17 of 17 ISO 27001 Lead Implementer Jobs in the UK

committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Information Security Risk Manager to lead on A&M wide information security risk management program and join our dynamic and growing team based in either our London or Tampa … the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the OnSpring GRC Tool and can effectively assess and communicate technical security requirements to teams … across the firm. Key Responsibilities: Risk Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the end-to-end information security risk management process, ensuring risks are proactively identified, assessed, recorded, and mitigated. Assess and prioritize security risks based on enterprise-wide More ❯

team at Prevail Partners. The ideal candidate will bring deep technical knowledge of information security risks, controls and frameworks - with practical experience managing ISO 27001-compliant systems and embedding secure practices across dynamic operational environments. You will work closely with the Counter Intelligence and … Security Lead, Compliance Manager, IT department, and project teams to ensure robust, proportionate, and forward-looking protection of our people, data and systems. This is a key role for a pragmatic and security-minded individual who can operate at both strategic and operational levels, supporting the business … as it expands its global footprint and develops sensitive technology solutions. Key Responsibilities Security Strategy & Governance Lead the continued development of Prevail's Information Security Management System (ISMS) in alignment with ISO 27001, driving forward maturity and integration with wider business More ❯

ISMS. Your expertise in risk management, compliance, and security policies will help strengthen the organisation's security posture and ensure ongoing adherence to ISO 27001 and other regulatory requirements. Key Responsibilities Develop, implement, and maintain security policies, procedures, and governance frameworks. Lead and support compliance efforts for ISO 27001, GDPR, and other relevant regulations. Manage and maintain risk registers, conducting risk assessments and recommending mitigation strategies. Conduct internal and external audits, address findings, and oversee continuous improvement initiatives. Ensure effective security asset management … security risks are minimised. Skills & Experience Required Minimum 3 years' experience in a GRC or IT security role. Certifications such as CompTIA Security+, ISO 27001 Lead Implementer / Auditor, CISSP, or CISM (desirable). Strong understanding of ISO More ❯

for personal finances, business operations, or global investments. What you will do: Drive the company's information security strategy, ensuring alignment with GDPR, ISO 27001, DORA, PSD2 / 3, and other relevant regulations Identify and address local and entity-specific security requirements to maintain … processes, and vendors Develop and maintain security policies, standards, and incident response protocols Support business continuity and disaster recovery planning for seamless resilience Lead and oversee internal / external security audits to ensure transparency and accountability Partner with engineering and ICT teams to embed secure-by-design … fintech), with proven Second Line of Defense responsibilities in InfoSec and IT Compliance & Frameworks : Demonstrated success meeting GDPR, EU NIS2, and familiarity with ISO 27001, NIST, and cybersecurity best practices Risk & Governance : Skilled in conducting risk assessments, defining mitigation strategies, and creating / enforcing More ❯

Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR … years of experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial … understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability More ❯

solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position, you will assess the security and compliance of client firms against regulatory and industry … and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment … ll Bring Current PCI-QSA certification preferred (will consider former QSA). One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or More ❯

reliable, automated software deployments while reducing operational overhead. Set standards for Infrastructure as Code (IaC) governance, ensuring consistency and compliance. Cloud & Infrastructure Leadership Lead the transformation from traditional infrastructure to cloud-native, platform-driven operations. Provide strategic direction for hybrid, multi-cloud architecture (AWS, Azure, on-premises … . Security, Compliance & Risk Management Ensure platform security aligns with ISO 27001, NIST, and GDPR compliance. Embed security-first principles into platform governance and DevOps processes. Leadership, Collaboration & Stakeholder Management Lead and mentor a team of Platform Engineers, DevOps Engineers, and … field. Azure Solutions Architect Expert / AWS Certified Solutions Architect (Professional) Desirable. Certified Kubernetes Administrator (CKA) or equivalent (Desirable). ITIL, CISSP, or ISO 27001 Lead Implementer (Desirable). If you think you have what it takes, apply More ❯

