1 to 25 of 35 ISO 27001 Lead Implementer Jobs in the UK

to some of the UK’s most complex organisations across public, private, and defence sectors. We are looking for a Senior Security Consultant with a deep understanding of ISO 27001 implementation and delivery to join a collaborative, fast-growing team. You’ll be working on varied and challenging engagements, providing both hands-on delivery … rapid growth, this role offers significant scope for progression , flexibility in how you work, and the chance to shape the way security is delivered at scale. Key Responsibilities Lead ISO 27001 implementation projects, from initial gap analysis to certification readiness Advise clients on information security management systems (ISMS) design, deployment, and … continuous improvement Conduct risk assessments, security audits, and compliance reviews against ISO 27001 standards Support clients in achieving and maintaining compliance with security frameworks and regulatory requirements Engage with stakeholders at all levels to embed security best practice in business processes Mentor junior consultants and contribute to knowledge sharing within the team Stay current More ❯

ISO Consultant – SC Cleared - £50,000 to £60,000 per year – Remote with limited travel to Midlands area FryerMiles are delighted to be working with a leading Consultancy to assist with their recruitment of an ISO Consultant to join their team on a permanent basis working with a wide range of public and private … sector clients from all sectors on exciting projects. The successful candidate will have significant experience in Information Security and ISO 27001 and be willing to attain further qualifications and experience with other ISO Standards. Ideal candidates will also be able to ensure clients achieve and maintain certification to other ISO Standards such as ISO 27701, ISO 9001 and ISO 22301 Key Responsibilities: Develop and implement comprehensive management systems aligned with relevant standards – ISO 27001, ISO 27701, ISO 22301, ISO 9001. Conduct audits of More ❯

ensure Group security strategy is appropriately implemented, and divisional requirements are understood and supported Assist in management of the Groups Information Security Management System including maintenance of the ISO 27001 certification Engage with the IT Security Operations team and assist the Director of Information Security in providing oversight and challenge to that function Participate … within a GRC function, IT Security / Cyber team, Internal Audit or an IT environment Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001 Risk management Strong leadership and communication skills, with the ability to motivate and manage a team Our recruitment and selection process has been developed … of yourself and do your best work every day. You may also have experience in the following: Head of Cybersecurity GRC, Head of Information Security Governance, Cybersecurity Governance Lead, GRC Manager (Cybersecurity), Information Security Risk Manager, Senior GRC Consultant (Cybersecurity), Cybersecurity Risk and Compliance Lead, Information Security Compliance Manager, Head of InfoSec Governance, ISO More ❯

The National Physical Laboratory (NPL) is seeking a Principal Enterprise Security Architect to lead cyber security design and assurance for national-scale Position, Navigation, and Timing (PNT) programmes; requiring expertise in enterprise security architecture frameworks, cloud and IT technologies, risk mitigation, and relevant certifications such as CISSP or CISM, while collaborating with senior stakeholders and ensuring alignment … relating to activities of high complexity and risk, making decisions that will enable NPL to achieve its goals within its risk appetite. The Principal Enterprise Security Architect will lead the Cyber Security pillar within the PNT Technical Design Authority, overseeing the implementation of solutions to ensure technology and digital solutions align with the enterprise security roadmap. This … whilst meeting the overarching business and programme requirements Have a deep and evolving level of technical expertise across a wide range of both security and IT technologies & services Lead the technical cyber security design of systems and services across multiple PNT programmes and projects / technologies, up to an organisational or inter-organisational level Make and influence More ❯

