24 of 24 ISO/IEC 27001 Jobs in Central London

continuous monitoring improvements. Design, implement, optimize, and monitor security controls and tooling from the ground up, strengthening security across endpoints, infrastructure, and application CI / CD pipelines. Collaborate with engineering teams to raise the security bar through reviews, guidance, and automation. Respond to security incidents in real time - manage … participate in tabletop exercises, incident simulations, and coordinate external penetration tests. Partner with Solutions Engineering to support enterprise customer onboarding, including SSO integrations (SAML / OIDC), network allowlisting, and security reviews. Join customer-facing technical and security discussions where needed, acting as a trusted security point of contact. Risk ...

cybersecurity audits for client organisations in line with UK regulations. Assess compliance with: UK GDPR & Data Protection Act 2018 NIS Regulations ISO / IEC 27001 Cyber Essentials / Plus Telecommunications (Security) Act 2021 Identify risks and provide actionable recommendations. Produce clear audit … auditing, ideally in a consultancy or client-facing role. Strong knowledge of UK legal frameworks and compliance standards. Relevant certifications (e.g. CISA, CISSP, ISO 27001 Lead Auditor). Excellent communication and stakeholder engagement skills. Ability to work independently and manage multiple client engagements. This ...

Systems Engineer / SaaS & Identity Engineer (Contract) – Inside IR35 Contract: 6 months (likely), Inside IR35 Start: ASAP Location: Hybrid – 3 days / week onsite Notice: Up to 4 weeks considered Overview We are looking for an IT Systems Engineer (generalist) to support and enhance their internal tooling stack. … This is a contract role providing additional capacity / cover while permanent hiring is ongoing. This role is less about being a deep specialist in one platform and more about being a capable engineer across multiple core systems, able to jump into BAU + project work. Key Responsibilities Administer ...

week. In order to be suitable for this role you must be an accomplished Information Security Manager with an expert understanding of ISO 27001 standards. You will oversee the Governance, Risk and Compliance (GRC) framework, ensuring robust standards are met across information security, physical security, crisis … suitable for this role of significant responsibility you must be an accomplished Information Security Manager with proven experience of working to ISO 27001 standards. You will act as the Lead Implementer for the ISO 27001 Information Security Management System (ISMS), driving ...

Senior Security Analyst / Security Engineer London (City) | £80,000–£90,000 | PermanentIf you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring … hands-on Senior Security Analyst / Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years ...

solution designs including API contracts, integration patterns (Azure Functions, Logic Apps, Event-driven), security boundaries, and observability. Architect document intelligence pipelines (classification / extraction / OCR / validation) and integrate with downstream systems (CRM / ERP / ITSM / EDM). Define non-functional … requirements (availability, latency, throughput, cost, DR / RTO-RPO) and ensure solutions meet them. Implement identity & access (Entra ID), data isolation, Key Vault secrets, network security (Private Endpoints), and content filtering. Embed Responsible AI practices: safety filters, prompt / content governance, data privacy, red-teaming guidance, and human ...

Proven experience delivering maturity assessments, gap analyses and framework design * Structured, detail-oriented problem-solving approach Desirable Skills & Attributes * Degree Educated in either Risk / Finance / Law / Business * Professional certifications including: CTPRP, CIPS, CPSM, CISA, ISO 27001 Lead Implementer / Auditor, or other relevant risk and compliance certifications * Experience in sourcing and / or procurement environments Please apply for immediate interview! CBSbutler is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. CBSbutler ...

with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ISO 22301 / business continuity Coordinate internal / external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate ...

regulated environments; familiarity with AI and data frameworks (DAMA-DMBOK, NIST AI RMF, ISO 23894, ISO 27001, GDPR / DPA 2018); hands-on with platforms such as Microsoft Purview, Azure ML, Databricks, Power BI, Collibra, or Alation; exposure to MLOps practices. ...

operational improvements and recommending remediation actions. Business Systems Implementation Support the selection process and deployment of core business platforms (Portfolio Management, CRM, Microsoft 365 / Google Workspace, ERP / Finance). Support client(s) in navigating the technology landscape surrounding Digital Assets and cryptocurrency investments. Infrastructure, Security & Resilience … migration projects, including network redesign, platform hardening, and workload migration. Design, implement, and optimise Identity & Access Management (IAM) solutions (e.g., Okta, Microsoft Entra ID / Azure AD, Ping Identity). Implement and support secure remote access and VPN solutions (e.g., Palo Alto Global Protect, Cisco AnyConnect, Zscaler ZPA). ...

compliant and resilient technology estate. You will also contribute to enhancing identity security, infrastructure protection, awareness initiatives, and the onboarding of systems to SOC / SIEM tooling. This role is ideal for someone with strong technical knowledge, excellent communication skills and a passion for defending large-scale environments from … DMARC / DKIM / SPF, networking fundamentals and TCP / IP. Familiarity with frameworks such as MITRE ATT&CK, ISO27001, CIS benchmarks, NIST, Cyber Essentials. Ability to explain technical concepts to non-technical audiences. Strong documentation, analysis and problem-solving skills. Experience in security auditing ...

Experience Essential: Strong grounding in security engineering principles, practices and risk management. Experience working with a broad range of security controls (e.g., SIEM, IDS / IPS, firewalls, secure SDLC, cloud security configuration, CIS hardening, API security). Knowledge of security frameworks such as NIST, ISO 27001 … equivalent professional certification. Multi-year experience in a security engineering role. Desirable: CISSP certification. Cloud security certifications for AWS. Risk management experience (CRISC, ISO 27005, NIST RMF). Network security and coding experience (Python, Bash, PowerShell, GitHub). Penetration testing exposure. ...

