1 to 25 of 26 ISO/IEC 27001 Jobs in the City of London

continuous monitoring improvements. Design, implement, optimize, and monitor security controls and tooling from the ground up, strengthening security across endpoints, infrastructure, and application CI / CD pipelines. Collaborate with engineering teams to raise the security bar through reviews, guidance, and automation. Respond to security incidents in real time - manage … participate in tabletop exercises, incident simulations, and coordinate external penetration tests. Partner with Solutions Engineering to support enterprise customer onboarding, including SSO integrations (SAML / OIDC), network allowlisting, and security reviews. Join customer-facing technical and security discussions where needed, acting as a trusted security point of contact. Risk ...

Define, maintain, and communicate the product vision and roadmap aligned with company strategy. Gather and analyse user feedback, market trends, and regulatory requirements (ISO 13485, ISO 27001, ISO 42001, GDPR, AI Act). Translate compliance and business needs into clear functional requirements … short-term impact. Problem Solver: Self-driven, proactive, and positive team player. Whats on Offer Competitive salary and comprehensive benefits package. Flexible working (hybrid / remote options). Generous leave policies. Health insurance and wellbeing support. Career progression, mentorship, and global exposure. Opportunity to shape a growing HealthTech SaaS ...

cybersecurity audits for client organisations in line with UK regulations. Assess compliance with: UK GDPR & Data Protection Act 2018 NIS Regulations ISO / IEC 27001 Cyber Essentials / Plus Telecommunications (Security) Act 2021 Identify risks and provide actionable recommendations. Produce clear audit … auditing, ideally in a consultancy or client-facing role. Strong knowledge of UK legal frameworks and compliance standards. Relevant certifications (e.g. CISA, CISSP, ISO 27001 Lead Auditor). Excellent communication and stakeholder engagement skills. Ability to work independently and manage multiple client engagements. This ...

Systems Engineer / SaaS & Identity Engineer (Contract) – Inside IR35 Contract: 6 months (likely), Inside IR35 Start: ASAP Location: Hybrid – 3 days / week onsite Notice: Up to 4 weeks considered Overview We are looking for an IT Systems Engineer (generalist) to support and enhance their internal tooling stack. … This is a contract role providing additional capacity / cover while permanent hiring is ongoing. This role is less about being a deep specialist in one platform and more about being a capable engineer across multiple core systems, able to jump into BAU + project work. Key Responsibilities Administer ...

week. In order to be suitable for this role you must be an accomplished Information Security Manager with an expert understanding of ISO 27001 standards. You will oversee the Governance, Risk and Compliance (GRC) framework, ensuring robust standards are met across information security, physical security, crisis … suitable for this role of significant responsibility you must be an accomplished Information Security Manager with proven experience of working to ISO 27001 standards. You will act as the Lead Implementer for the ISO 27001 Information Security Management System (ISMS), driving ...

Senior Security Analyst / Security Engineer London (City) | £80,000–£90,000 | PermanentIf you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring … hands-on Senior Security Analyst / Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years ...

solution designs including API contracts, integration patterns (Azure Functions, Logic Apps, Event-driven), security boundaries, and observability. Architect document intelligence pipelines (classification / extraction / OCR / validation) and integrate with downstream systems (CRM / ERP / ITSM / EDM). Define non-functional … requirements (availability, latency, throughput, cost, DR / RTO-RPO) and ensure solutions meet them. Implement identity & access (Entra ID), data isolation, Key Vault secrets, network security (Private Endpoints), and content filtering. Embed Responsible AI practices: safety filters, prompt / content governance, data privacy, red-teaming guidance, and human ...

post-incident reviews. Identity, Access and Data Security Support identity and access management (IAM) compliance including: Role-based access control Quarterly access reviews MFA / 2FA enforcement Support encryption, key management, backup, and recovery controls. Work with compliance and legal stakeholders on data protection and privacy-related security controls. … documentation and evidence management skills. Desirable Experience and Expertise Experience with SOC 2 or multi-framework security environments. Exposure to product, platform, or robotics / embedded security. Familiarity with IAM, data protection, and privacy-related controls. Experience with supplier and third-party security assessments. Involvement in security awareness ...

