1 to 25 of 99 ISO/IEC 27001 Jobs in the East Midlands

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

MuleSoft, and legacy systems. Create patterns for zero-trust, API security, and data protection. Own Identity & Access: Design enterprise IAM with IdP integration (SSO / SAML / OIDC), SCIM provisioning, lifecycle controls, and secret management. Platform Security Leadership: Implement Salesforce Shield, Event Monitoring, Transaction Security Policies, and secure … Compliance: Map data flows, define ROPA, and embed privacy-by-design controls aligned to GDPR, HIPAA, and PCI DSS. Drive DevSecOps Excellence: Integrate SAST / DAST, IaC scanning, SBOM generation, and secure release governance into delivery pipelines. Monitor & Respond: Build detection use cases, integrate logs into SIEM, and establish ...

lead and support security assessments including network, web application, mobile, cloud, wireless, and internal infrastructure testing , alongside Cyber Essentials and Cyber Essentials Plus (CE / CE+) assessments. This role suits someone who enjoys hands-on technical work, clear reporting, and helping clients improve their security posture in practical, measurable … Responsibilities Penetration Testing and Security Assessments: Deliver CREST-aligned penetration tests across external and internal networks, web applications and APIs, mobile applications (iOS / Android), and Cloud environments (Azure, AWS, GCP). Wireless networks and remote working setups. Security configuration and segmentation reviews. Perform vulnerability assessments and risk-based ...

within an MSP, reseller, or channel partner. Framework Fluency: Proven knowledge of ISO 27001, NIST CSF, GDPR, and other regulatory / compliance standards. Cloud & Security Architecture: Deep expertise in multi vendor solutions Communication: Excellent at engaging both technical and executive audiences with clear, impactful reporting. … Certifications (preferred): CISSP, CISM, CCSP, ISO 27001 Implementer / Auditor, Microsoft SC-series. **Please note, due to the volume of applicants we cannot respond to individuals outside of the above requirements ...

within an MSP, reseller, or channel partner. Framework Fluency: Proven knowledge of ISO 27001, NIST CSF, GDPR, and other regulatory / compliance standards. Cloud & Security Architecture: Deep expertise in multi vendor solutions Communication: Excellent at engaging both technical and executive audiences with clear, impactful reporting. … Certifications (preferred): CISSP, CISM, CCSP, ISO 27001 Implementer / Auditor, Microsoft SC-series. **Please note, due to the volume of applicants we cannot respond to individuals outside of the above requirements ...

Office (GSO), which sets and ensures that the Information Security policy and standards are implemented across Experian. You will lead accreditation projects (Cyber Essentials, ISO27001, PCI-DSS), and report to the Regional Lead of Client Security Assurance. You will: Lead a complex group of accreditation projects as it relates … Partner with other stakeholders to establish the accreditation program and workstreams' governance framework, ensuring adherence to those standards. Establish and document project scope, milestone / detailed plans and risks, and then use as a basis for all discussions across the program to ensure full agreement. Engage with partners ...

tools, such as: Qualys, Rapid7, Tanium, Axonius, Armis, or other. Experience applying the following models to an enterprise security program: CMMI, ISO / IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model. Experience developing security reports, trends, and metrics analysis. Experience with the application … MITRE ATT&CK, PCI, HIPAA, GDPR or similar. Experience with cloud security practices Experience with business and technical requirements analysis, business process modeling / mapping, methodology development, and data mapping Additional Information Benefits package includes: Great compensation package and discretionary bonus plan Core benefits include pension, bupa healthcare, sharesave ...

collaboration, and continuous learning. Role Purpose We are seeking a Product Owner to lead the development and evolution of a modern, scalable, secure SaaS / cloud platform, while acting as the Security / Cyber SPOC for the organization. This hybrid role combines cloud product leadership with security oversight … ensuring the platform delivers exceptional customer experience and meets enterprise-grade security and compliance standards. Cloud & SaaS Product Leadership Define and own the cloud / SaaS roadmap, aligning with business objectives and customer needs. Drive the delivery of cloud-native SaaS capabilities, including: Multi-tenancy Self-service onboarding Elastic ...

