1 to 25 of 28 ISO/IEC 27001 Jobs in Berkshire

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role working closely with senior … Opportunity to lead major security initiatives and strengthen overall cyber resilience. Exposure to a wide range of security tools and technologies, from CrowdStrike and Palo Alto firewalls to email / web gateways and NAC solutions. Career growth - mentor others, lead projects, and become a go-to technical expert. What you’ll be doing: Taking ownership of CrowdStrike EDR , including … NAC, and firewall controls . Leading on incident response , root cause analysis, and runbook development. Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email / web security, MFA, SSO, PAM, MDM / MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

and others), report issues, and ensure compliance with governance and legislation. Own your automations, code, databases, and lists. Ensure adherence to ISO 27001, DCB 0129 / 0160, and Trust policies. Complete governance documentation to required standards and stay updated on changes. Participate in internal and external audits. Understand stakeholder needs and support them during automation … design and build. Help identify new automation opportunities across the Trust. Action break / fix requests within agreed timelines. Attend IA team and project meetings. Maintain strong knowledge of Intelligent Automation and Power Platform technologies to support evolving business priorities. About us Berkshire Healthcare NHS Foundation Trust is a specialist mental health and community health services trust. Rated 'outstanding … receive a high number of applications, we may close this role earlier than the advertised closing date, so please submit your application as soon as possible. Person Specification Education / Qualifications / Training Educated to degree level in a subject relevant to the post or with relevant experience working within an automation or citizen developer environment. PRINCE2 qualification More ❯

summaries Coordinate secure changes and maintenance windows with engineering teams Respond to security incidents and support root cause analysis and reporting Participate in the deployment of new applications and / or changes, ensuring that all service components are documented and monitored and integrated into the company’s operational processes. Work with stakeholders across the solutions lifecycle to ensure that … with technical stakeholders (including customers) on the delivery of hosted solutions. Experience & Qualifications Good experience in a hosting provider or managed service provider environment Strong working knowledge of ISO 27001, ISO 27017, ISO 27018, and ISO 22301 Hands-on experience with scanning and vulnerability detection applications Hands-on experience of … domain and AD management experience Strong troubleshooting skills Strong scripting skills Enthusiasm and talent for acquiring complex technical skills Good customer service attitude Knowledge of configuration management (Puppet and / or Red Hat Satellite preferred) Scripting for automation using technologies (e.g. Powershell, Puppet, Ansible, Python) ITIL knowledge – principles and application Ability to support and develop junior colleagues More ❯

opportunity for a security leader with extensive experience designing and implementing enterprise-grade security architectures across complex, highly regulated environments. The role will focus heavily on cloud security, AI / ML security, regulatory compliance, and secure-by-design frameworks for critical systems. Why This Role? Shape and deliver the security architecture strategy for enterprise cloud and AI / … MLOps with security guardrails. Act as a trusted advisor to senior leadership , influencing both business and technology direction. Key Responsibilities Define and evolve security architecture strategies for cloud, AI / ML, and MLOps environments . Act as a senior security advisor to leadership, engineering, and business stakeholders. Develop security architecture standards, patterns, and guidelines for enterprise solutions, with specific … coverage for AI / ML workloads. Conduct security architecture reviews, threat modelling, and risk assessments for AI / ML systems and pipelines . Ensure solutions comply with European financial services regulations (GDPR, PSD2, DORA, NIS2) as well as emerging AI governance frameworks (e.g., EU AI Act, NIST AI RMF). Integrate security into DevSecOps and MLOps pipelines , including More ❯

experts and multidisciplinary teams , while driving standards in one of the most rapidly evolving technology landscapes. The Role As an AI Security Architect , you will: Define and implement AI / ML security strategies, standards, and guidelines . Design and own enterprise security architecture for AI / ML systems, CI / CD, and data pipelines. Conduct security risk … assessments and threat modelling for AI / ML workloads. Support testing of AI / ML models, including trustworthiness, fairness, bias, and adversarial attack detection. Collaborate with data scientists, engineers, and stakeholders to embed security controls in AI / ML pipelines. Enforce robust access control, authentication, and encryption standards . Stay ahead of emerging AI security threats, regulations … and frameworks . Provide advisory guidance to cross-functional teams during AI / ML system design and deployment. Contribute to regulatory compliance efforts (EU AI Act, GDPR, ISO 27001, NIST AI RMF, etc.). Support incident response teams in handling AI / ML-related security events. Your Profile Wed love to hear from you More ❯

time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response … capable of working effectively with diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / Relationship Management. You have excellent … or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

assessments, and security design reviews for OT environments. Work closely with engineering and project teams to embed security into delivery. Produce and review security documentation in line with MOD / Defence standards. Provide SME input on OT security to stakeholders across projects. Essential Skills & Experience Active UK DV Clearance (mandatory). Security Practitioner Strong background in Operational Technology. Demonstrable … experience applying MOD / Nuclear Secure by Design (SbD) principles. Proven experience in security architecture and engineering within Defence or Critical National Infrastructure. Knowledge of risk management methodologies and security assurance. Desirable Skills Experience with IEC / ISA 62443 standards. Familiarity with NIST 800-82, ISO 27001, and Defence Security standards (e.g. … JSPs). Previous MOD / Defence and or Nuclear experience. Due to the nature and urgency of the role, candidates are required to hold current Developed Vetting (DV) clearance, if you do not hold this, unfortunately we cannot sponsor. Please familiarise yourself with the security vetting process before applying. More ❯

assessments, and security design reviews for OT environments. Work closely with engineering and project teams to embed security into delivery. Produce and review security documentation in line with MOD / Defence standards. Provide SME input on OT security to stakeholders across projects. Essential Skills & Experience Active UK DV Clearance (mandatory). Security Practitioner Strong background in Operational Technology. Demonstrable … experience applying MOD / Nuclear Secure by Design (SbD) principles. Proven experience in security architecture and engineering within Defence or Critical National Infrastructure. Knowledge of risk management methodologies and security assurance. Desirable Skills Experience with IEC / ISA 62443 standards. Familiarity with NIST 800-82, ISO 27001, and Defence Security standards (e.g. … JSPs). Previous MOD / Defence and or Nuclear experience. Due to the nature and urgency of the role, candidates are required to hold current Developed Vetting (DV) clearance, if you do not hold this, unfortunately we cannot sponsor. Please familiarise yourself with the security vetting process before applying. JBRP1_UKTJ More ❯

role is key in building and improving Primark's Cyber Security posture. Duties & Responsibilities Actively progress and improve Primark's cyber security posture with the delivery of agreed projects / initiatives aligned with industry best practice. Ensure project deliverables are aligned with the Cyber Roadmap with outcomes directly addressing strategic objectives / maturity gaps / audit points. … Advise and lead on solutions with our internal teams / outsourced partners, having a 'hands on approach' including the construction of business cases and contractual arrangements. Have a metric based approach with a structure to enable auditing and managing vendor performance. Coordinating resources, preparing delivery teams for kick-off and ensure effective completion of milestones, controlling scope and mitigating … defining, developing and managing implementation schedules Maintaining a roadmap of future initiatives, that effectively facilitates the prioritisation of delivery plans. Ensuring an ongoing focus on delivering the required quality / value for money and compliance with published standards and guidelines. Co-ordinates cross-functional team members, identifies resources needed, assigns and prioritises tasks / responsibilities and ensures deadlines More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

Base Location: Reading / Havant Salary: 800 - 999 per day Working Pattern: 40 hours per week / Full time Embark on a transformative career journey with SSE energy company, where innovation meets impact in the heart of the IT sector. As a pivotal player in our forward-thinking team, you'll harness cutting-edge technology to drive change … security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443. Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT More ❯

Base Location: Reading / Havant Salary: £800 - £999 per day Working Pattern: 40 hours per week / Full time Embark on a transformative career journey with SSE energy company, where innovation meets impact in the heart of the IT sector. As a pivotal player in our forward-thinking team, you'll harness cutting-edge technology to drive change … security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443. * Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT More ❯

