1 to 25 of 29 ISO/IEC 27001 Jobs in the East of England

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information More ❯

27001:2022 certification and ensure adherence to health, safety, financial, and privacy regulations. What are we looking for? Degree level qualified or equivalent - essential. CISM and / or CISSP or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is highly desirable Demonstratable experience in an … Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Experience of information security management and / or security awareness. Good knowledge of industry standard frameworks and best practices – ISO 27001: 2022, NIS2, AI Act etc. and their practical application in a … maintain data classification standards within a corporate environment. Experience in developing and executing an Information Security awareness training across multi-business units. Experience with ensuring corporate compliance with UK / EMEA data protection legislation such as DPA and GDPR. Good knowledge of a broad range of IT technology platforms, products, services. Stakeholder management experience at both a technical and More ❯

Security Controller & Assurance Manager Cambridge | Hybrid (Onsite Tue–Thu) ? 6-Month Contract (Inside IR35) – Extension / Perm Potential D ay rate depending on experience Active SC Clearance preferred (or eligibility required) We are seeking an experienced Security Controller & Assurance Manager to take ownership of end-to-end security governance within a leading defence engineering environment. This role spans protective … security, personnel security, information / data security and supporting cyber security , acting as the primary security authority on-site and working closely with senior leadership. This is a key hire driven by increased programme activity and business growth. Key Responsibilities ? Act as Security Controller & Crypto Custodian ? Lead compliance across personnel, facility & information security ? Oversee accreditation & facility clearance requirements ? Manage … handling & protection of classified / protectively marked material ? Own SALs, audits, security reporting & compliance metrics ? Support IT & Cyber teams on secure system governance ? Support HR with vetting and security onboarding ? Deliver security briefings and awareness programmes ? Ensure NPSA-compliant physical security measures across sites & programmes ? Maintain security manuals, SLAs & governance documentation ? Liaise with Police, CTSA, MoD, NPSA, DE&S More ❯

Security Operations Collaboration and Stakeholder Management Risk Management Compliance Operations Audit, incident response, and risk management ✅ Requirements: Junior or Grad Cyber or Information Security Analyst Keen interest in ISO 27001 … SOC 2 Type 2, and cloud environments. 📜 You will receive certifications in the following: CISSP, CISM, ISO 27001 Lead Implementer, CISA, CRISC, CIPP / E. Physical Security (PSP, CPP) certifications a plus. If you're interested, please apply with your latest CV. I will aim to get back to you within 48 hours. More ❯

ll bring Solid hands-on experience with SIEM tools like Splunk, Sentinel or QRadar. A good grip on security best practices and standards (ISO 27001 / 27002, PCI DSS). Familiarity with frameworks such as NIST, ISO and CIS. Comfortable scripting in Python, PowerShell and regex. The ability to work across multiple projects More ❯

ll bring: Proficient in using SIEM technologies such as Splunk, Sentinel, and QRadar. Thorough grasp of security standard methodologies and protocols, for instance ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such as Python, PowerShell, and regex. If you are interested More ❯

Senior Cyber Security GRC Consultant (DV Cleared) Location: Hybrid / East of England - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … professional registration at either Chartered or Principal for Risk Management. Active DV clearance required Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system secure design MOD / GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements More ❯

Senior Cyber Security GRC Consultant (DV Cleared) Location: Hybrid / East of England - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … professional registration at either Chartered or Principal for Risk Management. Active DV clearance required Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system secure design MOD / GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid / East of England - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You’ll collaborate with … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … professional registration at either Chartered or Principal for Risk Management. Active DV clearance required Strong working knowledge of Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system secure design & MOD / GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements More ❯

