2 of 2 ISO/IEC 27001 Jobs in Aberdeenshire

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

support secure and reliable deployments. Provision, support & maintain required cloud services for development, test and QA. Implement cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and … and network infrastructure (including physical and virtual servers and storage systems). Find, implement, and operationalize hardware environment improvements through a continual process. Develop and enforce IT policies, onboarding / offboarding procedures, and asset tracking. Leadership & Strategy Build and lead a small but scalable team across IT and Cloud Operations. Align with DevOps on roadmaps for infrastructure maturity and … and relevant work experience may compensate for lack of formal education. Certifications such as CISSP, CISM, expert level Azure, or similar are a plus. Familiarity with security frameworks (ISO 27001, SOC 2, NIST, FedRAMP). Competencies Advanced knowledge of cyber security. Excellent leadership, communication, and cross-functional collaboration and mentoring skills. More ❯