brief executives and regulators. Ability to design, implement, and enforce security policies . Key Responsibilities: Ensure compliance with GDPR, Cyber Essentials Plus, PCI-DSS, and other applicable standards. Align ISMS activities with ISO 27001 framework. Develop and implement security policies, controls, and procedures. Conduct security risk assessments & compliance audits. Manage incident response & data breach reporting (ICO & EU authorities). Liaise More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Sycurio
internal and external stakeholders, communicating the informationsecurity strategy to relevant parties and providing assurance of policies, procedures, and systems. Develop, maintain, and expand the informationsecuritymanagementsystem ('ISMS') to optimise compliance for ISO27001, PCI-DSS, and SOC2. Identify gaps in the informationsecurity capability, both technical and operational, and propose remediation and mitigation plans and solutions. Responsible for More ❯
organization's informationsecurity policies, standards, and procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the InformationSecurityManagementSystem (ISMS). Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine More ❯
control metrics to demonstrate their effectiveness. Prepare regulatory submissions and provide assurance for UK Power Networks policy compliance within IT which includes main performance metrics and management reporting. InformationSecurityManagementSystem Support: Operate and maintain the informationsecuritymanagementsystem and artefacts, in compliance with ISO 27001/27002 including the governance forum agenda and minutes. Policies and Standards … move into cyber security), must have some relevant training or experience of cyber security risk assessment. Detailed knowledge and experience in defining, implementing, operating, maintaining, and improving informationsecuritymanagement systems (ISMS). Experience of internal and external audit engagements, orchestrating and delivering cyber security risk and control assessments and a good working knowledge of risk processes, frameworks, and procedures. More ❯
engagements and delivering valuable services to clients Skills/Must have: Extensive experience in InformationSecurity Governance, Risk, and Compliance (GRC) Experience contributing to an InformationSecurityManagementSystem (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal and external More ❯
the future of InfoSec in a scaling B2B SaaS business that takes its security responsibilities seriously. What You'll Do InformationSecurity Leadership Own and evolve our ISMS (InformationSecurityManagementSystem), ensuring it remains fit for purpose as we scale. Maintain and advance compliance across ISO 27001, SOC2, Cyber Essentials, GDPR, and any emerging frameworks (e.g. PCI DSS, AI More ❯
completion of IT Health Checks (ITHC) Co-ordinate and support with MOD and other authority assurance activities To support the Development and maintenance of our InformationSecurityManagementSystem (ISMS) to best support the Company's activities, including Risk Management and Accreditation Document Sets (RMADS) and Company Security Policies. To examine any risks to the Company's informationsecurity and More ❯
. Self-motivated and able to work independently/without supervision (manage own workload); and Collaboration (effective team player). Required experience Demonstrable work experience within business focused InformationSecurityManagementSystem environments. Knowledge of industry standards: ISO 27001; PCI DSS; ISO31000; and ITIL. Ensuring previous compliance to the Data Protection Act 1998 and contributing to the planning and preparation More ❯
The team you'll be working with: The Security Architect will be responsible for the design, implementation and ongoing development of the security architecture of the client's IT systems. The Security Architect will draw upon Enterprise Security Architecture or More ❯
Compliance Analyst 12 Month Fixed Term Contract Salary: Negotiable Hybrid - Hertfordshire As an InformationSecurity Compliance Analyst, you will support the development and maintenance of the EMEA wide informationsecuritymanagementsystem in accordance with Global EIT strategy, EMEA business requirements and relevant informationsecurity legislation, including NIS 2, AI Act and GDPR. You will ensure the continued certification of More ❯
Compliance Analyst 12 Month Fixed Term Contract Salary: Negotiable Hybrid - Hertfordshire As an InformationSecurity Compliance Analyst, you will support the development and maintenance of the EMEA wide informationsecuritymanagementsystem in accordance with Global EIT strategy, EMEA business requirements and relevant informationsecurity legislation, including NIS 2, AI Act and GDPR. You will ensure the continued certification of More ❯
presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with cross-functional security teams to maintain and communicate our InformationSecurityManagementSystem (ISMS). Maintain clear and accurate GRC documentation. Drive continuous improvement in our GRC processes, ensuring they meet regulatory expectations. Provide strategic insights to senior leadership, enabling data-driven decision-making More ❯
The opportunity We're looking for an InformationSecurity Manager to take ownership of Attest's security posture as we scale. Our consumer research platform helps brands make better decisions; keeping our data, people, and customers secure is critical to More ❯
website Role Overview We're looking for a pragmatic, risk focussed InformationSecurity Manager to work within Nest and maintain our ISO 27001 certified corporation InformationSecurityManagementSystem (ISMS). We sit in the second line of defence and advise the business on security risks, incidents, audits, assurance and the implementation and monitoring of security controls that protects Nest. … as part of the second line of defence in the Risk and Compliance directorate. It is accountable for the development, implementation and on-going maintenance of the ISMS (InformationSecurityManagementSystem) processes across Nest Corporation and the Scheme Arrangement outsourced providers in alignment with ISO27001. The InformationSecurity Manager - Corporation reports into the Head of InformationSecurity and is … responsible for ensuring that Nest's InformationSecurityManagementSystem is operated for the Corporation, enabling the first line business teams to deliver business objectives in line with the agreed risk appetite. This role will work across all internal Nest departments, programmes, projects and initiatives, providing oversight, support and challenge. Organisational Overview Nest is an award-winning workplace pension scheme More ❯
