6 of 6 ISO/IEC 27001 Jobs in Aberdeen

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

extended managed service team* Manage and presenting to the security advisory board* Implement and maintain compliance with industry best practice and security frameworks including Cyber Essentials +, NIST, CAF, ISO27001, and other recognised frameworks.* Act as the on-site SME facing off to, and working closely with, the organisation's managed service security provider.* Oversee advanced monitoring and risk management … the cybersecurity strategy* Drive security awareness initiatives What We're Looking For * Experience operating at a senior leadership level within security roles* Experience achieving and maintaining various security accreditations (ISO27001, Cyber Essentials+) on behalf of organisations* Experience owning or implementing a strategy * Strong communication skills* A technical IT background with a good understanding of networking, communication protocols and cloud technologies. More ❯

extended managed service team * Manage and presenting to the security advisory board * Implement and maintain compliance with industry best practice and security frameworks including Cyber Essentials +, NIST, CAF, ISO27001, and other recognised frameworks. * Act as the on-site SME facing off to, and working closely with, the organisation's managed service security provider. * Oversee advanced monitoring and risk management … the cybersecurity strategy * Drive security awareness initiatives What We're Looking For * Experience operating at a senior leadership level within security roles * Experience achieving and maintaining various security accreditations (ISO27001, Cyber Essentials+) on behalf of organisations * Experience owning or implementing a strategy * Strong communication skills * A technical IT background with a good understanding of networking, communication protocols and cloud technologies. More ❯