. ✔️ Strong experience drafting & negotiating commercial contracts. ✔️ Knowledge of data protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS / fintech / tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional More ❯

. ✔️ Strong experience drafting & negotiating commercial contracts. ✔️ Knowledge of data protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS / fintech / tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional More ❯

continuous improvement, recognition, and accountability. About You Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience). Strong experience in software QA, ideally within Agile / Scrum environments. In-depth knowledge of QA methodologies, tools, and processes. Experience with automated testing tools and scripting. Skilled in usability, performance, or security testing (desirable). Familiarity with … Microsoft SQL Server or similar database technology (desirable). Excellent analytical, problem-solving, and organisational skills. High attention to detail with clear communication skills. Experience with ISO 9001 and ISO 27001 standards is advantageous. Previous leadership or mentoring experience is desirable. More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

27001, NIST, etc.) is a plus Proficiency in project management tools (e.g. Jira, Confluence, MS Project, or similar) Additional Skills - Certifications like PMP, Prince2, or CISM / CISSP - Experience working with external PEN Testing vendors or consultancies - Ability to influence and drive remediation efforts across diverse team More ❯

27001, NIST, etc.) is a plus Proficiency in project management tools (e.g. Jira, Confluence, MS Project, or similar) Additional Skills - Certifications like PMP, Prince2, or CISM / CISSP - Experience working with external PEN Testing vendors or consultancies - Ability to influence and drive remediation efforts across diverse team JBRP1_UKTJ More ❯

27001, NIST, etc.) is a plus Proficiency in project management tools (e.g. Jira, Confluence, MS Project, or similar) Additional Skills - Certifications like PMP, Prince2, or CISM / CISSP - Experience working with external PEN Testing vendors or consultancies - Ability to influence and drive remediation efforts across diverse team More ❯

and maintain secure, well-documented financial and third-party integrations. Enhance the integration framework for scalability, performance, and industry alignment. Assist customers and partners in integration setup and API / gateway usage. Support and expand integrations for features like event tracking and CO2 reporting. Ensure integration development aligns with modern security and GDPR standards. Implement structured logging, monitoring, and … documentation. Contribute to internal knowledge bases and explore automation tools (Power Automate, Zapier). Essential Experience: Extensive experience with C# / .NET (Core or Framework) in integration-heavy environments Understanding of REST, WebAPI, event-driven architectures, and asynchronous messaging Hands-on experience in building resilient, fault-tolerant systems using retry patterns, queues, and circuit breakers Proficiency in integration security … spoken and written) as this role is working with colleagues and clients to understand requirements, explain solutions and document clearly. Desired: Experience integrating with financial or ERP systems Swagger / OpenAPI documentation for Open APIs Familiarity with Azure services and automation tools like Power Automate or Zapier Exposure to IoT or Telematics platforms Awareness of ISO 27001 More ❯

Cybersecurity Consultant – Manager Location – Hybrid – London 1 day / wk (ish) Salary £65 – £80k + all the usual benefit’s Looking for more than just another consulting gig? If you're a seasoned cybersecurity consultant who’s hands-on, client-focused, and ready to lead — this is your chance to play a pivotal role in shaping this fast-growing … complex consulting projects for major UK clients — from security gap assessments to crisis simulations, risk frameworks, and technical reviews. Support the development and delivery of both technical (e.g. M365 / cloud config reviews, vulnerability assessments) and GRC engagements. Help shape and evolve our cyber propositions , working closely with delivery leads across managed services, threat intel, and MDR. Scope and … inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an More ❯

support smarter, faster decision-making at every level of the firm. With a small but growing team, we're looking for someone ready to wear multiple hats-from business / data analysis to solution design, implementation, and testing. The core foundation is in place-now we need someone to help operationalise and scale it, turning potential into business value. … SQL queries and stored procedures, and formal database design methodologies. Experience in setting up monitoring and data quality exception handling. Strong data modelling experience. Experience managing and developing CI / CD pipelines. Experience with Microsoft Azure products and services, and proficiency in ETL processes. Experience of working with APIs to integrate data flows between disparate cloud systems. Strong analytical … Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to a More ❯