9 of 9 ISO 27001 Lead Auditor Jobs in the UK excluding London

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to … part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant with standards such as ISO 27001, SOC 2 Type II, and GDPR, while building a culture of risk awareness and continuous improvement. Key Responsibilities Maintain and develop compliance policies, standards … and frameworks across the organisation. Support internal and external audits for ISO 27001, SOC 2, and data-protection regulations. Conduct regular risk assessments and contribute to risk treatment plans. Monitor compliance KPIs, prepare monthly status reports, and present findings to senior stakeholders. Review vendor and third-party compliance, ensuring contractual and regulatory obligations are More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System … ISMS) * Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote … legislation and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail More ❯

Senior IT Security Specialist to lead and strengthen the cyber resilience of a complex public-sector programme. The postholder will play a pivotal role in developing, implementing, and governing security strategy, ensuring compliance with national standards, and embedding robust cyber practices across digital and IT estates. This is a senior strategic and technical leadership role, ideal for … local government IT environments. £700pd gross umbrella. Key Responsibilities Strategic Planning and Governance Develop, review, and maintain the IT Security Strategy aligned to organisational objectives and statutory duties. Lead the creation and enforcement of cybersecurity governance frameworks. Align security objectives with enterprise architecture and digital transformation strategy. Advise senior management and boards on cyber risk posture, incidents … security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data Protection teams on policy alignment and More ❯

plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. … Incident & Breach Management, Risk & Control Management, Vendor & System Assurance. What you'll need to succeed You will ideally have the following experience and qualifications:Professional certifications such as ISO 27001 Lead Implementer / Auditor as well as hands-on experience with auditing and maintaining accreditation for ISO 27001:2022 You will have a strong background in enterprise risk management, information governance, compliance, and risk assessment. Excellent communication skills - both written and verbal are required - with the ability to influence and educate. Knowledge of Cyber Essentials & SOC2 or other relevant standards would also be beneficial. What you'll get in return Salary More ❯

our company, or if you have not taken steps to pursue Chartered Cyber Security Professional (ChCSP) status. This is a senior role for an experienced consultant who can lead engagements, provide authoritative advice, and help shape our cyber security services. You will work primarily in Audit & Assurance and Risk & Compliance, with the opportunity to contribute to Incident … and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO / IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance, review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. Develop … Significant experience in cyber security consulting or assurance, ideally within the public sector. Deep knowledge of GRC frameworks and standards (e.g. CAF, ISO / IEC 27001, PCI DSS).Strong client-facing skills, able to communicate complex issues clearly to technical and non-technical audiences. Proven track record of delivering high-quality outputs on More ❯

of current threats, vulnerabilities, and best practices in security assurance Experience Required Experience in information security, risk management, or assurance roles. Desirable qualifications - CISM, CRISC, CISSP, CISA, CGEIT, ISO 27001 Lead Auditor (or equivalent) Hold an active and transferable SC clearance Strong analytical skills with the ability to … interpret technical and procedural evidence. Ability to work collaboratively within a multidisciplinary team. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Attention to detail and commitment to producing high-quality documentation. What's in it for You Remote / Hybrid working. Career Development: Continuous learning and professional growth. Benefits More ❯

a fast-paced environment, and want to make real impact at Europe’s leading frozen food company. Responsibilities: Overseeing cyber security governance efforts, ensuring alignment with frameworks like ISO 27001, NIST, NIS2 and GDPR, and regulatory standards. Identify, assess, and mitigate security risks across the organisation. Implement and maintain risk management processes, ensuring effective … skillset required for this position are: Graduate level in Cyber Security, Computer Science or similar. CRISC, CISM, CRM, CISA, CCP Practitioner SIRA, ISO / IEC 27001 Lead Auditor, or similar. 3-5 years’ experience in cyber governance, risk and compliance roles, preferably in the FMCG sector. What More ❯

with a great benefit package also. This Information Security Analyst (GRC) role would suit someone with experience with information security risk assessments, reporting risks and who holds the ISO 27001 lead implementer / auditor certification. Any other certifications that you hold will be beneficial. Experience dealing with non More ❯

management practices is desirable. Whilst not essential, one of the following qualifications is highly desirable: CISMP – Certificate In Information Security Management Principles CISM – Certified Information Security Manager ISO27001 Lead Auditor ISO27005 Certificated Security Risk Manager CSMP – Certified Security Management Professional Whilst not essential, understanding / experience of UK MoD Defence Conditions would be beneficial. More ❯