Information Security Specialist (ISO Certified) About the Role Our client, a leading organisation in Berkshire, is seeking an experienced Information Security Specialist with in-depth knowledge of ISO 9001, ISO 14001, ISO 22301, ISO 27001, and PCI-DSS compliance. This role will … in-class security and compliance frameworks, ensuring that all information assets and operational processes are safeguarded to the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. … and external auditors to achieve and maintain certifications. Deliver organisation-wide security and compliance awareness training. Monitor and report on security performance, providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO More ❯

on governance, oversight, and assurance, ensuring Onsi operates in line with best practices and applicable laws, particularly within cybersecurity, data protection, and operational risk. What you will do: Lead and support the implementation of key compliance and cybersecurity frameworks (e.g. UK GDPR, ISO 27001, Cyber Essentials), while developing regulatory risk frameworks … management, information security, or cybersecurity governance - ideally within a regulated environment such as financial services or fintech. The ability to understand and apply regulatory frameworks (e.g. UK GDPR, ISO 27001) and translate them into business-friendly policies, controls, and processes. Confidence working with regulatory frameworks like UK GDPR, ISO 27001 … the discipline to manage your learning and growth. Desirable Qualifications and / or knowledge (any of the following): Certifications or practical experience as / in CISMP, CompTIA Security+, ISO 27001 Lead Implementer, CISM, CISSP, or PCI DSS QSA. Awareness of key regulations, including UK GDPR, Data Protection Act More ❯

IT Compliance & Service Manager Middlesbrough - Hybrid Salary - £50-60k My client is a medium-sized, fast-moving business seeking a technically strong IT Compliance & Service Manager to lead their ISO27001 compliance programme and oversee IT service delivery. You'll manage outsourced IT service providers, execute our information security management system (ISMS), and ensure effective Microsoft … requiring initiative, technical depth, and strong vendor relationship management skills. You'll think independently, propose solutions, and advocate for IT governance best practices across the organisation. Key Responsibilities ISO 27001 & IT Governance Execute ISMS rollout and maintain policies, processes, and controls aligned with ISO 27001 Develop and maintain … compliance reporting Help steer the overall ISMS programme and ensure audit readiness Third-Party Service Management & ITSM Manage strategic relationships with IT service providers and oversee SLA performance Lead vendor selection processes and coordinate between multiple service providers Oversee day-to-day IT operations and manage incident, request, and change processes Drive continuous improvement initiatives aligned with More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days / week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity … role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical research and drug design. You will play a pivotal role in … ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for ISO 27001 certification and ongoing ISMS operations. Develop and maintain security policies and procedures, tailored for an AI-first, GxP-regulated organisation. Lead More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days / week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity … role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical research and drug design. You will play a pivotal role in … ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for ISO 27001 certification and ongoing ISMS operations. Develop and maintain security policies and procedures, tailored for an AI-first, GxP-regulated organisation. Lead More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days / week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity … role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical research and drug design. You will play a pivotal role in … ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for ISO 27001 certification and ongoing ISMS operations. Develop and maintain security policies and procedures, tailored for an AI-first, GxP-regulated organisation. Lead More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days / week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity … role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical research and drug design. You will play a pivotal role in … ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for ISO 27001 certification and ongoing ISMS operations. Develop and maintain security policies and procedures, tailored for an AI-first, GxP-regulated organisation. Lead More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days / week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity … role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical research and drug design. You will play a pivotal role in … ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for ISO 27001 certification and ongoing ISMS operations. Develop and maintain security policies and procedures, tailored for an AI-first, GxP-regulated organisation. Lead More ❯

new and evolving expectations. We use the Scrum framework to drive product delivery, quality and success, so an appreciation of agile working is beneficial. Cyber and Information Security Lead - Key responsibilities: Develop and implement our security strategy: Design, implement and maintain a comprehensive security strategy, roadmap, and policies to support business objectives, future growth ambitions and product … the company's security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO27001:2022 and other relevant frameworks. Risk management: Lead the information security risk management program, including identification, assessment, mitigation, and monitoring of information security risks across all systems, applications, and operations. Policy and procedure development: Support and … up to date with the latest cyber security threats, vulnerabilities, technologies, and best practices relevant to the health sector and the wider technology landscape. Cyber and Information Security Lead - Skills and Experience: Essential: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a More ❯

