20 of 20 ISO 27001 Lead Implementer Jobs in the UK

corporations, major insurers and more. Person Specification We are looking for someone who brings both technical expertise and a collaborative mindset: Professional certifications such as CISM, CISSP , or ISO 27001 Lead Implementer / Auditor (or equivalent). Hands-on experience with ISO 27001 … are expecting a high number of applications, we may close the role before the advertised date. About the role Key Responsibilities for the Information Security Manager: Risk & Compliance Lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. … a strong security culture. Promote a positive risk and compliance mindset across the organisation. Ensure lessons from audits, incidents, and inspections are embedded into practice. Incident & Breach Management Lead the response to cyber and information security incidents, including investigation, containment, and escalation. Maintain and test business continuity and disaster recovery plans. Coordinate incident response efforts across IT More ❯

integrated and resold by some of the world's leading business communications vendors, as well as major payment service providers. We are currently looking for a GRC & Audit Lead to join our UK team. THE OPPORTUNITY: PCI Pal's Information Security team requires a dynamic and proactive individual to lead all Governance, Risk and … agile and innovative team and are responsible for ensuring that the confidentiality, integrity and availability (CIA) of our internal, external environments, and client solutions are always maintained. The Lead GRC & Audit function will be focused on ownership of all Information Security GRC, Audit and project initiatives, including proactive cross-functional collaboration with other variety of business stakeholders. … requirements are suitably managed, maintained and matured. YOU WILL BE RESPONSIBLE FOR: Managing, maintaining, and maturing the already established audit lifecycles for the following frameworks: PCI DSS v4.0, ISO 27001:2022, ISO 9001:2015, ISO 14001:2015, Cyber Essentials, Cyber Essentials Plus, SOC2 Type 1 – 3 & HIPAA Working More ❯

Specialist (m / f / d) , you'll provide experienced support in the implementation and management of the Information Security Management System (ISMS) framework in alignment of current ISO 27001 standard and guidelines. With a focus on cybersecurity, this role involves leading risk assessments, ensuring alignment with industry standards and regulations, and following information … policies. What you will do Contribute to implementation, maintenance along with continuous improvement and associated instructional documentation of ISMS and its controls in line with the requirements of ISO 27001:2022 and similar standards. Ensure compliance and maintenance of ISO 27001:2022 standard as well as all Information … task as required. What we are looking for Bachelor s degree or equivalent in Information Technology or Computer Science degree or related field. Information Security certifications such as ISO 27001 Lead Auditor / Implementer, CISM, CISA, CRISC, CISSP, CEH, COBIT or equivalent preferred. Fluent in English, Multilingual skills More ❯

Specialist (m / f / d) , you'll provide experienced support in the implementation and management of the Information Security Management System (ISMS) framework in alignment of current ISO 27001 standard and guidelines. With a focus on cybersecurity, this role involves leading risk assessments, ensuring alignment with industry standards and regulations, and following information … policies. What you will do Contribute to implementation, maintenance along with continuous improvement and associated instructional documentation of ISMS and its controls in line with the requirements of ISO 27001:2022 and similar standards. Ensure compliance and maintenance of ISO 27001:2022 standard as well as all Information … task as required. What we are looking for Bachelor s degree or equivalent in Information Technology or Computer Science degree or related field. Information Security certifications such as ISO 27001 Lead Auditor / Implementer, CISM, CISA, CRISC, CISSP, CEH, COBIT or equivalent preferred. Fluent in English, Multilingual skills More ❯

the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring / optimising the CrowdStrike Falcon platform. The ideal candidate will also be comfortable designing and running desktop exercises to ensure … respond effectively to potential incidents. This is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike … Falcon , including creation and implementation of playbooks. Support compliance activities, audits, and risk assessments aligned to ISO 27001, CIS Controls, and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT More ❯

the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring / optimising the CrowdStrike Falcon platform. The ideal candidate will also be comfortable designing and running desktop exercises to ensure … respond effectively to potential incidents. This is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike … Falcon , including creation and implementation of playbooks. Support compliance activities, audits, and risk assessments aligned to ISO 27001, CIS Controls, and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT More ❯

the ability to support compliance initiatives and drive incident response readiness. You will play a key role in managing cyber incident response planning , leading compliance activities (CIS Controls, ISO 27001, Cyber Essentials+), and configuring / optimising the CrowdStrike Falcon platform. The ideal candidate will also be comfortable designing and running desktop exercises to ensure … respond effectively to potential incidents. This is a hybrid position based in Manchester , offering the opportunity to shape security practices within a supportive and collaborative organisation. Key Responsibilities Lead and maintain the organisation’s cyber incident response plan . Develop and run desktop exercises to test incident response readiness and train IT staff. Administer and optimise CrowdStrike … Falcon , including creation and implementation of playbooks. Support compliance activities, audits, and risk assessments aligned to ISO 27001, CIS Controls, and Cyber Essentials+ . Investigate and remediate security incidents, alerts, and vulnerabilities. Support patch management, vulnerability scanning, and secure configuration activities. Produce and maintain documentation including playbooks, procedures, and incident records. Collaborate with ICT More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System … ISMS) * Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote … legislation and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in IT, Cyber Security, Information Systems, or a related discipline * Strong working knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus * Proven ability to support and prepare for audits, including evidence collation and audit readiness * Excellent attention to detail More ❯

