21 of 21 ISO/IEC 27001 Jobs in the City of London

regulations like ISO 27001, NIST, GDPR Coordinate audits (internal and external) Perform vendor risk assessments Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with … legal / security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and risk management frameworks Experience with risk assessments and developing mitigation plans Experience producing internal audits, reports, gap analyses Experience maintaining compliance with frameworks like ISO 27001, PCI-DSS If you are interested, please apply immediately as first stage interviews will be taking place next week. Alternatively, feel free to reach me directly on h.barmi @ ioassociates . co . uk. More ❯

dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science / IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500 / 204, SC-100 / 200 / 300 / 400. Proven experience managing a SOC / Security Operations function within housing association / public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR More ❯

dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science / IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500 / 204, SC-100 / 200 / 300 / 400. Proven experience managing a SOC / Security Operations function within housing association / public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR More ❯

Cloud Application Security Engineer / Cloud Security Engineer - AWS / AppSec / IAM (Okta) Application Security Engineer / AWS Security Engineer / CloudSec Location: Hybrid London (2 days per week onsite) Ready to drive secure engineering at scale in a leading fintech? Were looking for … Youll work with DevOps and engineering teams to build secure-by-design solutions in AWS using tools like IAM, Okta, AWS Shield, and SAST / DAST. This is a high-impact role with a focus on AppSec, cloud security architecture, observability and secure software development . Key Responsibilities Conduct … secure code reviews and threat modelling Improve security in AWS (Security Hub, Shield, IAM) Integrate AppSec practices into CI / CD pipelines Run vulnerability management and bug bounty programs Build security dashboards, frameworks, and reusable libraries Promote secure coding and AppSec best practices across teams What You Bring Deep More ❯

requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to … response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security … Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access More ❯

depending on relevant experience Hours: Full-time, Monday to Friday Work Location: Office-based during probation, then hybrid (3 days office / 2 days WFH) Full time / Permanent Remarkable Jobs are recruiting on behalf of a well-established and respected cybersecurity consultancy. We are seeking a GRC … will be responsible for conducting audits, writing clear and actionable reports, and advising clients on how to align with industry standards such as ISO 27001, SOC 2, PCI DSS, DORA, and more. You'll also be involved in pre-sales activities, mentoring junior consultants, and representing … the business externally. GRC Cyber Security Consultant Key Responsibilities: Deliver compliance assessments and risk audits (ISO 27001, SOC 2, NIS2, PCI DSS, DORA, UK DPA) Conduct supply chain and project-specific risk assessments Prepare comprehensive audit documentation and remedial recommendations Liaise directly with clients, delivering projects More ❯

Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams More ❯

enhance our security posture. Ensure alignment of security strategies with business objectives and compliance mandates. Hands-on DevSecOps Implementation: Integrate security practices into CI / CD pipelines, automating security testing and compliance checks. Collaborate with development and operations teams to ensure secure coding practices and configurations. Implement and manage … network architectures are secure, scalable, and resilient. Policy Development and Compliance: Develop and enforce security policies, standards, and guidelines. Collaborate with the Compliance Manager / CISO to ensure adherence to regulatory requirements (e.g., GDPR, ISO 27001). Incident Response and Management: Establish and maintain incident … with cloud security architectures (AWS). Technical Skills: understanding of security principles, protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI / CD, Ansible, Terraform). Experience with security tools like SIEM / SOAR (preferably Rapid7), IDS / IPS, vulnerability scanners, and code analysis More ❯

equivalent) ideally in computer science or a related field Familiarity with internationally recognised IT Security standards and frameworks such as Cyber Essentials, NIST, or ISO27001 / 2 Understanding of how IT Security tooling such as Firewalls, AV, Proxies and IDS / IPS operate Familiar with the Microsoft stack More ❯

expertise. Ability to optimize operational costs while maintaining service quality. Regulatory & Compliance Expertise Knowledge of security industry regulations, standards, and best practices, including: ISO 27001 (Information Security) GDPR (for data privacy in surveillance) CPNI (Centre for the Protection of National Infrastructure) guidelines Local and international security More ❯

risk, cyber maturity, security architecture, cyber transformation, and regulatory compliance for cyber. Experience with recognised cyber security standards and regulations like NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR, and NIS2. Experience working in various organisational contexts to develop cyber strategy and manage cyber risk. A desire to work with large More ❯

remediation projects to address areas of technology risk Maintain up-to-date documentation, policies, and standards aligned with industry frameworks (e.g., ITIL, NIST, ISO 27001) Produce clear and actionable Management Information packs to communicate key risks and trends to leadership Organise and support governance committee meetings … automation skills (e.g., Bash, PowerShell, SQL, Python) Exposure to technology governance, risk, and service management activities. Supporting compliance with ITIL, NIST, CSF, or ISO frameworks Drafting technical policies and standards Facilitating business continuity and disaster recovery assessments and testing Responding to regulatory and due diligence requests Solid understanding More ❯

