1 to 25 of 31 ISO/IEC 27001 Jobs in the City of London

continuous monitoring improvements. Design, implement, optimize, and monitor security controls and tooling from the ground up, strengthening security across endpoints, infrastructure, and application CI / CD pipelines. Collaborate with engineering teams to raise the security bar through reviews, guidance, and automation. Respond to security incidents in real time - manage … participate in tabletop exercises, incident simulations, and coordinate external penetration tests. Partner with Solutions Engineering to support enterprise customer onboarding, including SSO integrations (SAML / OIDC), network allowlisting, and security reviews. Join customer-facing technical and security discussions where needed, acting as a trusted security point of contact. Risk ...

Define, maintain, and communicate the product vision and roadmap aligned with company strategy. Gather and analyse user feedback, market trends, and regulatory requirements (ISO 13485, ISO 27001, ISO 42001, GDPR, AI Act). Translate compliance and business needs into clear functional requirements … short-term impact. Problem Solver: Self-driven, proactive, and positive team player. Whats on Offer Competitive salary and comprehensive benefits package. Flexible working (hybrid / remote options). Generous leave policies. Health insurance and wellbeing support. Career progression, mentorship, and global exposure. Opportunity to shape a growing HealthTech SaaS ...

cybersecurity audits for client organisations in line with UK regulations. Assess compliance with: UK GDPR & Data Protection Act 2018 NIS Regulations ISO / IEC 27001 Cyber Essentials / Plus Telecommunications (Security) Act 2021 Identify risks and provide actionable recommendations. Produce clear audit … auditing, ideally in a consultancy or client-facing role. Strong knowledge of UK legal frameworks and compliance standards. Relevant certifications (e.g. CISA, CISSP, ISO 27001 Lead Auditor). Excellent communication and stakeholder engagement skills. Ability to work independently and manage multiple client engagements. This ...

Systems Engineer / SaaS & Identity Engineer (Contract) – Inside IR35 Contract: 6 months (likely), Inside IR35 Start: ASAP Location: Hybrid – 3 days / week onsite Notice: Up to 4 weeks considered Overview We are looking for an IT Systems Engineer (generalist) to support and enhance their internal tooling stack. … This is a contract role providing additional capacity / cover while permanent hiring is ongoing. This role is less about being a deep specialist in one platform and more about being a capable engineer across multiple core systems, able to jump into BAU + project work. Key Responsibilities Administer ...

/ Windows servers, SQL / Oracle databases Excellent attention to detail, communication skills, PowerShell scripting Incident management experience, Microsoft Office proficiency Desirable: ISO27001 / NIST knowledge, Splunk / ServiceNow / SailPoint, 24 / 7 shift flexibility Location: London with hybrid working model (3 days … great fit: Identity Access Management Engineer, IAM Engineer, RSA IGL Engineer, Cyber Security Engineer, Privileged Access Management Specialist, Identity Governance, SailPoint, Splunk, ServiceNow, ISO27001, NIST, financial services security. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate ...

week. In order to be suitable for this role you must be an accomplished Information Security Manager with an expert understanding of ISO 27001 standards. You will oversee the Governance, Risk and Compliance (GRC) framework, ensuring robust standards are met across information security, physical security, crisis … suitable for this role of significant responsibility you must be an accomplished Information Security Manager with proven experience of working to ISO 27001 standards. You will act as the Lead Implementer for the ISO 27001 Information Security Management System (ISMS), driving ...

Senior Security Analyst / Security Engineer London (City) | £80,000–£90,000 | PermanentIf you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring … hands-on Senior Security Analyst / Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years ...

solution designs including API contracts, integration patterns (Azure Functions, Logic Apps, Event-driven), security boundaries, and observability. Architect document intelligence pipelines (classification / extraction / OCR / validation) and integrate with downstream systems (CRM / ERP / ITSM / EDM). Define non-functional … requirements (availability, latency, throughput, cost, DR / RTO-RPO) and ensure solutions meet them. Implement identity & access (Entra ID), data isolation, Key Vault secrets, network security (Private Endpoints), and content filtering. Embed Responsible AI practices: safety filters, prompt / content governance, data privacy, red-teaming guidance, and human ...

Proven experience delivering maturity assessments, gap analyses and framework design * Structured, detail-oriented problem-solving approach Desirable Skills & Attributes * Degree Educated in either Risk / Finance / Law / Business * Professional certifications including: CTPRP, CIPS, CPSM, CISA, ISO 27001 Lead Implementer / Auditor, or other relevant risk and compliance certifications * Experience in sourcing and / or procurement environments Please apply for immediate interview! CBSbutler is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. CBSbutler ...

with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ISO 22301 / business continuity Coordinate internal / external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate ...

external vendors Engage with senior stakeholders to translate security risk into clear business impact and priorities Support audits, certifications, and assurance activities (e.g. ISO 27001, Cyber Essentials Plus) About You You'll be a confident, hands-on security leader who is comfortable operating at both strategic … supplier risk Strong stakeholder management skills, with the ability to influence at senior level ISO 27001 certification experience and / or Cyber Essentials Plus Broad security background rather than a narrow technical specialism Experience in professional services environments advantageous Why Join? Senior leadership role with ...

external regulatory and legislative requirements (including those relevant to CNI and OT environments) What you’ll bring 3–5 years’ experience in cyber / information security risk, with demonstrable exposure to OT / ICS environments Strong understanding of risk frameworks such as ISO 27005, OCTAVE, FAIR … / FAST Exposure to OT and regulatory standards / frameworks such as IEC 62443, NIS / CAF (or NIS-D CAF), NIST Cybersecurity Framework & ISO 27001 Hands-on experience conducting risk assessments and supporting ongoing risk management (registers, treatments, reporting) Strong ...