collaboration, and continuous learning. Role Purpose We are seeking a Product Owner to lead the development and evolution of a modern, scalable, secure SaaS / cloud platform, while acting as the Security / Cyber SPOC for the organization. This hybrid role combines cloud product leadership with security oversight … ensuring the platform delivers exceptional customer experience and meets enterprise-grade security and compliance standards. Cloud & SaaS Product Leadership Define and own the cloud / SaaS roadmap, aligning with business objectives and customer needs. Drive the delivery of cloud-native SaaS capabilities, including: Multi-tenancy Self-service onboarding Elastic ...

collaboration, and continuous learning. Role Purpose We are seeking a Product Owner to lead the development and evolution of a modern, scalable, secure SaaS / cloud platform, while acting as the Security / Cyber SPOC for the organization. This hybrid role combines cloud product leadership with security oversight … ensuring the platform delivers exceptional customer experience and meets enterprise-grade security and compliance standards. Cloud & SaaS Product Leadership Define and own the cloud / SaaS roadmap, aligning with business objectives and customer needs. Drive the delivery of cloud-native SaaS capabilities, including: Multi-tenancy Self-service onboarding Elastic ...

collaboration, and continuous learning. Role Purpose We are seeking a Product Owner to lead the development and evolution of a modern, scalable, secure SaaS / cloud platform, while acting as the Security / Cyber SPOC for the organization. This hybrid role combines cloud product leadership with security oversight … ensuring the platform delivers exceptional customer experience and meets enterprise-grade security and compliance standards. Cloud & SaaS Product Leadership Define and own the cloud / SaaS roadmap, aligning with business objectives and customer needs. Drive the delivery of cloud-native SaaS capabilities, including: Multi-tenancy Self-service onboarding Elastic ...

roadmap. Drive best practice development standards, build security credentials (SOC 2, ISO 27001), and architect for scale across their Azure / .NET stack. Phase 3: The Scaler (18+ months) Transition into the CTO role. Lead technical vision, scale engineering capability internationally, and drive market differentiation … mission-critical trading systems where reliability matters Growth-orientated—excited by the journey from specialist consultancy to global software platform Bonus Points For: ETRM / CTRM platform experience, financial services or energy sector background, experience with Endur / Findur / Allegro systems, prior CTO experience in growing ...

roadmap. Drive best practice development standards, build security credentials (SOC 2, ISO 27001), and architect for scale across their Azure / .NET stack. Phase 3: The Scaler (18+ months) Transition into the CTO role. Lead technical vision, scale engineering capability internationally, and drive market differentiation … mission-critical trading systems where reliability matters Growth-orientated—excited by the journey from specialist consultancy to global software platform Bonus Points For: ETRM / CTRM platform experience, financial services or energy sector background, experience with Endur / Findur / Allegro systems, prior CTO experience in growing ...

roadmap. Drive best practice development standards, build security credentials (SOC 2, ISO 27001), and architect for scale across their Azure / .NET stack. Phase 3: The Scaler (18+ months) Transition into the CTO role. Lead technical vision, scale engineering capability internationally, and drive market differentiation … mission-critical trading systems where reliability matters Growth-orientated—excited by the journey from specialist consultancy to global software platform Bonus Points For: ETRM / CTRM platform experience, financial services or energy sector background, experience with Endur / Findur / Allegro systems, prior CTO experience in growing ...

HIPAA). Continuously contribute to process improvement, suggesting ways to enhance efficiency and customer satisfaction. Required Skills & Experience Education to NQF Level 3 / 4 in a computing-related discipline (e.g., A Level in Computing or ICT, NCC Education Level 3 Diploma in Computing, IT Users Level 3 Certificate … / Diploma). Strong GCSE results, including Maths, English, and Science. Minimum of 3 years' commercial experience in an IT and / or application support environment. Solid understanding of hosted IP telephony. Proficiency with MS Office 365 / Admin, Microsoft Windows 11, MacOS Proficiency with Azure, Teams ...

HIPAA). Continuously contribute to process improvement, suggesting ways to enhance efficiency and customer satisfaction. Required Skills & Experience Education to NQF Level 3 / 4 in a computing-related discipline (e.g., A Level in Computing or ICT, NCC Education Level 3 Diploma in Computing, IT Users Level 3 Certificate … / Diploma). Strong GCSE results, including Maths, English, and Science. Minimum of 3 years' commercial experience in an IT and / or application support environment. Solid understanding of hosted IP telephony. Proficiency with MS Office 365 / Admin, Microsoft Windows 11, MacOS Proficiency with Azure, Teams ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...