Manager role: Proven experience leading SOC operations in a 24×7 or multi-client environment. Strong background in incident management, threat detection, and escalation processes. Technical depth across SIEM / SOAR tooling, preferably Splunk or Microsoft Sentinel. A passion for developing teams — coaching analysts and building collaborative, high-performing cultures. Strong understanding of frameworks and standards such as NIST … MITRE ATT&CK, ISO 27001, CREST, and ITIL. Excellent communication skills, with the ability to translate technical risks into clear business impacts. Desirable Vendor certifications such as Splunk Certified or Microsoft SC-200. Security or leadership certifications (e.g., CISSP, CISM, ITIL). Why This SOC Operations Manager role? This is more than just an operational role More ❯

regulatory standards. This role will suit an experienced IT professional who enjoys combining hands-on systems management with cloud, automation, and security responsibilities. Key Responsibilities: Provide advanced (Tier 2 / 3) support to internal users and resolve complex technical incidents. Manage and monitor cloud and on-premise environments (Azure / AWS). Ensure high system availability and performance … security controls including firewalls and endpoint protection. Support compliance with GDPR, ISO 27001, and other data governance frameworks. Collaborate with engineering teams on automation, CI / CD, and containerised deployments. Contribute to infrastructure-as-code initiatives and system monitoring improvements. Required Skills / Experience: Proven background in IT systems administration and cloud platform management … Strong technical knowledge across Windows / Linux, networking, and virtualisation Familiarity with containerisation tools (Docker, Kubernetes) Competence in scripting (PowerShell, Bash) and an automation-oriented mindset Understanding of data protection and security compliance requirements RSG Plc is acting as an Employment Agency in relation to this vacancy. More ❯

regulatory standards. This role will suit an experienced IT professional who enjoys combining hands-on systems management with cloud, automation, and security responsibilities. ??Key Responsibilities: Provide advanced (Tier 2 / 3) support to internal users and resolve complex technical incidents. Manage and monitor cloud and on-premise environments (Azure / AWS). Ensure high system availability and performance … security controls including firewalls and endpoint protection. Support compliance with GDPR, ISO 27001, and other data governance frameworks. Collaborate with engineering teams on automation, CI / CD, and containerised deployments. Contribute to infrastructure-as-code initiatives and system monitoring improvements. ??Required Skills / Experience: Proven background in IT systems administration and cloud platform management … Strong technical knowledge across Windows / Linux, networking, and virtualisation Familiarity with containerisation tools (Docker, Kubernetes) Competence in scripting (PowerShell, Bash) and an automation-oriented mindset Understanding of data protection and security compliance requirements RSG Plc is acting as an Employment Agency in relation to this vacancy. More ❯

safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of … Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It would be … assurance, pension, and generous flexible benefits fund (3% of base salary). Although this role is advertised as full-time, we believe that flexibility at work can promote work / life balance, increase your motivation, reduce stress and improves performance and productivity. We support different ways of working and can offer a range of flexible working arrangements. So, if More ❯

service security risks. Support AI and automation initiatives to streamline GRC processes. Key Requirements Proven hands-on experience with ServiceNow IRM and risk quantification methodologies. Strong knowledge of ISO 27001, NIST CSF, and NIST SP800-53. Certifications such as CRISC, CISM, CISSP, or FAIR are desirable. Excellent stakeholder management and communication skills. Experience in third-party More ❯

SQL) for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess More ❯

responding to RFP questions Work with the Legal, Risk, Ethics and Compliance team to support management of broader business security risks, achievement and maintenance of government standards including ISO 27001 and Cyber Essentials + and respond to issues Ensure strong security measures are embedded in the product development lifecycle, from design through deployment, aligning with industry More ❯

align technical and business stakeholders. Preferred Qualifications Experience in a global manufacturing organization. Relevant certifications (e.g., CISSP, CISM, CCSP). Familiarity with frameworks such as NIST CSF, ITIL, ISO 27001, HIPAA, FedRamp. Work Location & Flexibility At Brooks, we aim to foster a collaborative and engaging environment while offering flexibility where possible. Work arrangements may include a More ❯