assurance, or information security , this position provides exposure to high-impact projects within a collaborative, forward-thinking environment. Key Responsibilities Governance & Compliance: Support and maintain compliance frameworks, including ISO 27001, CAF, and other relevant standards. Risk Management: Identify, assess, and monitor security risks, ensuring effective mitigation and continuous improvement within the ISMS. Audit & Assurance … functions to support security governance objectives. Skills & Experience Essential: Experience within GRC, assurance, risk management , or information security . Understanding of risk assessment methodologies and compliance frameworks (e.g. ISO 27001, CAF, NIST). Strong communication and reporting skills, with the ability to produce clear, concise documentation. Excellent organisation and prioritisation skills with attention to … Knowledge of GDPR , Data Protection Act 2018 , or similar legislation. Degree in Cybersecurity, Information Security, or a related field . Professional certifications such as CISA , CISM , CISSP , or ISO 27001 Lead Implementer / Auditor . Benefits Competitive salary and comprehensive benefits package. Flexible hybrid working arrangements. Access to More ❯

assurance, or information security , this position provides exposure to high-impact projects within a collaborative, forward-thinking environment. Key Responsibilities Governance & Compliance: Support and maintain compliance frameworks, including ISO 27001, CAF, and other relevant standards. Risk Management: Identify, assess, and monitor security risks, ensuring effective mitigation and continuous improvement within the ISMS. Audit & Assurance … functions to support security governance objectives. Skills & Experience Essential: Experience within GRC, assurance, risk management , or information security . Understanding of risk assessment methodologies and compliance frameworks (e.g. ISO 27001, CAF, NIST). Strong communication and reporting skills, with the ability to produce clear, concise documentation. Excellent organisation and prioritisation skills with attention to … Knowledge of GDPR , Data Protection Act 2018 , or similar legislation. Degree in Cybersecurity, Information Security, or a related field . Professional certifications such as CISA , CISM , CISSP , or ISO 27001 Lead Implementer / Auditor . Benefits Competitive salary and comprehensive benefits package. Flexible hybrid working arrangements. Access to More ❯

fostering a culture of security awareness throughout the organisation. Security Strategy Development: Design and implement a comprehensive information security strategy that aligns with business objectives and complies with ISO 27001 standards. Microsoft 365 Expertise: Leverage Microsoft 365 tools to enhance security measures, ensuring optimal configuration and deployment to protect data and information assets. Data … s security posture. Requirements Bachelor's degree in Information Security, Computer Science, or a related field. 5+ years of experience in information security management, with a focus on ISO 27001 and compliance. Strong expertise in Microsoft 365 security features and configurations. Proven background in cybersecurity, risk management, and data governance. Excellent analytical and problem … solving skills, with the ability to think strategically. Strong communication and interpersonal skills, with a focus on collaboration and teamwork. Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable. Other information Your package and perks At M247, we go beyond the pay check to bring More ❯

risk management, policy development, compliance assessments, and training. You will also support internal initiatives, mentor junior colleagues, and contribute to my client’s wider security leadership. Key Responsibilities Lead delivery of GRC and information security services to clients, including risk identification, remediation, and compliance with regulatory and data protection standards. Develop, implement, and review security and governance … cybersecurity and GRC certifications (e.g., CISSP, CISA, CEH, Security+, CCNA, Network+, ISO 27001 Lead Implementer / Lead Auditor ). Minimum 3 years’ experience in cybersecurity, information security, or GRC roles. At least 3 years of client-facing or managed services experience. Minimum 2 years in … compliance documentation and ISMS records. Preferred Experience leading implementation projects with cross-functional teams. Strong knowledge of scaling GRC frameworks across varied organisations. Solid understanding of risk management, ISO standards, and industry best practices. Experience in staff development, internal training, and supporting recruitment activities. More ❯

our company, or if you have not taken steps to pursue Chartered Cyber Security Professional (ChCSP) status. This is a senior role for an experienced consultant who can lead engagements, provide authoritative advice, and help shape our cyber security services. You will work primarily in Audit & Assurance and Risk & Compliance, with the opportunity to contribute to Incident … Response where needed. There will also be opportunities to define and lead other areas of cyber security. What youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO / IEC 27001 … NCSC CAF, and PCI DSS. Lead independent assurance, review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. Develop and present security strategies that enhance resilience and reduce risk, tailored to client environments. Engage stakeholders, facilitate workshops, brief senior leaders, and build trusted relationships across client and supplier teams. Produce high-quality More ❯

