20 of 20 ISO 27001 Lead Auditor Jobs in the UK

the ride. They are seeking a highly skilled and experienced Information Security Manager to join our team. You will work closely with the clients international IT team to lead the organisation’s cybersecurity and information risk agenda, including oversight of ISO 27001 and broader security governance across the business. Key Responsibilities … Maintain the Information Security Management System (ISMS) in compliance with ISO 27001:2022 standards. Establish, maintain and enforce security policies, procedures, and controls to mitigate information security risks and vulnerabilities. Conduct regular risk assessments and vulnerability assessments to identify potential threats and weaknesses in our information security infrastructure. Collaborate with internal stakeholders to ensure … that information security requirements are integrated into business processes and systems. Lead internal audits and coordinate external audits and certifications to assess ISMS effectiveness and drive continuous improvement. Define and enforce information security policies, standards, and guidelines across the organisation and Monitor compliance with all information security policies, procedures, and standards. Management of tabletop / red team More ❯

the ride. They are seeking a highly skilled and experienced Information Security Manager to join our team. You will work closely with the clients international IT team to lead the organisation’s cybersecurity and information risk agenda, including oversight of ISO 27001 and broader security governance across the business. Key Responsibilities … Maintain the Information Security Management System (ISMS) in compliance with ISO 27001:2022 standards. Establish, maintain and enforce security policies, procedures, and controls to mitigate information security risks and vulnerabilities. Conduct regular risk assessments and vulnerability assessments to identify potential threats and weaknesses in our information security infrastructure. Collaborate with internal stakeholders to ensure … that information security requirements are integrated into business processes and systems. Lead internal audits and coordinate external audits and certifications to assess ISMS effectiveness and drive continuous improvement. Define and enforce information security policies, standards, and guidelines across the organisation and Monitor compliance with all information security policies, procedures, and standards. Management of tabletop / red team More ❯

be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development,be joining a company that prioritizes both your growth and the safety of our clients. We … highly skilled Cyber Security Team you will be responsible for contributing to our information security consultancy, with opportunities to work on information security assessments within sizeable projects, conduct ISO 27001 audits, help implement aspects of ISO 27001, and engage in risk management. Furthermore, there is potential for growth … into such diverse fields as PCI DSS, privacy, and business continuity. Essential experience and skills: Recognized ISO 27001 Lead Auditor qualification. Significant experience in auditing ISO 27001 based Information Security Management Systems. Significant experience in consulting and implementing Information Security Management Systems. More ❯

be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development,be joining a company that prioritizes both your growth and the safety of our clients. We … highly skilled Cyber Security Team you will be responsible for contributing to our information security consultancy, with opportunities to work on information security assessments within sizeable projects, conduct ISO 27001 audits, help implement aspects of ISO 27001, and engage in risk management. Furthermore, there is potential for growth … into such diverse fields as PCI DSS, privacy, and business continuity. Essential experience and skills: Recognized ISO 27001 Lead Auditor qualification. Significant experience in auditing ISO 27001 based Information Security Management Systems. Significant experience in consulting and implementing Information Security Management Systems. More ❯

onsite) Job Description: Overview The Third-Party Audit Consultant is responsible for conducting customer audits, managing short-term projects, and assessing third-party security compliance. This role requires ISO 27001 Lead Auditor certification and a solid understanding of risk management principles. Requirements Certification as an ISO 27001 Lead Auditor, with hands-on experience conducting audits and managing audit processes. Ability to manage short-term projects independently, from planning to execution, including audit preparation and report generation. Familiarity with technology systems, infrastructure, and related security controls. Proven track record of conducting audits of third-party … vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing a More ❯

provide the highest levels of service coupled with a great working environment. Description We are expanding our governance and compliance capabilities and are seeking a Compliance Manager to lead and manage our accreditation and certification processes. This role is critical in ensuring Total IT maintains and exceeds the standards required for industry-recognised accreditations such as SafeContractor … ISO 27001 & Client focused accreditation systems. The Compliance manager will: Develop and maintain compliance frameworks aligned with accreditation standards. Coordinate audits, assessments, and documentation to ensure ongoing certification. Promote a culture of compliance and continuous improvement across the business. Responsibilities Compliance Framework Development Build and maintain a compliance roadmap for all relevant accreditations. Develop … policies, procedures, and documentation aligned with ISO 27001, SafeContractor and our Supply chain management systems Audit & Accreditation Management Lead internal and external audits, ensuring readiness and successful outcomes. Liaise with external auditors, certification bodies, and regulatory agencies. Maintain accurate records and evidence to support compliance. Risk & Control Monitoring Identify compliance risks More ❯

responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal / external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You … 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR / CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal / external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You … 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR / CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal / external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You … 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR / CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal / external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You … 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR / CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal / external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You … 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR / CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal / external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You … 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR / CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

standards on highly complex programmes of work. Delivery of client engagements to support governance, risk and compliance against a range of cyber security regulations, frameworks and standards, including ISO 27001, NIST Regulations, CAF and secure by design. Staying on top of the latest developments within Cyber Security & Information Assurance by attending training and conferences. … to tenders and provide pre-sales support. About you: Experience: Security assurance, working with JSP440, JSP604 Security accreditation Secure by design Implementing security standards and frameworks, such as ISO 27001, NIST 800 and CAF Conducting Cyber Security risk assessments and managing risk management activities Good knowledge of IT systems covering traditional infrastructure, cloud platforms … or security management / leadership position Working with various technical teams Conducting Cyber Security assessments and gap analysis against various frameworks. Qualifications: NIST Foundation / Practitioner CISM CRISC ISO 27001 Lead Implementer / Auditor CISSP CISMP What we offer: Our story to-date has been phenomenal, but success More ❯

or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control assessments Identify control weaknesses, assess risks, and present actionable recommendations Produce high-quality risk reports, advisory outputs and client … driven with eye for the detail Eligibility to obtain UK security clearance (requires 5 years continuous UK address history) Desirable qualification(s) for the Cyber Security Risk Consultant: ISO 27001 Lead Auditor or Implementer ISACA Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional More ❯

or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control assessments Identify control weaknesses, assess risks, and present actionable recommendations Produce high-quality risk reports, advisory outputs and client … driven with eye for the detail Eligibility to obtain UK security clearance (requires 5 years continuous UK address history) Desirable qualification(s) for the Cyber Security Risk Consultant: ISO 27001 Lead Auditor or Implementer ISACA Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional More ❯

or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control assessments Identify control weaknesses, assess risks, and present actionable recommendations Produce high-quality risk reports, advisory outputs and client … driven with eye for the detail Eligibility to obtain UK security clearance (requires 5 years continuous UK address history) Desirable qualification(s) for the Cyber Security Risk Consultant: ISO 27001 Lead Auditor or Implementer ISACA Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional More ❯

Key Responsibilities:** - Develop, draught, implement, and maintain information security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards ISO 27001 & Cyber Essentials.- SIEM & Vulnerability Management.- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to … updated on the latest cybersecurity trends and technologies.**Qualifications:**- Bachelor's degree in Information Security, Computer Science, or a related field.- Professional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor.- Proven experience in information security management and conducting security audits.- Strong knowledge of information security frameworks and standards.- Excellent More ❯

Responsibilities:**- Develop, draught, implement, and maintain information security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security of … updated on the latest cybersecurity trends and technologies.**Qualifications:**- Bachelor's degree in Information Security, Computer Science, or a related field.- Professional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor.- Proven experience in information security management and conducting security audits.- Strong knowledge of information security frameworks and standards.- Excellent More ❯

Responsibilities:**- Develop, draught, implement, and maintain information security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- SIEM & Vulnerability Management.- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure … updated on the latest cybersecurity trends and technologies.**Qualifications:**- Bachelor's degree in Information Security, Computer Science, or a related field.- Professional certifications such as CISSP, CISM, or ISO 27001 Lead Auditor.- Proven experience in information security management and conducting security audits.- Strong knowledge of information security frameworks and standards.- Excellent More ❯

looking for A background in IT operations or PMO, now working in audit or assurance Someone who’s comfortable with technical detail and confident challenging when needed ISO27001 Lead Auditor or hands-on experience with audit frameworks Knows audit methodology, understands what evidence looks like, and doesn’t need handholding Comfortable building reports and More ❯