Active Directory, and Windows Server environments. Hands-on experience with Microsoft Endpoint Manager, Windows desktop support, and network administration. Understanding of cyber security standards and frameworks (e.g. Cyber Essentials, ISO27001). Excellent communication, problem-solving, and organisational skills. Strong understanding of IT governance, risk, and controls. Experience managing IT security and continuity processes. Ability to balance hands-on technical support More ❯

Boomi, or scripting languages (Python, PySpark, SQL). Solid understanding of data warehousing and data modelling techniques (Star Schema, Snowflake Schema). Familiarity with security frameworks (GDPR, HIPAA, ISO 27001, NIST, SOX, PII) and AWS security … features (IAM, KMS, RBAC). Knowledge of Azure data engineering tools (ADF, Azure DB, Azure Synapse, Azure Data Lake, Azure Monitor) for hybrid migration scenarios. Proficiency with cloud automation / orchestration tools such as Terraform and Airflow. Strong analytical skills to assess data quality, identify inconsistencies, and resolve migration issues. Ability to manage end-to-end migration projects, ensuring More ❯

project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC s security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make sound judgements, and communicate clearly with both technical … do not have all of these as you will not be considered for interview) Minimum 5 years hands-on experience in Information Security Experience conducting security risk assessments Supplier / third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To More ❯

project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC's security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make sound judgements, and communicate clearly with both technical … do not have all of these as you will not be considered for interview) Minimum 5 years' hands-on experience in Information Security Experience conducting security risk assessments Supplier / third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To More ❯

project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC’s security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make sound judgements, and communicate clearly with both technical … do not have all of these as you will not be considered for interview) Minimum 5 years’ hands-on experience in Information Security Experience conducting security risk assessments Supplier / third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills Stakeholder engagement Availability & flexibility Right to work in the UK To More ❯

for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24 / 7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development:Ongoing opportunities More ❯

working in a service critical environment are advantageous. As a DevOps Engineer you will be responsible for ensuring all deployment processes and automation meet regulatory requirements, namely PCI DSS, ISO27001, and Cyber Security Essentials. This will include the introduction of standards to ensure conformity within the PayPoint development and deployment workflows. This role is Hybrid with a requirement to be … onsite at least once a month in Welwyn Garden City. Key responsibilities • Design, build, and maintain CI / CD pipelines using Azure DevOps and GitHub Actions • Implement and manage Infrastructure as Code using Terraform and ARM templates • Configure and maintain monitoring, logging, and alerting solutions for applications and infrastructure • Automate deployment processes across development, staging, and production environments • Manage … Security scanning and vulnerability management in pipelines • Performance optimization and capacity planning • Development team productivity through tooling and automation What we would like from you • Strong experience with CI / CD pipeline design and implementation (Azure DevOps, GitHub Actions) • Proficiency in Infrastructure as Code tools, particularly Terraform • Experience with containerization technologies (Docker) and orchestration platforms (Kubernetes) • Strong knowledge of More ❯

all infrastructure projects are delivered within the pre-agreed parameters of time, cost, scope, risk, quality and benefits. Ensuring all infrastructure services are managed and supported according to industry / vendor best practice, following defined processes and procedures and to meet agreed availability and performance KPIs. Ensuring all colleague infrastructure support tickets are resolved / fulfilled in line … with SLA and colleague satisfaction targets, following agreed ITSM processes. Ensuring that all infrastructure components are managed to the appropriate level of risk with respect to security patches, software / firmware revision levels and supplier supported versions. Proactively seeking service improvements in the areas of reliability, performance, availability, security, supportability or cost. Overseeing the effective transition of new or … laptops, mobile / tablets, peripherals). Technologies required Office 365 – ongoing management Nutanix Networking (LAN, WAN, VLAN, WiFi) preferably Juniper & Fortinet devices Security (ACL, Firewall, PCI, GDPR. GDP) ISO27001 principles Storage, iSCSI (HP, Tegile, Nutanix) Cloud (Azure ExressRoute, VMs,Load Balancers) Linux System Centre Database Management More ❯