relationships. As a Security Consultant , you will work on a variety of Defence and Public Sector assignments, requiring current SC clearance. Projects will range from risk assessments and ISO 27001 implementations to developing full ISMS frameworks and supporting clients through accreditation. You'll provide expert guidance across standards such as NIST, CAF, and Secure … solutions. We are looking for a Security Consultant with experience in security assurance, accreditation, secure by design, and risk management, alongside recognised qualifications such as CISSP, CISM, or ISO 27001 Lead Implementer. Ideally you will be familiar with GRC practices in similar environments also. In return, you'll enjoy a competitive More ❯

retailers, utilities, entertainment plus many more! About Our Opportunity We are seeking a technically proficient and strategically minded Head of Information Security Governance, Risk and Compliance (GRC) to lead our governance, risk, and compliance functions. This role is ideal for a seasoned security professional with a strong technical foundation who can bridge the gap between security operations … be responsible for developing and maintaining a robust GRC framework that aligns with business objectives, regulatory requirements, and industry best practices. What You Will Be Doing You’ll lead the governance, risk, and compliance functions across the enterprise, balancing strategic oversight with technical depth. This includes: Designing and maintaining an enterprise-wide security governance framework. Creating, enforcing … SIEM, DLP, IAM, vulnerability scanners). Strong knowledge of regulatory and compliance standards. Demonstrated experience leading teams and managing cross-functional projects. Relevant experience in CISSP, CISM, CRISC, ISO 27001 Lead Implementer / Auditor (or equivalent). Demonstrable experience in information security, including experience in a GRC leadership More ❯

Officer to support our organisation’s commitment to maintaining the highest standards of legal, regulatory, and ethical compliance across our European operations. The successful candidate will take a lead role in developing, implementing, and maintaining compliance frameworks, with a particular focus on EU regulations , GDPR , and the NIS2 Directive . The position will also oversee corporate and … Microsoft Office skills (Word, Excel, Outlook & PowerPoint) Desirable Experience in or exposure to security, CCTV, or technology-based industries . Legal or compliance certification (e.g., CIPP / E, ISO 27001 Lead Implementer, or equivalent). Multilingual proficiency is an advantage. Personal Attributes High integrity, professionalism, and discretion. Proactive More ❯

with a great benefit package also. This Information Security Analyst (GRC) role would suit someone with experience with information security risk assessments, reporting risks and who holds the ISO 27001 lead implementer / auditor certification. Any other certifications that you hold will be beneficial. Experience dealing with non More ❯

stakeholders and establish yourself as a core member of their security function. Take ownership of client-specific Security Improvement Plans, ensuring risks are reduced and resilience is increased. Lead governance and oversight activities, including risk reviews, board-level reporting, and mentoring client teams. Carry out security reviews across cloud, hybrid, and on-premises environments, identifying vulnerabilities and … improvement areas. Work closely with SOC teams to review threat hunting outcomes and ensure remediation of poor practices. Provide guidance on compliance and frameworks such as ISO 27001, Cyber Assessment Framework (CAF), and Cyber Essentials. Contribute to incident readiness and response as part of the Cyber Security Incident Response Team (CSIRT). Actively contribute … board level. Hands-on experience with cloud and hybrid architectures, audits, and security assessments. Incident response and crisis management experience is a plus. Holding CISSP / CISM ISO27001 Lead implementer What’s on Offer Salary up to £80,000 Fully remote role with flexibility to travel to client sites when required Opportunity to work More ❯

an information Security and Resilience Business Partner. How you'll make a difference This is a fantastic opportunity for the right person to support our Operational Resilience Oversight Lead in the continuous development and implementation of the Society's Resilience framework and provide advice to the business. You will undertake detailed assurance work in line with the … guidance and expectations. What will you bring to the role? Knowledge of IT controls and technical solutions. Preferably have a relevant information security related qualification such as CISA, ISO 27001 lead auditor / implementer. Knowledge of the relevant regulatory requirements around Information Security, Resilience and Third Party Management. Competent skills in More ❯

About the DCC: At the DCC, we believe in making Britain more connected, so we can all lead smarter, greener lives. That desire to make a difference is what drives us every day and it wouldnt be possible without our people. Each person at the DCC brings a special kind of power to the business, and if … suppliers to ensure security is embedded in everything we dofrom design to delivery. You will also support the development and maintenance of our Information Security Management System (ISMS), lead internal audits, and provide expert guidance on risk mitigation and regulatory compliance. Key Responsibilities: Security Assurance & Project Engagement Provide end-to-end security assurance across the Licence Renewal … engage with technical and non-technical stakeholders. Ability to work independently and collaboratively in a fast-paced environment. Skills & Experience - Desirable Recognised certifications: CISSP, CISM, CISA, CEH. ISO27001 Lead Auditor / Implementer certification. Knowledge of NIST Cybersecurity Framework and PKI. Understanding of large public sector programmes. Eligible for HMG SC clearance. Personal Attributes Analytical More ❯