Proven experience delivering maturity assessments, gap analyses and framework design * Structured, detail-oriented problem-solving approach Desirable Skills & Attributes * Degree Educated in either Risk / Finance / Law / Business * Professional certifications including: CTPRP, CIPS, CPSM, CISA, ISO 27001 Lead Implementer / Auditor, or other relevant risk and compliance certifications * Experience in sourcing and / or procurement environments Please apply for immediate interview! CBSbutler is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. CBSbutler ...

Principal Data Architect Python | Cloud | Distributed Systems | AI / ML Infrastructure Location: Glasgow or London (King’s Cross) Workstyle: Hybrid Reports to: CTO About Chemify: Chemify is revolutionising chemistry. We are creating a future where the synthesis of previously unimaginable molecules, drugs, and materials is instantly accessible. By combining … facilitate similarity searches across billions of chemical entities. Industrial Telemetry & Edge Synchronization Architect the ingestion of high-frequency robot and sensor telemetry using MQTT / Streaming patterns, ensuring zero loss of "negative data" (failed experiments) critical for model training. Design a globally distributed data system that synchronizes local ...

external regulatory and legislative requirements (including those relevant to CNI and OT environments) What you’ll bring 3–5 years’ experience in cyber / information security risk, with demonstrable exposure to OT / ICS environments Strong understanding of risk frameworks such as ISO 27005, OCTAVE, FAIR … / FAST Exposure to OT and regulatory standards / frameworks such as IEC 62443, NIS / CAF (or NIS-D CAF), NIST Cybersecurity Framework & ISO 27001 Hands-on experience conducting risk assessments and supporting ongoing risk management (registers, treatments, reporting) Strong ...

Position: Business Analyst - Third Party Cyber Security Location: London or Reading 2 days p / week; 3 days remote Type: Contract, Inside IR35, 6 Months Rate: £540 p / day (umbrella rate) We are seeking a Business Analyst to support a major third-party cyber security transformation programme … cyber initiatives Skills & Experience: Proven ability to gather and translate requirements into structured outputs Experience in risk, cyber, or procurement domains and designing frameworks / models Strong analytical mindset with excellent stakeholder engagement skills Familiarity with cyber security regulations (GDPR, NIS2, DORA) and third-party standards (ISO ...

Infrastructure-as-Code, configuration management and automation Secure networking, encryption, backup and resilience Technical leadership of pen testing, vulnerability scans and remediation Support CI / CD pipelines and secure change management Produce clear technical documentation and audit-ready evidence Act as technical lead during security incidents What … ownership) Deep IAM, networking and cloud security implementation experience Infrastructure-as-Code and automation mindset Practical application of ISO 27001 / NIST Experience operating in regulated or audit-driven environments Comfortable working independently and delivering at pace Security or cloud certifications are beneficial ...

public sector accounts. This is a remote, client-facing role for a highly technical and experienced presales professional with a strong Government / Public Sector background and current SC clearance . Key Requirements We are looking for a client-facing technical expert with deep presales experience, capable of operating … commercial value Confident at C-Suite Level and able to hold customer meetings onsite Strong expertise in: Cisco routing, switching, gateways, and applications TCP / IP, SNMP, Netflow, VoIP LAN / WAN topologies (MPLS, Frame Relay, ATM) Security concepts and network infrastructure design Network performance and fault / ...

