Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive InformationSecurityManagementSystem (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management Draft, maintain, and enforce all informationsecurity policies, procedures, and standards (e.g. access control More ❯
Bristol, England, United Kingdom Hybrid / WFH Options
Capgemini UK
services, vulnerability and patch management, threat intelligence, digital forensics, GRC) Security reporting (including elements of financial reporting for cyber services in scope) Management of client InformationSecurityManagementSystem (ISMS) You can bring your whole self to work. At Capgemini building an inclusive future is part of everyday life and will be part of your working reality. We have built More ❯
Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive InformationSecurityManagementSystem (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management Draft, maintain, and enforce all informationsecurity policies, procedures, and standards (e.g. access control More ❯
Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive InformationSecurityManagementSystem (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management Draft, maintain, and enforce all informationsecurity policies, procedures, and standards (e.g. access control More ❯
Social network you want to login/join with: The GRC Consultant (Cyber Assurance/Security Operations Manager)is primarily responsible for ensuring the security controls (people, process, technology) are in place and operating as designed. The primary aim is More ❯
London, England, United Kingdom Hybrid / WFH Options
Ravelin Technology
organization's informationsecurity policies, standards, and procedures in alignment with business objectives, while considering operational needs Direct the management and continuous improvement of the InformationSecurityManagementSystem (ISMS) Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified Conduct routine risk assessments to determine and … priority issues Maintain a robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments Familiarity with informationsecurity frameworks (e.g., NIST, CIS) Proficiency in risk management methodologies Knowledge of common security technologies More ❯
organization's informationsecurity policies, standards, and procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the InformationSecurityManagementSystem (ISMS). Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine More ❯
brief executives and regulators. Ability to design, implement, and enforce security policies . Key Responsibilities: Ensure compliance with GDPR, Cyber Essentials Plus, PCI-DSS, and other applicable standards. Align ISMS activities with ISO 27001 framework. Develop and implement security policies, controls, and procedures. Conduct security risk assessments & compliance audits. Manage incident response & data breach reporting (ICO & EU authorities). Liaise More ❯
art data security and ability to handle large scale complex processes. Key Responsibilities InformationSecurityManagement: Lead the implementation and management of the company’s InformationSecurityManagementSystem (ISMS) in line with ISO 27001 standards. Migrate the company from ISO 27001:2013 to ISO 27001:2017 standards early in the role. Develop, write, and maintain security policies, procedures, and More ❯
high-profile role involves leading informationsecurity activities, collaborating with global and local teams, and maintaining strong relationships with our high-profile customers. Responsibilities Develop and maintain the InformationSecurityManagementSystem for NW Europe. Ensure compliance with national and customer security policies. Collaborate with Group Business Information Service and Divisional Security Managers to meet business and customer needs. Work More ❯
Qualys or enterprise Vulnerability Management and Compliance toolsets. Security legislation and regulatory frameworks exposure and awareness • Industry best practices such as OWASP, Cyber security framework and NCSC guidance • InformationSecurityManagementSystem (Infrastructure Security Operations and Incident Management). • NIST Cyber Security Framework • ISO 27001 - InformationSecurityManagementSystem (ISMS) • CIS - Center of Internet Security (Cyber security best Practices) Required More ❯
Belfast, Northern Ireland, United Kingdom Hybrid / WFH Options
McLaughlin & Harvey
will be doing Developing a thorough understanding of McLaughlin & Harvey's IT environment and enterprise applications, you will be responsible for the operational management of the Company's InformationSecurityManagementSystem and ensuring that our IT governance, risk management, and compliance measures are effective and implemented. The role will support the implementation and maintenance of security controls across the … security awareness and compliance across the group. Conduct vulnerability assessments to identify potential gaps and weaknesses and propose suitable improvements. Contributing to the maintenance and continuous improvement of our ISMS to make sure systems are as secure as possible. Create and maintain security documents (policies, standards, baselines, guidelines, and procedures). Maintain & improve Business Continuity and Disaster Recovery plans. Contribute More ❯
The team you'll be working with: The Security Architect will be responsible for the design, implementation and ongoing development of the security architecture of the client's IT systems. The Security Architect will draw upon Enterprise Security Architecture or More ❯
Social network you want to login/join with: GRC - Cyber Assurance and Risk Lead, London col-narrow-left Client: NTT DATA Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: ce9f3718c6c4 More ❯
engagements and delivering valuable services to clients Skills/Must have: Extensive experience in InformationSecurity Governance, Risk, and Compliance (GRC) Experience contributing to an InformationSecurityManagementSystem (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal and external More ❯