remediation projects to address areas of technology risk Maintain up-to-date documentation, policies, and standards aligned with industry frameworks (e.g., ITIL, NIST, ISO 27001) Produce clear and actionable Management Information packs to communicate key risks and trends to leadership Organise and support governance committee meetings … automation skills (e.g., Bash, PowerShell, SQL, Python) Exposure to technology governance, risk, and service management activities. Supporting compliance with ITIL, NIST, CSF, or ISO frameworks Drafting technical policies and standards Facilitating business continuity and disaster recovery assessments and testing Responding to regulatory and due diligence requests Solid understanding More ❯

technologies. (E.g. Red Hat Linux, Amazon Linux, Debian, git, SSH, rsync, nginx, apache, etc) Familiarity and experience with core Information Security principles and ISO 27001 accreditation (E.g. threat modelling, compartmentalisation, separation of concerns, principle of least privilege, etc) Ability to work independently and as part of More ❯

of the firm's systems and data worldwide. Key responsibilities: Develop and deliver security and infrastructure strategies aligned with business goals Drive compliance with ISO27001, Cyber Essentials+, and regulatory requirements Collaborate with senior stakeholders to meet service levels and security standards Lead the Cyber Security and Infrastructure teams to maintain More ❯

understanding of security controls and their effective implementation within corporate environments. The role will also require good relationship management skills across the assigned region / sub-region to enable business adoption. As a Director within the Regional Security Office (RSO) service you will be accountable for service delivery to … the assigned region / sub-region and solution lines. The role with need to have effective relationships with senior leadership to support the delivery of the regional / sub-regional business goals and operate an effective security risk management regime against an agreed security risk mitigation strategy. As … assurance and Audit practice is desirable. Security certification (CISSP,CISM) is an advantage. Understanding and experience of delivering compliance standards, including; Sarbanes Oxley (404), ISO27001 and Cyber Essentials+. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment More ❯

offering a fully remote opportunity with the occasional team meet-ups in London. Key Skills: Lead and maintain compliance frameworks (UK GDPR, DPA 2018, ISO27001, FCA AISP), ensuring up-to-date policies, procedures, and controls across data protection, information security, and regulatory risk. Act as Data Protection Officer (DPO), managing … automation-friendly compliance and security practices, and communicate risks clearly to leadership. Proven experience in compliance and infosec, with strong regulatory knowledge (UK GDPR, ISO27001), excellent communication skills, and ideally relevant certifications (e.g. CIPP / E, CISSP). If you are interested in the open role please come back More ❯

offering a fully remote opportunity with the occasional team meet-ups in London. Key Skills: Lead and maintain compliance frameworks (UK GDPR, DPA 2018, ISO27001, FCA AISP), ensuring up-to-date policies, procedures, and controls across data protection, information security, and regulatory risk. Act as Data Protection Officer (DPO), managing … automation-friendly compliance and security practices, and communicate risks clearly to leadership. Proven experience in compliance and infosec, with strong regulatory knowledge (UK GDPR, ISO27001), excellent communication skills, and ideally relevant certifications (e.g. CIPP / E, CISSP). If you are interested in the open role please come back More ❯

tests. Business Development & Account Management: Perform information security assessments of Veramed. Complete questionnaires and participate in client audits and inspections. Provide input for RFIs / RFPs as required. Training: Develop and provide IT training programs to staff, enhancing overall IT literacy and security awareness. Person Specification: Proven experience in … in day-to-day IT tasks. Excellent vendor management and negotiation skills. In-depth knowledge of Microsoft 365 administration and new functionalities. Experience with ISO27001 certification and information security management. Strong project management skills, with the ability to lead diverse IT projects. Effective communication and leadership skills, capable of working More ❯

tests. Business Development & Account Management: Perform information security assessments of Veramed. Complete questionnaires and participate in client audits and inspections. Provide input for RFIs / RFPs as required. Training: Develop and provide IT training programs to staff, enhancing overall IT literacy and security awareness. Person Specification: Proven experience in … in day-to-day IT tasks. Excellent vendor management and negotiation skills. In-depth knowledge of Microsoft 365 administration and new functionalities. Experience with ISO27001 certification and information security management. Strong project management skills, with the ability to lead diverse IT projects. Effective communication and leadership skills, capable of working More ❯

migrations from on-prem into Azure, and O365. Job duties of the Senior Infrastructure Engineer: Design of the enterprise infrastructure landscape. Writing HLD's / LLD's and implementing the designs. Administration of O365 (SharePoint, Security, Defender, Teams, Exchange). Azure Hybrid Cloud administration, contributing to the migration into … migration experience is a must. Infrastructure design and architecture experience. Experience working with a complex, enterprise infrastructure environment. Implementation of backup solutions and development / testing of disaster recovery plans to ensure business continuity. Experience with Acronis is very advantageous. Scripting and automation experience. Networking knowledge and skills (TCP … IP, DNS, WAN / LAN ect.), ideally with Cisco technologies. End User Computing (Intune, Group Policy, Virtual Desktop ect.). Understanding of ISO27001 compliance and security monitoring tools (defender, purview ect.). Senior Infrastructure Engineer London Up to £75,000 per annum To discuss this exciting opportunity in More ❯