1 to 25 of 71 ISO 27001 Lead Auditor Jobs in the UK

Audit and Compliance Department: Information Security Certification About Us We are a UKAS-accredited certification body delivering independent audit and certification services across multiple management system standards, including ISO 9001, ISO 14001, and ISO 27001. Our goal is to help organisations demonstrate compliance, strengthen governance, and continuously improve. Were seeking a … to join our expanding audit team. Youll lead and conduct Information Security Management System (ISMS) audits in line with ISO / IEC 27001:2022 , ISO 17021 , and UKAS requirements. Key Responsibilities Plan, conduct, and report Stage 1, Stage 2, surveillance, and recertification audits for ISO 27001. Assess client ISMS implementations for conformity and effectiveness against ISO / IEC 27001:2022. Lead audits independently or as part of a multi-standard team (e.g. ISO 9001, ISO 22301, ISO 27701). Produce clear, objective audit More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to … part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant with standards such as ISO 27001, SOC 2 Type II, and GDPR, while building a culture of risk awareness and continuous improvement. Key Responsibilities Maintain and develop compliance policies, standards … and frameworks across the organisation. Support internal and external audits for ISO 27001, SOC 2, and data-protection regulations. Conduct regular risk assessments and contribute to risk treatment plans. Monitor compliance KPIs, prepare monthly status reports, and present findings to senior stakeholders. Review vendor and third-party compliance, ensuring contractual and regulatory obligations are More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities Lead client audits and compliance assessments across multiple frameworks. Review and analyze systems, applications, databases, and network devices. Assess cloud environments including AWS, Azure, and GCP. Define audit scope, identify risks, and recommend improvements. Provide compliance consulting to help clients meet regulatory requirements. Produce final … experience. Bachelors degree in information security or related field. Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. Strong understanding of cloud environments and network architectures. Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities Lead client audits and compliance assessments across multiple frameworks. Review and analyze systems, applications, databases, and network devices. Assess cloud environments including AWS, Azure, and GCP. Define audit scope, identify risks, and recommend improvements. Provide compliance consulting to help clients meet regulatory requirements. Produce final … experience. Bachelors degree in information security or related field. Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. Strong understanding of cloud environments and network architectures. Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities Lead client audits and compliance assessments across multiple frameworks. Review and analyze systems, applications, databases, and network devices. Assess cloud environments including AWS, Azure, and GCP. Define audit scope, identify risks, and recommend improvements. Provide compliance consulting to help clients meet regulatory requirements. Produce final … experience. Bachelors degree in information security or related field. Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. Strong understanding of cloud environments and network architectures. Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities Lead client audits and compliance assessments across multiple frameworks. Review and analyze systems, applications, databases, and network devices. Assess cloud environments including AWS, Azure, and GCP. Define audit scope, identify risks, and recommend improvements. Provide compliance consulting to help clients meet regulatory requirements. Produce final … Bachelor s degree in information security or related field. Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. Strong understanding of cloud environments and network architectures. Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

to work. No excuses. No passengers. No tolerance for politics or mediocrity. Requirements What This Role Demands: You Own It - You're responsible and proactive, you take the lead and make things happen. You Ask Questions - You don't just gather requirements; you challenge assumptions, to make us better. Why this control, why not another way? You … Management System. Ensure compliance to international standards and regional regulatory requirements. Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture. Successfully lead internal and external security audits - ISO 27001 / SOC2 Type II / PCI DSS. Champion a company wide culture of security awareness … and operational resilience by playing a key role in defining, maintaining, and managing security incident response and threat intelligence procedures. Lead, curate, and report on Navro's on going and persistent security awareness programme including frequent phishing testing campaigns, secure development, etc. Work with IT, SRE, and other key stakeholders on implementing and maintaining security policies and More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organizations risk register. Support More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization’s risk register. More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization’s risk register. More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization s risk register. More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization's risk register. More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization's risk register. More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System … ISMS) * Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote … legislation and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy … drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm’s information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and More ❯