Responsibilities Act as the Bank’s IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Conduct security assessments and technical risk evaluations. Liaise with IT and MSSP teams to identify and remediate security risks … / incidents. Draft reports, risk register updates, and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business … What We’re Looking For A Bachelor’s or Master’s degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in More ❯

and maturity. Stay updated on relevant frameworks and regulatory requirements. Required Skills, Qualifications, and Experience Bachelor’s degree in Information Security or related field; relevant certifications (e.g., ISO27001 Lead Implementer, CIPP, CRISC) are a plus. At least 2-3 years of experience in GRC, Information Security, or related fields. Experience with GRC platforms like … OneTrust is advantageous. Knowledge of risk management methodologies and frameworks such as CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2. Experience with audits, privacy breach investigations, and legal / regulatory interpretation. Ability to guide teams on privacy standards and compliance. Exposure to cloud environments and AI systems risk controls is a bonus. Strong understanding More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA) One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

Stay up-to-date with relevant frameworks and regulatory requirements. Required Skills, Qualifications, and Experience Bachelor’s degree in Information Security, or related field. Relevant certifications (e.g., ISO27001 Lead Implementer, CIPP, CRISC etc.) are a plus. At least 2-3 years of experience in GRC, Information Security, or related fields. Hands-on experience with … GRC platforms, OneTrust is a bonus. Experience with risk management and risk assessment methodologies. Knowledge of frameworks like CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2, or similar. Experience in auditing, reporting, and investigating privacy breaches. Ability to interpret and apply complex legal and regulatory requirements. Experience working with cross-functional teams to implement More ❯

e.g. to NCSC guidance, CAF etc. Knowledge and understanding of NIS Directive and UK NIS Regulations. Security related qualifications such as CISSP, CISM, NIST Foundation / Practitioner, ISO27001 lead implementer or auditor and Security+. A good communicator, with the ability to contribute confidently to technical security discussions with peers and management. Please note that More ❯

Responsibilities: Assess, document, and communicate information security risks Develop and implement risk mitigation plans Maintain and evolve governance and compliance frameworks Monitor compliance against standards and regulations like ISO 27001, NIST, GDPR Coordinate audits (internal and external) Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and risk management frameworks Experience with risk assessments and developing mitigation plans Experience producing internal … audits, reports, gap analyses Experience maintaining compliance with frameworks like ISO 27001, PCI-DSS If you are interested, please apply immediately as first stage interviews will be taking place next week. Alternatively, feel free to reach me directly on h.barmi @ ioassociates . co . uk. #J-18808-Ljbffr More ❯