bank in Central London. The InformationSecurity Manager will be responsible for day-to-day tasks related to informationsecuritymanagement, including implementing and maintaining InformationSecurityManagement Systems (ISMS), ensuring cybersecurity and network security, and protecting sensitive information. This is a hybrid role, based in London with the flexibility for some remote work. Qualifications InformationSecurityManagement, ISMS, and … Cybersecurity skills Network Security and InformationSecurity knowledge Experience in implementing and maintaining ISMS Proficient in identifying and addressing informationsecurity vulnerabilities Strong analytical and problem-solving skills Excellent communication and interpersonal skills Certifications such as CISSP, CISM, or equivalent are preferred Bachelor's degree in InformationSecurity, Computer Science, or related field Additional Skills Strong hands-on network and More ❯
InformationSecurity Manager with 2nd and 3rd Line IT support experience. The role involves day-to-day tasks associated with planning, implementing, and maintaining an InformationSecurityManagementSystem (ISMS), including managing cybersecurity risks, implementing network security measures, and ensuring compliance with industry standards. The InformationSecurity Manager will also provide IT support to the company and will be based … include 2nd and 3rd line infrastructure support where you are able to advise and direct the technical team. Qualifications Experience in InformationSecurityManagement and creating and implementing an ISMS Experience in Cybersecurity and Network Security Expertise in Informationsecurity best practices and standards Excellent problem-solving skills and attention to detail Strong communication and collaboration skills Bachelor's or More ❯
Hertfordshire, England, United Kingdom Hybrid / WFH Options
Planet Pharma
Job Title: InformationSecurity Compliance Analyst Location: Hertfordshire, UK (Hybrid) Contract: 12-Month Fixed Term (Salaried) Are you passionate about cybersecurity, compliance, and driving risk management strategies? We’re seeking an experienced InformationSecurity Compliance Analyst to join a dynamic More ❯
the development and implementation of securitymanagement processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive InformationSecurityManagementSystem (ISMS) aligned with multiple industry standards and frameworks. This is a fully remote position, offering flexibility while working on a critical and impactful programme. As the role involves working with sensitive … clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of securitymanagement processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO/IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders … Proven experience in information assurance, cyber security, or risk management roles. Strong knowledge and practical experience with ISO27001, NIST, PRISMA, and CoBIT frameworks. Demonstrated ability to design and implement ISMS in complex, multi-stakeholder environments. Excellent communication and stakeholder engagement skills. Relevant certifications such as CISSP, CISM, ISO27001 Lead Implementer/Auditor, or equivalent. Eligibility for SC clearance or active More ❯
committee whereby you are empowered to contribute and drive efficiencies and excellence in your department. You will act as the custodian around international standard for informationsecuritymanagement systems (ISMS) framework. You will be eligible for Insurance, Health and wellbeing, professional support and diversity programmes. Purpose of Job Head of Technology and Data will combine the responsibilities of BGIS operational More ❯
ABOUT TOSCA Tosca is a global leader in reusable packaging and pooling solutions that service the supply chain end to end. Re-use is the key word as Tosca facilitates moving away from single use packaging towards a circular model More ❯
they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 Create & Maintain an informationsecuritymanagementsystem (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS More ❯
Mace software solutions. Office infrastructure setup and office moves. Whole IT strategy delivery for a project or programme. Informationsecurity projects including implementation of an InformationSecurityManagementSystem (ISMS) and certification to ISO27001. Disaster recovery and business continuity planning. Selection of outsourced and managed IT services suppliers. Our values shape the way we consult and define the people we More ❯
Cambridge, Cambridgeshire, United Kingdom Hybrid / WFH Options
Futureshaper.com
defend against cyberattacks Proactive maintenance and continuous improvement of the Cyber SecurityManagementSystem to ensure effective protection and resilience is maintained Management and continuous improvement of the InformationSecurityManagementSystem that is in place. Proactive assessment of informationsecurity risks and resolution of issues as required in collaboration with Data Privacy Counsel and the Legal team. This will More ❯
ensure our security requirements and those of our clients are being proactively evidenced and managed. Manage, maintain, and continually improve LRQA's ISMS. Identifying areas for improvement within the ISMS and take ownership of developing and executing plans for their resolution. Lead and manage all certification activities related to ISO 27001:2022. Ensure that any business changes, acquisitions, or transformations More ❯
Southampton, England, United Kingdom Hybrid / WFH Options
Ventula Consulting
recognised security qualification (e.g., CISMP, GSEC, Level 4+ apprenticeship) Strong communication skills and the ability to work independently Comfortable working across multiple sites (occasional UK travel required) Familiarity with ISMS, GDPR, NIS, and ITIL frameworks This role is hybrid with 3 days per week onsite in Southampton . If you're an experienced SOC Analyst ready to join a Microsoft More ❯
