1 to 25 of 37 ISO/IEC 27001 Jobs in the City of London

controlled, transparent, and low-risk manner. The role supports agile delivery while maintaining strong controls aligned to ITIL 4 Change Enablement, ISO / IEC 27001, and DORA operational resilience requirements. Key Responsibilities Own and maintain Change Management policies, procedures, standards, and governance frameworks … Management within complex, regulated environments Strong knowledge of ITIL 4 Change Enablement and operational risk controls Experience aligning change processes with ISO / IEC 27001 and DORA requirements Hands-on experience managing Change processes in ServiceNow Strong understanding of Agile delivery models ...

Senior Security Analyst / Security Engineer London (City) | £80,000–£90,000 | PermanentIf you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring … hands-on Senior Security Analyst / Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years ...

Cloud Security Pre-Sales Consultant - Cloud, Security, AWS, Azure Salary: £60,000 - £65,000 (Depending on Experience) Location: London / Hybrid (willingness to travel on-site required) Company Overview A forward-thinking and entrepreneurial cloud security company, collaborating with major organisations and scaling rapidly, has created a brand … Sentinel, AWS CloudTrail, Config, KMS, GCP Cloud Logging. * CSPM: Prisma Cloud, Wiz, Orca, Lacework, CloudGuard. * CIEM: SailPoint, Saviynt, Veza. Identity & Access Management * Azure AD / Entra ID, AWS IAM, GCP IAM, MFA, SSO, Zero Trust. Network & Infrastructure Security * Cloud-native Firewalls, WAF solutions, VPN, ZTNA, API security. SIEM & Endpoint ...

solution designs including API contracts, integration patterns (Azure Functions, Logic Apps, Event-driven), security boundaries, and observability. Architect document intelligence pipelines (classification / extraction / OCR / validation) and integrate with downstream systems (CRM / ERP / ITSM / EDM). Define non-functional … requirements (availability, latency, throughput, cost, DR / RTO-RPO) and ensure solutions meet them. Implement identity & access (Entra ID), data isolation, Key Vault secrets, network security (Private Endpoints), and content filtering. Embed Responsible AI practices: safety filters, prompt / content governance, data privacy, red-teaming guidance, and human ...

Information Security Analyst (GRC / ISO27001) DGH Recruitment are currently recruiting on behalf of a leading global client who are looking for an Information Security Analyst to join the team on a permanent basis in their London office. The role will work as part of a global team providing … Strong knowledge of ISO 27001 implementation and certification - Strong knowledge of governance, risk and compliance - Certifications such as CISSP, CISA, ISO27001 Lead Auditor (desirable) Information Security Analyst (GRC / ISO27001) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised ...

mainly focusses on information security, cybersecurity, and data security from a Greenfield perspective. We are on a journey to secure Cyber Essentials plus and ISO27001 certification. You MUST have experience working with banking / financial services regulations, FCA, PRA etc. Liaison with the Head Office, Security Operation Centre … audits. You will be part of the IT committee and work closely with the risk and compliance team. Ideally, having a background in IT / Network security, progressing into information security and cybersecurity. **Key Responsibilities:** - Develop, draft, implement, and maintain information security policies, procedures, and guidelines. - Conduct regular security ...

with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ISO 22301 / business continuity Coordinate internal / external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate ...

regulated environments; familiarity with AI and data frameworks (DAMA-DMBOK, NIST AI RMF, ISO 23894, ISO 27001, GDPR / DPA 2018); hands-on with platforms such as Microsoft Purview, Azure ML, Databricks, Power BI, Collibra, or Alation; exposure to MLOps practices. ...

Assurance Lead (CISA / Audit) City of London - Hybrid Working Responsibilities: - Plan, lead, and deliver a diverse portfolio of IT Assurance and Consulting engagements, including IT External Audit Support, SOC 1 & SOC 2 Attestations, IT Internal Audit Reviews, Regulatory Compliance Assessments, and Operational Resilience evaluations, ensuring quality delivery within … audit findings in clear, well-structured reports, highlighting control deficiencies, root causes, risk implications, and actionable recommendations for management and governance stakeholders. Required Skills / Experience: - Strong understanding of ISA 315 / 330 / 402 - Experience delivering IT Assurance, SOC 1 & 2, and IT Internal Audit engagements. ...

including those in FTSE 350, will allow you to gain experience across a range of sectors including: Financial Services, Banking, Insurance and Investment Corporates / Private Sector / Industry & Services Central and Local Government Retail and Consumer products organisations Job Purpose The role is to support the team … fieldwork and preparation of deliverables including actively contributing to final recommendations. Your responsibilities will include: Being activelyinvolved in the delivery of our Internal Audit / Consulting engagements. Act a subject matter expert in various security and risk management domains (e.g., IT risk management, cyber risk, security target operating model ...

Title: SOC Engineer Location: On-site, London moving to hybrid 3 days on-site after 2-week induction Start Date: Immediate Contract length: 31 / 03 / 26 further extensions expected Clearance Required: BPSS (must be obtained prior to onboarding) Day rate: £400 - £500 Candidates must hold … work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC ...