Senior AWS Platform Engineer (Security) £540.00 per day Umbrella UK - Predominantly remote some travel to London / Manchester Initially till end of March (likely contract extension) SC Clearance Required Our client is currently looking for an experienced Platform Engineer with a strong focus on AWS security architecture and governance. … security posture assessments and audits. Automation & Infrastructure as Code: - Automate security configurations using Terraform, AWS CDK, or CloudFormation. Embed security checks into GitHub CI / CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

Financial Services industry, preferably Insurance is essential Previous management experience in an Information Security role Experience working with Cyber Essentials, GDPR and preferably DORA, ISO27001 / NIST CSF Experience working in a regulated industry - financial / pharmaceutical - large volumes of data Experience working with auditors or regulators Hybrid ...

delivery partners. Key Responsibilities • Own infrastructure and cloud strategy, including on-prem to Azure migration• Define architecture standards, security policies, and governance frameworks• Lead ISO27001 compliance and Cyber Essentials Plus readiness• Establish infrastructure lifecycle, change, and configuration management (CMDB)• Lead and develop a small infrastructure team• Provide clear reporting ...

Head of Technology, this role will lead a mixed portfolio of in-house and off-the-shelf systems, introduce a formal SDLC / Secure SDLC , and mature release, change, and governance processes. Stakeholder engagement is central — this role acts as the bridge between Technology, Partners, and fee earners.This … releases, change, testing, and prioritisation across BAU and projects• Support application readiness for Azure migration alongside Infrastructure• Ensure application security, compliance, and contribution to ISO27001 / CE+ Key Requirements • E xperience in the legal sector • Strong background managing enterprise applications in a professional services environment• Proven experience implementing SDLC ...

governance frameworks. This senior leadership role requires deep expertise across regulatory, industry, and cybersecurity standards specifically the UK Telecom Security Act, PCI DSS, ISO 27001, and NIS2. You will act as the organisations authoritative subject-matter expert, ensuring end to end compliance, overseeing risk posture … strategy that ensure alignment with business objectives and regulatory obligations. You will be an authority on the Telecoms Security Act, PCI DSS, NIS2 and ISO27001, and will have proven experience with risk management and security assurance. This is an outstanding opportunity for an accomplished GRC Manager to join a market ...

week. In order to be suitable for this role you must be an accomplished Information Security Manager with an expert understanding of ISO 27001 standards click apply for full job details ...

reducing downtime, and providing the secure, scalable foundation needed to enable growth and productivity. The role includes establishing an Infrastructure Development Lifecycle (IDLC), maintaining ISO27001 and Cyber Essentials Plus compliance, developing and managing the Configuration Management Database (CMDB), and creating a technology roadmap to transition from traditional on-premises infrastructure … systems to MS Azure cloud for scalability. Skills Required Strong knowledge of Microsoft Azure, Windows Server, Active Directory, Networking, Virtualisation, Endpoint Management, and Backup / Recovery solutions. Strong technical knowledge of LAN, WAN, VPN and server Windows Server administration, virtualisation platforms and storage solutions. Expertise in Microsoft 365 Cloud ...

Deep understanding of access management, intrusion detection, and network security (routers, NLBs, V-LANs). Proficiency in applying industry standards and legislation such as ISO27001, PCI DSS, and SOX. Preferred Qualifications: Industry-recognised certifications such as CISSP, CISA, or CISM. Product-specific certifications in Cisco or Checkpoint technologies. Hands … experience with VA / PT tools, Anti-Malware, and Email security solutions. London Based | Permanent Role | £85,000 + (DOE) If you are ready to manage multiple projects at various lifecycle stages and provide high-level technical support, I want to hear from you. If the above sounds ...

strong Governance, Risk, and Compliance (GRC) frameworks aligned to business objectives Oversee information security risk management, including risk identification, assessment, treatment, and reporting Manage ISO27001 compliance, including certification, audits, continuous improvement, and associated documentation Ensure compliance with relevant regulatory and legal frameworks related to information security and data protection Provide … relates to information security Demonstrated track record of developing and delivering effective information security strategies and programs Hands-on experience managing ISO27001 compliance within a regulated environment Strong knowledge of regulatory frameworks and industry standards relevant to cyber and information security Excellent interpersonal and communication skills, with the ability ...

compliance requirements. This involves enforcing proper access controls and software patching to protect sensitive data. Participate in risk assessments (e.g., Cyber Essentials Plus and ISO27001) and remediation activities related to application security and operational resilience. Reporting & Communication Provide clear communication and reporting on progress, incidents, and releases to stakeholders, highlighting … regular reporting to the Head of Technology on application performance, risk status, and strategic progress. Skills Required Proficient in SQL, C#, Python, Java, HTML / CSS, and related development frameworks. Understanding of API integration, data modelling, and application performance tuning. Strong project management skills are essential for implementing ...

ensure that decision making for policy and consultancy activities meet business objectives and comply with all legal, regulatory and policy standards, requirements and / or directives, at local and national levels. Forge strong relationships with National Policing Programme personnel and key PDS stakeholders across Policing, enabling effective implementation … ability to demonstrate the use of the NIST Cyber Security Framework, mapping and translating NIST Cyber Security Controls to other frameworks such as ISO27001 and CIS Top 20 controls. ...