Title: SOC Engineer Location: London - hybrid 3 days on-site 2 days remote Start Date: Immediate Contract length: 31 / 03 / 26 further extensions expected Clearance Required: BPSS (must be obtained prior to onboarding) Day rate: £400 - £500 Candidates must hold or be eligible for SC clearance … work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC ...

including those in FTSE 350, will allow you to gain experience across a range of sectors including: Financial Services, Banking, Insurance and Investment Corporates / Private Sector / Industry & Services Central and Local Government Retail and Consumer products organisations Job Purpose The role of a Cyber Advisory Manager … mentoring junior consultants assigned as members of engagements Contributing to the development of project management, quality assurance and professional consulting and auditing approaches / methodologies. The Person We're looking for someone who is seriously interested in the cyber security area and wants to get first-hand experience ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

Financial Services industry, preferably Insurance is essential Previous management experience in an Information Security role Experience working with Cyber Essentials, GDPR and preferably DORA, ISO27001 / NIST CSF Experience working in a regulated industry - financial / pharmaceutical - large volumes of data Experience working with auditors or regulators Hybrid ...

delivery partners. Key Responsibilities • Own infrastructure and cloud strategy, including on-prem to Azure migration• Define architecture standards, security policies, and governance frameworks• Lead ISO27001 compliance and Cyber Essentials Plus readiness• Establish infrastructure lifecycle, change, and configuration management (CMDB)• Lead and develop a small infrastructure team• Provide clear reporting ...

Head of Technology, this role will lead a mixed portfolio of in-house and off-the-shelf systems, introduce a formal SDLC / Secure SDLC , and mature release, change, and governance processes. Stakeholder engagement is central — this role acts as the bridge between Technology, Partners, and fee earners.This … releases, change, testing, and prioritisation across BAU and projects• Support application readiness for Azure migration alongside Infrastructure• Ensure application security, compliance, and contribution to ISO27001 / CE+ Key Requirements • E xperience in the legal sector • Strong background managing enterprise applications in a professional services environment• Proven experience implementing SDLC ...

governance frameworks. This senior leadership role requires deep expertise across regulatory, industry, and cybersecurity standards specifically the UK Telecom Security Act, PCI DSS, ISO 27001, and NIS2. You will act as the organisations authoritative subject-matter expert, ensuring end to end compliance, overseeing risk posture … strategy that ensure alignment with business objectives and regulatory obligations. You will be an authority on the Telecoms Security Act, PCI DSS, NIS2 and ISO27001, and will have proven experience with risk management and security assurance. This is an outstanding opportunity for an accomplished GRC Manager to join a market ...

with tools like SIEM, EDR, and Vulnerability Management, continuously enhancing capabilities. Network and System Security Manage advanced security tools such as firewalls and IDS / … protect network integrity. Enforce robust security policies to maintain system security standards. Compliance and Audit Support Ensure adherence to compliance standards including ISO27001, NIST, and GDPR through regular audits and risk assessments. Support audit processes by providing necessary documentation and evidence of compliance. Security Awareness and Training Conduct regular training ...

week. In order to be suitable for this role you must be an accomplished Information Security Manager with an expert understanding of ISO 27001 standards click apply for full job details ...

date view of the IT estate (platforms, contracts, licensing, suppliers, security posture). Microsoft estate consolidation & integration readiness Lead Microsoft 365 tenant consolidation (identity / email) into the primary tenant and decommission legacy tenants. Simplify and rationalise associated services (data shares, telephony contracts, tooling) where required. Create repeatable patterns … future acquisitions / integrations to avoid compounding complexity. Service delivery & ITSM uplift Improve service operations beyond incident handling by introducing pragmatic: change control problem management continual service improvement Implement simple service metrics and reporting to drive reliability and reduce recurring issues. People & stakeholder management Lead and develop a small ...

Deep understanding of access management, intrusion detection, and network security (routers, NLBs, V-LANs). Proficiency in applying industry standards and legislation such as ISO27001, PCI DSS, and SOX. Preferred Qualifications: Industry-recognised certifications such as CISSP, CISA, or CISM. Product-specific certifications in Cisco or Checkpoint technologies. Hands … experience with VA / PT tools, Anti-Malware, and Email security solutions. London Based | Permanent Role | £85,000 + (DOE) If you are ready to manage multiple projects at various lifecycle stages and provide high-level technical support, I want to hear from you. If the above sounds ...