Position: Business Analyst - Third Party Cyber Security Location: London or Reading 2 days p / week; 3 days remote Type: Contract, Inside IR35, 6 Months Rate: £540 p / day (umbrella rate) We are seeking a Business Analyst to support a major third-party cyber security transformation programme … cyber initiatives Skills & Experience: Proven ability to gather and translate requirements into structured outputs Experience in risk, cyber, or procurement domains and designing frameworks / models Strong analytical mindset with excellent stakeholder engagement skills Familiarity with cyber security regulations (GDPR, NIS2, DORA) and third-party standards (ISO ...

Infrastructure-as-Code, configuration management and automation Secure networking, encryption, backup and resilience Technical leadership of pen testing, vulnerability scans and remediation Support CI / CD pipelines and secure change management Produce clear technical documentation and audit-ready evidence Act as technical lead during security incidents What … ownership) Deep IAM, networking and cloud security implementation experience Infrastructure-as-Code and automation mindset Practical application of ISO 27001 / NIST Experience operating in regulated or audit-driven environments Comfortable working independently and delivering at pace Security or cloud certifications are beneficial ...

risk profile, and their growth goals. The Role at a Glance: New Sales Business Development Manager (MSP) Central London Based, 3 Days Per Week / Hybrid £50,000 basic plus £100,000 OTE (uncapped) Comprehensive Benefits Package Type: Full-Time - Permanent Expertise: Managed IT Support / Managed Cybersecurity … / Microsoft / Cloud Expertise. Pedigree: ISO 9001, ISO 27001. Tier 1 Microsoft Solutions Partner Your Skills & Experience: Proven success selling Managed IT Services and a record of winning new business and achieving / exceeding targets. About the Role: This ...

Title: SOC Engineer Location: London - hybrid 3 days on-site 2 days remote Start Date: Immediate Contract length: 31 / 03 / 26 further extensions expected Clearance Required: BPSS (must be obtained prior to onboarding) Day rate: £400 - £500 Candidates must hold or be eligible for SC clearance … work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC ...

complex risk in clear business terms Experience leading and developing cyber security professionals within regulated or sensitive environments Relevant certifications such as CISSP, ISO 27001 or IEC 62443 are beneficial but not essential. #J-18808-Ljbffr ...

Conditional Access, identity protection) • Deep knowledge of Microsoft Entra ID and Active Directory security (MFA, PIM, RBAC, hybrid identity) • Hands-on experience with SIEM / SOAR tools (Microsoft Sentinel, Defender XDR) • Experience with endpoint security and EDR (Microsoft Defender for Endpoint) • Strong understanding of Zero Trust principles and secure … design architecture • Experience securing Windows Server, domain controllers, and Azure workloads • Familiarity with compliance frameworks (PCI DSS, ISO 27001, NIST, Cyber Essentials) • Ability to investigate incidents, analyse logs, and support threat response • Exposure to automation (PowerShell, Python, Terraform) desirable ...

Senior / Security Risk Assurance Manager - SC cleared Location: Hybrid (60% on-site presence) Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role The Senior Security Risk Assurance Manager plays a critical role in strengthening the organisation's security posture through strategic risk-based assurance activities. … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

Financial Services industry, preferably Insurance is essential Previous management experience in an Information Security role Experience working with Cyber Essentials, GDPR and preferably DORA, ISO27001 / NIST CSF Experience working in a regulated industry - financial / pharmaceutical - large volumes of data Experience working with auditors or regulators Hybrid ...

implementation of security policies, standards, and frameworks. Manage risk assessments, vulnerability testing, and incident response processes. Oversee compliance with relevant regulations (e.g., GDPR, ISO27001) and industry standards. Build and maintain strong relationships with internal stakeholders and external security partners. Drive security awareness and training programs across the organization. Lead ...

delivery partners. Key Responsibilities • Own infrastructure and cloud strategy, including on-prem to Azure migration• Define architecture standards, security policies, and governance frameworks• Lead ISO27001 compliance and Cyber Essentials Plus readiness• Establish infrastructure lifecycle, change, and configuration management (CMDB)• Lead and develop a small infrastructure team• Provide clear reporting ...

Head of Technology, this role will lead a mixed portfolio of in-house and off-the-shelf systems, introduce a formal SDLC / Secure SDLC , and mature release, change, and governance processes. Stakeholder engagement is central — this role acts as the bridge between Technology, Partners, and fee earners.This … releases, change, testing, and prioritisation across BAU and projects• Support application readiness for Azure migration alongside Infrastructure• Ensure application security, compliance, and contribution to ISO27001 / CE+ Key Requirements • E xperience in the legal sector • Strong background managing enterprise applications in a professional services environment• Proven experience implementing SDLC ...

governance frameworks. This senior leadership role requires deep expertise across regulatory, industry, and cybersecurity standards specifically the UK Telecom Security Act, PCI DSS, ISO 27001, and NIS2. You will act as the organisations authoritative subject-matter expert, ensuring end to end compliance, overseeing risk posture … strategy that ensure alignment with business objectives and regulatory obligations. You will be an authority on the Telecoms Security Act, PCI DSS, NIS2 and ISO27001, and will have proven experience with risk management and security assurance. This is an outstanding opportunity for an accomplished GRC Manager to join a market ...

with tools like SIEM, EDR, and Vulnerability Management, continuously enhancing capabilities. Network and System Security Manage advanced security tools such as firewalls and IDS / … protect network integrity. Enforce robust security policies to maintain system security standards. Compliance and Audit Support Ensure adherence to compliance standards including ISO27001, NIST, and GDPR through regular audits and risk assessments. Support audit processes by providing necessary documentation and evidence of compliance. Security Awareness and Training Conduct regular training ...