Cybersecurity leadership Strong knowledge of ISO 31000, NIST RMF, ISO 27001 and CIS Controls Experience working with OT / industrial environments Proven ability to influence senior stakeholders in a global organisation Relevant degree in Information Security, Risk, Computer Science or similar Professional certifications ...

requests from the Information Security Engineering Lead. Required Skills & Qualifications: Significant experience in security engineering. Knowledge and understanding of Cloud security, with qualifications and / or certifications for AWS. Proficiency in a broad range of security controls including Secure Software Development Lifecycles, firewalls, email filtering, web applications firewalls … communication, presentation, collaboration, problem-solving, reporting, and stakeholder management skills at all levels. Desirable: CISSP - Certified Information Systems Security Professional. Cloud security qualifications and / or certifications for GCP and Azure. Extensive risk management experience (CRISC, ISO27005, NIST RMF). Skills in network security, coding (Python, Bash, PowerShell, GitHub ...

roadmaps, adoption frameworks, and business cases for GCP migration. Design scalable, secure and resilient GCP cloud architecture Conduct cloud assessments, maturity evaluations, and TCO / ROI analysis for clients. Guide clients through modernization of legacy workloads into cloud-native architectures. Align technical decisions with business outcomes and long-term … Provide oversight to migration waves, cutover planning, operational readiness, and risk management. Application & Data Modernization Lead modernization using GKE, Cloud Run, Cloud Functions, Pub / Sub, Dataflow, BigQuery, and managed databases. Define rehost, replatform, refactor strategies for application and data migration. Architect microservices, event-driven and serverless patterns. Governance ...

existing technologies and services Reporting on control effectiveness and risk posture to governance forums Supporting incident management and resolution of major security / data incidents Required experience and skills include: Strong knowledge of IT security technologies (e.g. IAM, SIEM, firewalls, cloud platforms such as AWS / Azure) Understanding … application security threats and emerging information security risks Hands-on experience with IT risk frameworks (e.g. ISO 27001, COBIT, NIST) Strong stakeholder management and communication skills across technical and non-technical audiences Ability to balance commercial priorities with security, risk, and compliance needs ...

Experience and Skills Required At least seven years’ experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and / or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing … CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

grounding in NIST, ISO 27001, and CIS frameworks Broad cyber experience with depth in at least one area (cloud, IT / tech, OT, IAM, third-party risk, IR / BC) Experience or strong exposure to M&A and Private Equity Ability to explain complex ...

Security Architect Rate: £700 / day Contract: Inside IR35 Location: Remote, UK-based only Sector: NHS or Central Government experience is ESSENTIAL Overview We are supporting a public sector organisation in the NHS or central government space that is looking for an experienced Security Architect to support the design … infrastructure , including security considerations around data pipelines, model hosting, and AI-enabled services Nice to Have Experience supporting data platforms, analytics, or AI / ML initiatives Exposure to large-scale cloud migrations or digital transformation programmes Strong stakeholder management and communication skills Apply now or email for more information ...

Role: Security & Information Risk Advisor (SIRA) Location: London (hybrid) Rate: £500-550 p / d Duration: Initial 6 month work package Start: January 2026 Active SC clearance is required. We're looking for an experienced Security & Information Risk Advisor to support secure, high-impact programmes within a sensitive … supplier and third-party security controls What You'll Bring Experience in information security, risk management, or assurance Strong understanding of NCSC guidance, ISO 27001, and government security classifications Ability to communicate risk clearly to technical and non-technical audiences If you're ready to apply ...

Information Security Analyst (GRC / ISO27001) DGH Recruitment are currently recruiting on behalf of a leading global client who are looking for an Information Security Analyst to join the team on a permanent basis in their London office. The role will work as part of a global team providing … following; - Supporting the maintenance of the IS0 27001 certification (risk assessment, managing ISMS, pr click apply for full job details ...

industry who require an IT Infrastructure and Security Manager to join the firm in London. The role includes establishing an Infrastructure Development Lifecycle, maintaining ISO27001 and Cyber Essentials Plus compliance, developing and managing the Configuration click apply for full job details ...

line support experience to join their growing IT function. This is an excellent opportunity for a highly capable engineer with deep expertise in Intune / Endpoint Manager, alongside advanced Microsoft technology skills and a solid background in resolving complex technical issues. The successful candidate will play a key role … point for complex Incidents, Problems, and non-standard Requests. Provide advanced technical support across the Microsoft ecosystem: Active Directory, Azure, Microsoft 365, Exchange, Intune / Endpoint Manager. Design, develop, and maintain Power Apps solutions to automate workflows and integrate with Microsoft 365 and other data sources. Configure, manage ...

industry who require an IT Infrastructure and Security Manager to join the firm in London. The role includes establishing an Infrastructure Development Lifecycle, maintaining ISO27001 and Cyber Essentials Plus compliance, developing and managing the Configuration Management Database, and creating a technology roadmap to transition from traditional on-premises infrastructure … Develop and execute a roadmap to migrate from on-premises to a Microsoft Azure based hybrid environment. - Security and Compliance: Maintain and continually improve ISO27001 and Cyber Essentials Plus certifications. - Monitoring and Reliability: Continuously monitor application performance, usage metrics, and user feedback to identify improvement opportunities. - Configuration and Asset Management. ...

reducing downtime, and providing the secure, scalable foundation needed to enable growth and productivity. The role includes establishing an Infrastructure Development Lifecycle (IDLC), maintaining ISO27001 and Cyber Essentials Plus compliance, developing and managing the Configuration Management Database (CMDB), and creating a technology roadmap to transition from traditional on-premises infrastructure … systems to MS Azure cloud for scalability. Skills Required Strong knowledge of Microsoft Azure, Windows Server, Active Directory, Networking, Virtualisation, Endpoint Management, and Backup / Recovery solutions. Strong technical knowledge of LAN, WAN, VPN and server Windows Server administration, virtualisation platforms and storage solutions. Expertise in Microsoft 365 Cloud ...