1 to 25 of 36 ISO/IEC 27001 Jobs in Glasgow

cyber threats. Key Responsibilities: Develop, implement, and oversee IT security policies, procedures, and best practices to protect company assets. Manage and maintain network security systems , including firewalls, intrusion detection / prevention systems (IDS / IPS), VPNs, and secure access controls. Conduct security risk assessments and audits to identify vulnerabilities and ensure compliance with industry regulations (ISO 27001, NIST, GDPR, etc.). Lead incident response efforts, including investigating security breaches, coordinating remediation, and reporting findings. Implement and maintain endpoint protection, SIEM solutions, and threat intelligence platforms . Collaborate with IT and DevOps teams to ensure secure architecture and cloud security measures . Provide security awareness training for employees and promote a strong security … Proven experience in IT security, with at least 5+ years in a security leadership or management role. Strong understanding of network security principles, protocols, and technologies (firewalls, VPNs, IDS / IPS, NAC, etc.). Hands-on experience with security frameworks such as ISO 27001, NIST, CIS Controls. Proficiency in SIEM tools, vulnerability management, and penetration More ❯

Social network you want to login / join with: Information Security Manager Salary Competitive Location Glasgow Head Office Shift Pattern Days Hours per day This is a Permanent, vacancy that will close in 15 days at 23:59 BST. The Vacancy POSITION OVERVIEW: This role sits within the 2nd Line of defence, where you will lead and support the … progress Deputise for the Head of Information Security KNOWLEDGE, SKILLS & ABILITIES Essential Degree level qualification or equivalent experience in Cyber risk management and information protection Cyber security essentials ISO 27001 NIST CSF Strong Technical Background in Data Classification and Data Loss Prevention Experience in information security governance, policy and procedure definition Administration of Active Directory, Azure … set out with one goal – to make a positive change in the facilities management industry. The Haugheys founded their enterprise on the values of collaboration and transparency, replacing client / contractor relationships with long-term, mutually beneficial partnerships. Each partner receives a unique strategy, shaped bythe needs of the business and implemented by a bespoke, self-delivered model. It More ❯

Location / s: Glasgow, Birmingham, Bristol, