22 of 22 ISO/IEC 27001 Jobs in Bristol

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST 800-53 or OWASP … Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST 800-53 or OWASP … Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa More ❯

principles and methodology Sound knowledge of information security risk management and a working knowledge of cybersecurity technologies Knowledge of common information security management frameworks, such as ISO / IEC 27001, as well as those from NIST, including 800-53 and Cybersecurity Framework Desirable: Relevant accreditations including Cyber Essentials, Cyber Assured, etc. In terms More ❯

build and operate the Azure-based Internal Developer Platform as a product, enabling self-service environment provisioning and repeatable golden paths. Develop and maintain Infrastructure as Code (Terraform and / or Bicep) modules and reusable templates for AKS, networking, storage, databases, and app runtimes. Implement and evolve CI / CD pipelines (HL version control set) with quality gates … testing, security scanning, and progressive delivery. Introduce and run GitOps for Kubernetes (AKS preferred), patterns and multi-environment promotions. Own platform observability: metrics, logs and traces using Azure Monitor / Log Analytics / Application Insights, plus Datadog / Grafana where appropriate. Embed security by design: Azure Policy, Defender for Cloud, secrets management with Key Vault, SBOM and … image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs / SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform enhancements. Implement cost visibility and optimisation (FinOps More ❯

standards for compliance (including NIS-R, ISO 27001 and SEMD) and incorporating cyber, physical and personnel security risks. Developing and implementing a Risk Management framework / model and guiding the selection of appropriate GRC tools. Planning and delivering a regular Security Risk Management Group (SRMG) function. Developing a framework, processes and tooling, and leading the … providing written and verbal briefs to senior leaders, Working Groups and the board. Actively developing the Security Risk Management knowledge and skills of Information Security colleagues and other YTL / WWSL colleagues when appropriate. Regularly seeking to refine the measurement, assessment and management of risk: includes improved deterministic risk assessment techniques and adoption of probabilistic assessment approaches (such as … Monte Carlo modelling techniques). What you'll need Significant experience in Security Risk Management in Government organisations, National Infrastructure and / or Critical National Infrastructure organisations or similar enterprises. Experience implementing Risk Management in large organisations. Experience in evaluating and managing third-party security risk. Experience of working to achieve and maintain compliance with the requirements of regulatory More ❯

principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication and … space system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

alternative approaches considering risk, compliance, cost, and operational impact, ensuring sustainable security outcomes. Key Responsibilities Infrastructure & Network Security Design, implement, and maintain secure network architectures, including firewalls, VPNs, IDS / IPS, and segmentation controls. Microsoft Platform Security Design and harden Microsoft Operating Systems (Server and Desktop), Active Directory, and Group Policies to enforce robust security baselines. Authentication & Access Control … Essentials, supporting audits and certification processes. What We're Looking For Proven experience in infrastructure or network security within complex enterprise environments. Strong knowledge of Microsoft technologies (Windows Server / Desktop, Active Directory, Group Policies). Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with … in people, offering a clear progression pathway into our consultancy service, and we will passionately support professional growth to develop our employees. Flexible working is available, including part‐time / term‐time patterns. All suggestions are welcomed and will be discussed as part of a proposed employment package. Logiq is dedicated to fostering an inclusive workplace. Our commitment is More ❯

Job Title: Security Consultant Location: Hybrid (Bristol / Wiltshire office, circa 2 days pw) Salary: £45,000 - £75,000 + Benefits Are you an experienced Security Consultant looking for your next challenge? We are seeking passionate cyber security professionals with strong expertise in governance, risk and compliance (GRC), who can deliver complex projects and build trusted client relationships. As … a Security Consultant , you will work on a variety of Defence and Public Sector assignments, requiring current SC clearance. Projects will range from risk assessments and ISO 27001 implementations to developing full ISMS frameworks and supporting clients through accreditation. You'll provide expert guidance across standards such as NIST, CAF, and Secure by Design. Security Consultant … remote working, training budget, private healthcare, bonus scheme, and a culture that values collaboration, growth, and well-being. Take the next step in your career as a GRC Specialist / Security Consultant - apply today. People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including More ❯

consider Java Experience working with Linux Collaborative mindset and empathy for end users – the kind of person who thinks about usability and accessibility. Knowledge of ISO 9001 / 27001 standards (or similar regulated environments). Hold a British Citizenship & eligible for SC security clearance Highly desirable: Android development beyond phones and consumer apps, ideally integrated … hardware. Bonus points if you’ve worked in defence or another highly regulated space – but it’s not essential. Experience with any of the following... Devices with RF integration / Industrial scanners / Bluetooth-connected hardware like heart rate monitors / Custom embedded Android platforms (Android TV, etc.) Get in touch with your CV today to find More ❯

infrastructure, data pipelines, security, governance and scalability. You will ensure the environment remains robust, trusted and aligned with the highest standards of data protection and interoperability, including SATRE and ISO27001, giving partners and the public confidence their data is safe. This hands-on role suits a leader who thrives on managing complexity and problem solving. Collaboration is key, working with … of the SWSDE platform, ensuring security, stability, and scalability at all times. Manage and monitor system security , including threat detection, risk management, and incident response, ensuring compliance with SATRE, ISO27001, DSPT, and NHS cybersecurity frameworks. Develop and maintain secure data pipelines from contributing NHS and partner organisations, ensuring interoperability, data quality, and adherence to governance standards. Provide technical leadership to … as Prince 2 and Managing Successful Projects Experience of identifying and interpreting National policy. Experience of researching best practice (globally, private and public sector), interpreting its relevance and processes / practices which could be implemented successfully to achieve system reform (advising on policy implementation) Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act More ❯

client's risk profile and operational needs. Guide clients in developing and improving their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments with … of experience in SIEM consulting, SOC, or security operations roles with a focus on threat detection and response. Strong understanding of threat detection methodologies, security frameworks (e.g., NIST, ISO 27001), and compliance requirements. Experience with SIEM design and architecture, data ingestion, log management, and custom dashboard creation. Familiarity with cloud-native security solutions and knowledge of More ❯