CD governance, ensuring reliable, automated software deployments while reducing operational overhead. Set standards for Infrastructure as Code (IaC) governance, ensuring consistency and compliance. Lead the transformation from traditional infrastructure to cloud-native, platform-driven operations. Provide strategic direction for hybrid, multi-cloud architecture (AWS, Azure, on-premises … . Security, Compliance & Risk Management Ensure platform security aligns with ISO 27001, NIST, and GDPR compliance. Embed security-first principles into platform governance and DevOps processes. Leadership, Collaboration & Stakeholder Management Lead and mentor a team of Platform Engineers, DevOps Engineers, and … field. Azure Solutions Architect Expert / AWS Certified Solutions Architect (Professional) Desirable. Certified Kubernetes Administrator (CKA) or equivalent (Desirable). ITIL, CISSP, or ISO 27001 Lead Implementer (Desirable). If you think you have what it takes, apply More ❯

work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: ISO / IEC 27001:2022 NIST Cybersecurity Framework PCI-DSS 4.0.1 UK GDPR, NIS2 Directive, CAP1753, and related sector obligations This makes it a great development … to relevant stakeholders. Collaborates with procurement and key suppliers to ensure their ongoing security posture meets Virgin Atlantic requirements. Conducts internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements. Supports internal / external audits, evidence readiness, and corrective action tracking. Maintains the policy and control … Implementer / Auditor certification. Sound knowledge of information security governance practices, working knowledge of ISO / IEC 27001:2022, NIST CSF, PCI-DSS, UK GDPR, and NIS2, and other aviation-related legislation. Awareness of Business Continuity, IT Service Continuity, and More ❯

work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: - ISO / IEC 27001:2022 - NIST Cybersecurity Framework - PCI-DSS 4.0.1 - UK GDPR, NIS2 Directive, CAP1753, and related sector obligations . This makes it a great … to relevant stakeholders Colloborate with procurement and key suppliers to ensure their ongoing security posture meets Virgin Atlantic requirements Conduct internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements Support internal / external audits, evidence readiness, and corrective action tracking Maintain the policy and control … Implementer / Auditor certification Sound knowledge of information security governance practices, working knowledge of ISO / IEC 27001:2022, NIST CSF, PCI-DSS, UK GDPR, and NIS2 and other aviation related legislation.Awareness of Business Continuity, IT Service Continuity and IT More ❯

retail-sector clients, acting as a trusted advisor across longer-term engagements - shaping security strategy, influencing stakeholders, and driving real change. The Role: Lead and deliver complex GRC engagements, operating at both a strategic and tactical level Build trust with clients, challenge assumptions diplomatically, and influence senior … auditor!) A background in Cyber, Cloud or Networking is useful - even if not current / up to date. Certifications such as CISSP, CISM, ISO 27001 Lead Implementer, PCI etc. are great - but your professionalism and confidence matter most More ❯

and cybersecurity stakeholders to ensure that security requirements are appropriately defined, evidenced, and governed in alignment with relevant defence and maritime standards. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts … equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific … frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Essential skills Strong understanding of cybersecurity assurance principles, risk management, and regulatory More ❯

and cybersecurity stakeholders to ensure that security requirements are appropriately defined, evidenced, and governed in alignment with relevant defence and maritime standards. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts … equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific … frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Essential skills Strong understanding of cybersecurity assurance principles, risk management, and regulatory More ❯

solid grasp of ISO27001, NIST, UK GDPR, and security frameworks Knowledge of vendor management and vulnerability assessments Bonus points for certifications like ISO27001 Lead Implementer, CISSP, or CISM What’s in it for you? Private healthcare & life insurance Generous pension scheme (up to More ❯

communication with IT personnel. Strong documentation, analytical, and presentation skills. Desirable Knowledge, Skills, and Experience Qualifications such as CISA, CISM, CEH, or ISO27001 Lead Implementer / Auditor. Experience engaging with senior management and managing relationships. Previous experience handling Information Security incidents. Benefits This role More ❯

Lead Security Architect (Cyber) 9-Month Contract Inside IR35 £650 This role requires SC Clearance The successful applicant will be responsible for: Analyse and assess cyber vulnerabilities at scale for their potential business impact, using your own skill and experience, and in consultation with business owners and … Cyber Professional (CCP), CREST Registered Technical Security Architect, BCS Practitioner Certificate in Information Assurance Architecture, ISC(2) Information Systems Security Architecture Professional, ISO27001 Lead Implementer. More ❯

Lead Security Architect (Cyber) 9-Month Contract Inside IR35 £650 This role requires SC Clearance The successful applicant will be responsible for: Analyse and assess cyber vulnerabilities at scale for their potential business impact, using your own skill and experience, and in consultation with business owners and … Cyber Professional (CCP), CREST Registered Technical Security Architect, BCS Practitioner Certificate in Information Assurance Architecture, ISC(2) Information Systems Security Architecture Professional, ISO27001 Lead Implementer. More ❯