London, England, United Kingdom Hybrid / WFH Options
Nest pensions
pensions Role Overview We're looking for a pragmatic, risk focussed InformationSecurity Manager to work within Nest and maintain our ISO 27001 certified corporation InformationSecurityManagementSystem (ISMS). We sit in the second line of defence and advise the business on security risks, incidents, audits, assurance and the implementation and monitoring of security controls that protects Nest. … as part of the second line of defence in the Risk and Compliance directorate. It is accountable for the development, implementation and on-going maintenance of the ISMS (InformationSecurityManagementSystem) processes across Nest Corporation and the Scheme Arrangement outsourced providers in alignment with ISO27001. The InformationSecurity Manager – Corporation reports into the Head of InformationSecurity and is … responsible for ensuring that Nest’s InformationSecurityManagementSystem is operated for the Corporation, enabling the first line business teams to deliver business objectives in line with the agreed risk appetite. This role will work across all internal Nest departments, programmes, projects and initiatives, providing oversight, support and challenge. Organisational Overview Nest is an award-winning workplace pension scheme More ❯
Chesterfield, Derbyshire, England, United Kingdom Hybrid / WFH Options
LANGLAND CONSULTANTS LTD
Lead InformationSecurity Analyst/Engineer to £55k + Benefits ISO27001, COBIT, SECURITY, ITIL, CISM, CISSP, PCI-DSS Lead InformationSecurity Engineer/Analyst: Do you have a background working in an IT Security function Do you have a broad More ❯
London, England, United Kingdom Hybrid / WFH Options
WSP
Job Description What if you could do the kind of work the world needs? At WSP, you can access our global scale, contribute to landmark projects and connect with the brightest minds in your field to do the best work More ❯
London, England, United Kingdom Hybrid / WFH Options
ManpowerGroup
InformationSecurity Manager(ISMS) - Senior Position - Remote - New! InformationSecurity Manager(ISMS) - Senior Position - Remote - New! 1 week ago Be among the first 25 applicants This range is provided by ManpowerGroup. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range Direct message the job poster from ManpowerGroup Recruitment … Consultant -Talent Solutions UK InformationSecurity Manager(ISMS) - Senior Position - Remote - New! Location: Remote with site visits in the UK Package: Up to £75,000 including car allowance Car Allowance + Full-time + Full Autonomy + Remote Working Are you an experienced informationsecurity professional looking for an exciting career move with a proven track record implementing and developing … InformationSecurityManagement Systems (ISMS)? The purpose of this role is managing compliance with regulations, performing risk assessments, and ensuring overall security governance along with setting up InformationSecurityManagement Systems. Why Join Us? This business is committed to providing more than just jobs, they offer career paths that match the aspirations of the talent that are increasingly aware of More ❯
Altrincham, England, United Kingdom Hybrid / WFH Options
Heywood
as developing supporting policies and procedures required to meet the strategy Develop, maintain, and expand the Cyber Risk Management Framework as part of the overall InformationSecurityManagementSystem (“ISMS”) Responsible for the Company’s informationsecurity capabilities, including the technical training and awareness of colleagues, ensuring it remains prepared against an ever-changing threat landscape Work with the other More ❯
Manchester, England, United Kingdom Hybrid / WFH Options
JR United Kingdom
as developing supporting policies and procedures required to meet the strategy Develop, maintain, and expand the Cyber Risk Management Framework as part of the overall InformationSecurityManagementSystem (“ISMS”) Responsible for the Company’s informationsecurity capabilities, including the technical training and awareness of colleagues, ensuring it remains prepared against an ever-changing threat landscape Work with the other More ❯
of emerging risks and regulations—ensuring our platform is resilient, secure, and trusted by every customer and supplier. A typical day: Develop and own our InformationSecurityManagementSystem (ISMS) aligned with ISO 27001 Maintain security policies, control frameworks and ensure compliance with UK GDPR, Cyber Essentials Plus, PCI-DSS and DPA Conduct risk assessments, manage our risk register, and More ❯
the future of InfoSec in a scaling B2B SaaS business that takes its security responsibilities seriously. What You'll Do InformationSecurity Leadership Own and evolve our ISMS (InformationSecurityManagementSystem), ensuring it remains fit for purpose as we scale. Maintain and advance compliance across ISO 27001, SOC2, Cyber Essentials, GDPR, and any emerging frameworks (e.g. PCI DSS, AI More ❯
presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with cross-functional security teams to maintain and communicate our InformationSecurityManagementSystem (ISMS). Maintain clear and accurate GRC documentation. Drive continuous improvement in our GRC processes, ensuring they meet regulatory expectations. Provide strategic insights to senior leadership, enabling data-driven decision-making More ❯
of over 2,200 global colleagues. Purpose of the job As a Group InformationSecurity Analyst, you will support the Group Information SecurityTeam to: Maintain the Collinson Group InformationSecurityManagementSystem and Certification ofthis against ISO27001. Monitor operating company compliance with Group Protection Level Agreements. Gain assurance operating companies are meeting material client and regulatory security requirements. Ensure operating More ❯
