17 of 17 ISO 27001 Lead Implementer Jobs in London

integrated and resold by some of the world's leading business communications vendors, as well as major payment service providers. We are currently looking for a GRC & Audit Lead to join our UK team. THE OPPORTUNITY: PCI Pal's Information Security team requires a dynamic and proactive individual to lead all Governance, Risk and … agile and innovative team and are responsible for ensuring that the confidentiality, integrity and availability (CIA) of our internal, external environments, and client solutions are always maintained. The Lead GRC & Audit function will be focused on ownership of all Information Security GRC, Audit and project initiatives, including proactive cross-functional collaboration with other variety of business stakeholders. … requirements are suitably managed, maintained and matured. YOU WILL BE RESPONSIBLE FOR: Managing, maintaining, and maturing the already established audit lifecycles for the following frameworks: PCI DSS v4.0, ISO 27001:2022, ISO 9001:2015, ISO 14001:2015, Cyber Essentials, Cyber Essentials Plus, SOC2 Type 1 – 3 & HIPAA Working More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy … drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm’s information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy … drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm’s information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm's long-term security strategy … drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm's information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication … skills (German or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication … skills (German or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and More ❯

McFall Recruitment are partnering with a Financial Services company seeking a pragmatic and experienced Security Governance, Risk & Compliance Manager to lead and evolve our global Information Security control framework. This pivotal role will shape the resilience, responsiveness, and maturity of our Information Security function across all regions and business units. Reporting directly to the Chief Information Security … you’ll play a key leadership role in transforming Cyber Security —enhancing people, processes, and technology to protect the business and maintain operational resilience. What you’ll do Lead the global Cyber Security risk management programme , driving best-in-class governance and compliance. Develop and maintain cybersecurity policies, standards, and procedures aligned with regulatory requirements and business … evaluations, and oversee treatment planning. Embed cyber risk into enterprise risk frameworks through collaboration with global teams. Oversee vendor risk management and ensure third-party compliance. Chair and lead the Cyber Security Digital Resilience Forum . Support the NIST maturity uplift programme and alignment with ISO 27001:2022 . Ensure compliance More ❯

McFall Recruitment are partnering with a Financial Services company seeking a pragmatic and experienced Security Governance, Risk & Compliance Manager to lead and evolve our global Information Security control framework. This pivotal role will shape the resilience, responsiveness, and maturity of our Information Security function across all regions and business units. Reporting directly to the Chief Information Security … you’ll play a key leadership role in transforming Cyber Security —enhancing people, processes, and technology to protect the business and maintain operational resilience. What you’ll do Lead the global Cyber Security risk management programme , driving best-in-class governance and compliance. Develop and maintain cybersecurity policies, standards, and procedures aligned with regulatory requirements and business … evaluations, and oversee treatment planning. Embed cyber risk into enterprise risk frameworks through collaboration with global teams. Oversee vendor risk management and ensure third-party compliance. Chair and lead the Cyber Security Digital Resilience Forum . Support the NIST maturity uplift programme and alignment with ISO 27001:2022 . Ensure compliance More ❯

you enjoy simplifying regulatory challenges, designing pragmatic governance models, and influencing security strategy at scale this could be your next move. Key Responsibilities Translate international standards (NIST CSF, ISO 27001, GDPR, SOC 2, PCI DSS, CSA CCM) into actionable policies and controls. Design and implement unified compliance frameworks across cloud, hybrid, and enterprise systems. … Lead internal and external audits, certification readiness, and regulatory assurance activities. Conduct risk assessments, control testing, and third-party assurance programs. Stay ahead of evolving regulations, standards, and automation opportunities. Prepare and deliver executive-level compliance reports and dashboards. Mentor junior consultants and collaborate closely with cross-functional teams. What We’re Looking For 6–8+ years … knowledge of compliance automation tools (ServiceNow GRC, OneTrust, Archer, or similar). Excellent communication and stakeholder management skills, including C-level engagement. Preferred Certifications CISM, CISA, CRISC, CISSP, ISO 27001 Lead Implementer / Auditor, CCSK, AWS Security Specialty, GDPR Practitioner. If you’re a cybersecurity professional passionate about More ❯

you enjoy simplifying regulatory challenges, designing pragmatic governance models, and influencing security strategy at scale this could be your next move. Key Responsibilities Translate international standards (NIST CSF, ISO 27001, GDPR, SOC 2, PCI DSS, CSA CCM) into actionable policies and controls. Design and implement unified compliance frameworks across cloud, hybrid, and enterprise systems. … Lead internal and external audits, certification readiness, and regulatory assurance activities. Conduct risk assessments, control testing, and third-party assurance programs. Stay ahead of evolving regulations, standards, and automation opportunities. Prepare and deliver executive-level compliance reports and dashboards. Mentor junior consultants and collaborate closely with cross-functional teams. What We’re Looking For 6–8+ years … knowledge of compliance automation tools (ServiceNow GRC, OneTrust, Archer, or similar). Excellent communication and stakeholder management skills, including C-level engagement. Preferred Certifications CISM, CISA, CRISC, CISSP, ISO 27001 Lead Implementer / Auditor, CCSK, AWS Security Specialty, GDPR Practitioner. If you’re a cybersecurity professional passionate about More ❯

