4 of 4 ISO 27001 Lead Implementer Jobs in the City of London

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

high caliber of our experts, we have enjoyed triple digit growth over the past five years, creating amazing career opportunities for our people. As a Cyber Delivery Assurance Lead, you will champion “security-by-design” across every BA product release. You will provide independent assurance to the Head of Cyber & IT Risk that delivery teams align with … in threat and risk assessments across cloud, network, and infrastructure stacks. Strong working knowledge of NIST, PCI DSS, GDPR, NIS, and NCSC guidance. Relevant certifications such as CISSP, ISO 27001 Lead Implementer, or SANS GIAC (or equivalent). Proven track record of influencing senior colleagues and third-party More ❯