4 of 4 ISO/IEC 27001 Jobs in Cardiff

security procedures, contribute to threat intelligence activities, and help ensure critical national infrastructure and information remain protected. The ability to speak Welsh is desirable for this post; Welsh and / or English speakers are equally welcome to apply. About us Digital Health and Care Wales (DHCW) is an expert national body and part of NHS Wales. We work in … and ensure all activity supports the wider goals of Digital Health and Care Wales and NHS Wales. Person Specification Qualifications and Knowledge Essential A Postgraduate degree (or equivalent qualification / experience) in an associated professional field. Practical experience, working at this level, across the range of work procedures and practices. Desirable Theoretical and specialist knowledge, gained within one or … styles. Familiar with incident management tools, including interrogation of incident database, creation of parent and child incidents, creation of queries to seek trends and use of known error logs / databases. Familiar with any tool or system which provides security access control (i.e. prevents unauthorised access to systems). Desirable Experience of writing clear and effective Standard Operational Procedures More ❯

scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in ensuring the organisation meets security standards (e.g., ISO 27001, GDPR, Cyber Essentials) Security Awareness : Contribute to internal training and awareness campaigns to improve staff cyber hygiene Incident Investigation : Support in analysing and documenting cyber incidents … related discipline Strong interest in cyber security and desire to build a career in the field Basic understanding of cyber threats, security principles, and best practices Familiarity with Windows / Linux operating systems and networking concepts Strong analytical and problem-solving skills Good communication skills and the ability to explain technical concepts clearly Nice to Have (But Not Required … Excellent Company Benefits We believe in supporting our people from day one. Here’s what we offer: 25+ Days Annual Leave + bank holidays (with the option to buy / sell extra days) Hybrid & Flexible Working – work from home and the office Annual Bonus Scheme based on personal and company performance Professional Certification Support – we’ll cover exam costs More ❯

. 4. Delivery Ownership • Own the full lifecycle of product features-from design to deployment and maintenance. • Ensure on-time delivery by identifying and mitigating risks early. • Champion CI / CD practices and ensure smooth, automated deployment pipelines. 5. Reliability, Security, and Observability • Own the uptime, latency, and performance SLAs of financial APIs and services. • Proactively monitor risk vectors … and enforce observability via metrics, logging, and alerting. • Work with DevSecOps to embed security testing into the CI / CD pipeline. 6. Stakeholder Communication • Serve as the main technical point of contact for the Origination product suite. • Communicate progress, challenges, and trade-offs with both technical and non-technical stakeholders. • Present architectural proposals and technical updates to leadership. What … API design, data security). • Familiarity with industry tech stack (e.g., React, Java, .NET, AWS, Azure) • Understanding of cloud-native principles, DevOps, and containerization (e.g., Docker, Kubernetes). • Agile / SCRUM experience Leadership • Strong decision-making and prioritization skills. • Ability to balance speed and quality under business pressures. • Strong communication with both technical and non-technical stakeholders, especially in More ❯

and on-prem platforms, and ensuring systems are resilient and secure-by-design. Key Duties: Champion Secure by Design principles across teams and platforms. Align architecture with NCSC, GovAssure, ISO27001, PCI-DSS, and GDPR standards. Guide and support technical teams in making risk-aware, security-focused decisions. Shape roadmaps, frameworks, and compliance plans that support innovation. Provide expert advice on … contributions to the GovAssure process and other audit / compliance activities. Requirements: Proven experience in security architecture and leadership. Strong understanding of compliance frameworks and cybersecurity standards (NCSC, ISO27001, GDPR, PCI-DSS). Experience in cloud, hybrid, and on-premise environments. Excellent communication, mentoring, and problem-solving skills. Ability to influence technical decisions and guide teams across multiple platforms. More ❯