Their current need sits within the energy sector and is for a EMEA-wide IT management system. The main responsibilities will be to support their client in maintaining ISO 27001 certification, and be compliant with DORA, NIS 2, GDPR, etc. Requirements: * ISO 27001 Lead Implementer or Auditor certification * Strong knowledge of frameworks like ISO 27001 / 27002, CAF, eCAF, NIST, GDPR * Client and stakeholder management The client is looking for someone with direct experience with utility providers or experience working with providers via Third-Party suppliers. If you're interested in hearing more about the role More ❯

Their current need sits within the energy sector and is for a EMEA-wide IT management system. The main responsibilities will be to support their client in maintaining ISO 27001 certification, and be compliant with DORA, NIS 2, GDPR, etc. Requirements: ISO 27001 Lead Implementer or Auditor certification Strong knowledge of frameworks like ISO 27001 / 27002, CAF, eCAF, NIST, GDPR Client and stakeholder management The client is looking for someone with direct experience with utility providers or experience working with providers via Third-Party suppliers. If you're interested in hearing more about the role More ❯

Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System. This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business. Requirements … ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security More ❯

Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System. This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business. Requirements … ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security More ❯

Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System. This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business. Requirements … ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security More ❯

standards on highly complex programmes of work. Delivery of client engagements to support governance, risk and compliance against a range of cyber security regulations, frameworks and standards, including ISO 27001, NIST Regulations, CAF and secure by design. Staying on top of the latest developments within Cyber Security & Information Assurance by attending training and conferences. … to tenders and provide pre-sales support. About you: Experience: Security assurance, working with JSP440, JSP604 Security accreditation Secure by design Implementing security standards and frameworks, such as ISO 27001, NIST 800 and CAF Conducting Cyber Security risk assessments and managing risk management activities Good knowledge of IT systems covering traditional infrastructure, cloud platforms … or security management / leadership position Working with various technical teams Conducting Cyber Security assessments and gap analysis against various frameworks. Qualifications: NIST Foundation / Practitioner CISM CRISC ISO 27001 Lead Implementer / Auditor CISSP CISMP What we offer: Our story to-date has been phenomenal, but success More ❯

continual learning, collaboration, and innovation. We don't just support businesses - we shape how they stay secure, agile, and competitive. We are now looking for a talented Cybersecurity Lead / Specialist to join our growing team and take ownership of our cybersecurity offering. This is a hybrid, hands-on role that blends strategy with technical implementation - ideal … comprehensive security stack tailored for SME and hospitality clients Administer tools such as CrowdStrike Falcon, RoboShadow, Microsoft Defender, ThreatLocker Evaluate and onboard new security technologies; liaise with vendors Lead technical onboarding of cyber tools for both internal and client deployments Incident Response & Threat Management: Develop and own incident response playbooks Act as the lead … threat intelligence, and forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are audit More ❯

fostering a culture of security awareness throughout the organisation. Security Strategy Development: Design and implement a comprehensive information security strategy that aligns with business objectives and complies with ISO 27001 standards. Microsoft 365 Expertise: Leverage Microsoft 365 tools to enhance security measures, ensuring optimal configuration and deployment to protect data and information assets. Data … s security posture. Requirements Bachelor's degree in Information Security, Computer Science, or a related field. 5+ years of experience in information security management, with a focus on ISO 27001 and compliance. Strong expertise in Microsoft 365 security features and configurations. Proven background in cybersecurity, risk management, and data governance. Excellent analytical and problem … solving skills, with the ability to think strategically. Strong communication and interpersonal skills, with a focus on collaboration and teamwork. Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable. Other information Your package and perks At M247, we go beyond the pay check to bring More ❯

Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements from the Group Information Security Framework, and proactively managing non-compliance issues and mitigating Information Security risks. … desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Ability to analyse data and generate reports … Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable. More ❯

Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements from the Group Information Security Framework, and proactively managing non-compliance issues and mitigating Information Security risks. … desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Ability to analyse data and generate reports … Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable. More ❯

Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements from the Group Information Security Framework, and proactively managing non-compliance issues and mitigating Information Security risks. … desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Ability to analyse data and generate reports … Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable. More ❯

Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements from the Group Information Security Framework, and proactively managing non-compliance issues and mitigating Information Security risks. … desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Ability to analyse data and generate reports … Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable. More ❯