DevOps, or infrastructure engineering role. Strong hands-on experience with Docker and Docker Swarm in a production environment. Proficiency with core AWS services: EC2, S3, CloudWatch, IAM, ELB, ECS / Fargate, and RDS. Solid understanding of Linux server environments, command-line operations, and scripting. Experience in supporting real-time or mission-critical systems (security, IoT, or similar sectors). … Familiarity with log aggregation, monitoring, and alerting tools (e.g., ELK, Prometheus, Grafana). Good understanding of networking, VPNs, load balancing, DNS, and firewalls. Comfortable with Git and CI / CD workflows. Excellent troubleshooting skills and structured problem-solving approach. Strong written and verbal communication skills. Desirable / Nice to Have: Experience with Microsoft Azure cloud services. Background or … of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI / CD pipelines and automation tools (e.g., GitHub Actions, Jenkins). Exposure to monitoring tools like Prometheus, Grafana, or ELK stack. Experience supporting enterprise customers in a B2B SaaS or More ❯

across cloud environments Deliver Infrastructure-as-Code (IaC) solutions to optimise efficiency, security and scalability Provide AWS infrastructure support within a large-scale, complex environment Design and enhance CI / CD pipelines to support secure, automated deployments Develop and maintain orchestration strategies for seamless, repeatable and compliant deployments Conduct proactive security assessments, incident response and remediation activities Collaborate with … IAM, KMS, CloudTrail, Config, GuardDuty, Security Hub, WAF) Strong experience delivering and maintaining IaC using tools such as Terraform or AWS CloudFormation Understanding of DevSecOps principles and secure CI / CD pipeline implementation Proven track record supporting and securing large-scale AWS infrastructures Familiarity with automation and orchestration tools (e.g., Ansible, Jenkins or AWS CodePipeline) Desirable AWS Security Specialty … or Solutions Architect certification Experience working within regulated industries (e.g., finance, insurance or public sector) Knowledge of compliance frameworks such as ISO 27001, NIST or CIS Benchmarks Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of More ❯

SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience within Operational Technology / IoT-rich environments would be an added bonus If this sounds like a role you would be interested in, please apply online ASAP - Shortlisted applicants will be contacted within More ❯

production D365 business services. What you'll do In this exciting role, you will: ensure best practice ticket management in accordance with internal service management KPI's, ITIL and ISO27001 accreditation ensure we are proactive in our support and maintenance, working with system logs help end users maximise efficiency through effective use of D365 applications become a subject matter expert More ❯

fast-growing consultancy. Key Responsibilities of the IT Technical Lead: Define and maintain TwinStream's IT strategy in partnership with leadership. Take ownership of our IT estate, from AWS / M365 accounts to endpoint management. Provide technical leadership and mentoring to the IT team. Drive incident resolution and problem management when needed. Partner with stakeholders across Delivery, InfoSec, Finance … Infrastructure as Code (Terraform, Microsoft365DSC, etc.). Backup & Disaster Recovery planning and execution. SaaS deployment and support, ensuring compliance. Engaging with stakeholders at all levels. Desirable extras: Knowledge of ISO27001, Cyber Essentials Plus, and information security tooling. Public sector client experience. Linux and Windows system administration. Why Join Us? Generous Pension – 8% employer contribution Private Medical Healthcare – including dental & optical More ❯

to the team. Key Responsibilities of the Lead Infrastructure Engineer: Define and maintain TwinStream's corporate IT strategy with senior leadership. Own and manage the IT estate—from AWS / M365 accounts to mobile devices and laptops. Provide technical leadership, mentoring, and guidance to the IT team. Work with our Service Manager to continuously improve IT capabilities as an … monitoring). Infrastructure as Code (Terraform, Microsoft365DSC). Backup & Disaster Recovery planning and execution. SaaS deployment and integration. Strong stakeholder engagement and communication skills. Nice to Have: Knowledge of ISO27001, Cyber Essentials Plus, and InfoSec tooling. Experience working with public sector customers. Linux and Windows system administration. Why Join Us? Pension Plan – 8% employer contribution. Private Medical Healthcare – including dental More ❯

and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus – Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯

and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus – Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯

within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy / More ❯

ready for operational handover. Manage risks associated with installation or decommissioning, communicating with project managers and other stakeholders, and adopting measures to reduce risks. Plan, estimate, and schedule installation / decommissioning work, minimizing disruption and seeking necessary approvals for changes. Maintain high levels of IT security by implementing security baselines and configuration hardening in collaboration with cyber security engineers. … relevant infrastructure experience in an IT Engineer role. Strong experience with Microsoft environments and implementing security best practices. Knowledge of network security principles, IAM, and compliance frameworks like ISO 27001. Proficiency in virtualisation technologies, public cloud platforms, and hybrid environments. Excellent communication skills, able to act as a bridge between technical and non-technical stakeholders. If you are More ❯

and market leading manner. This position is a key part of ensuring ongoing work is delivered effectively for the Pensions Administration business. The role will report into the Work / Skill Leads and will be part of the Admin Systems team. You will work closely with the Pensions Administration business as well as stakeholders from across Isio. What does … team to develop and enhance understanding. Participate in the training and development of the Admin Systems team as well as mentoring less experienced colleagues. Ensure processes support Isio’s ISO27001 & ISO22301 certifications and are built with security considerations as a key element. What we’re looking for Proven record of delivering solutions across pensions admin systems. Proven systems expertise across More ❯