environments Produce key artefacts: threat models, risk assessments, high / low-level designs, security roadmaps Work with client engineering, ops and security teams in a trusted advisor capacity Lead or support cyber / OT security assessments and transformation projects Contribute to the development of our OT / CNI consulting offerings and collateral What we’re looking for … across OT and / or hybrid environments Experience cyber / information security consulting or auditing Good knowledge of frameworks such as IEC 62443, NIS / NIS2, NIST, ISO 27001, CIS, CAF, Cyber Essentials Comfortable engaging with both technical and non-technical stakeholders Adaptable, curious, and able to work across different sectors and technologies … Nice to have CISSP, CISM, CISA, SABSA, TOGAF, ISO 27001 Lead Auditor / Implementer Cloud (Azure / AWS) and / or IAM / PAM experience Background in OT, CNI or industrial environments Why join our client: A genuinely flexible environment – work where and how you’re most productive. More ❯

environments Produce key artefacts: threat models, risk assessments, high / low-level designs, security roadmaps Work with client engineering, ops and security teams in a trusted advisor capacity Lead or support cyber / OT security assessments and transformation projects Contribute to the development of our OT / CNI consulting offerings and collateral What we’re looking for … across OT and / or hybrid environments Experience cyber / information security consulting or auditing Good knowledge of frameworks such as IEC 62443, NIS / NIS2, NIST, ISO 27001, CIS, CAF, Cyber Essentials Comfortable engaging with both technical and non-technical stakeholders Adaptable, curious, and able to work across different sectors and technologies … Nice to have CISSP, CISM, CISA, SABSA, TOGAF, ISO 27001 Lead Auditor / Implementer Cloud (Azure / AWS) and / or IAM / PAM experience Background in OT, CNI or industrial environments Why join our client: A genuinely flexible environment – work where and how you’re most productive. More ❯

in regulated or high-availability environments (e.g., aviation, manufacturing, critical infrastructure) is advantageous but not essential. Desirable certifications: CISSP, CISM, or CISA. SABSA, TOGAF, or other architecture certifications. ISO 27001 Lead Auditor / Implementer. Azure cloud certifications. Why join our client: You’ll be part of a forward-thinking consultancy where More ❯

in regulated or high-availability environments (e.g., aviation, manufacturing, critical infrastructure) is advantageous but not essential. Desirable certifications: CISSP, CISM, or CISA. SABSA, TOGAF, or other architecture certifications. ISO 27001 Lead Auditor / Implementer. Azure cloud certifications. Why join our client: You’ll be part of a forward-thinking consultancy where More ❯

in regulated or high-availability environments (e.g., aviation, manufacturing, critical infrastructure) is advantageous but not essential. Desirable certifications: CISSP, CISM, or CISA. SABSA, TOGAF, or other architecture certifications. ISO 27001 Lead Auditor / Implementer. Azure cloud certifications. Why join our client: You’ll be part of a forward-thinking consultancy where More ❯

Month Contract We’re looking for a sharp, confident Cyber TPRM professional to take ownership of supplier cyber assurance across a dynamic and fast-moving environment. You’ll lead risk assessments, challenge supplier controls, and provide clear, pragmatic guidance that keeps our organisation secure and resilient. Key Responsibilities: Lead end-to-end supplier cyber … 3+ years’ recent, hands-on experience in Cyber Third Party Risk Management, supplier assurance, or vendor cyber oversight. One or more relevant security certifications (e.g. CISSP, CISM, ISO27001 Lead Auditor / Implementer, Cloud Security Practitioner ). Strong working knowledge of key frameworks and standards including ISO27001, Cyber Essentials, CIS Critical Controls, NIST CSF, SOC2 More ❯

Month Contract We’re looking for a sharp, confident Cyber TPRM professional to take ownership of supplier cyber assurance across a dynamic and fast-moving environment. You’ll lead risk assessments, challenge supplier controls, and provide clear, pragmatic guidance that keeps our organisation secure and resilient. Key Responsibilities: Lead end-to-end supplier cyber … 3+ years’ recent, hands-on experience in Cyber Third Party Risk Management, supplier assurance, or vendor cyber oversight. One or more relevant security certifications (e.g. CISSP, CISM, ISO27001 Lead Auditor / Implementer, Cloud Security Practitioner ). Strong working knowledge of key frameworks and standards including ISO27001, Cyber Essentials, CIS Critical Controls, NIST CSF, SOC2 More ❯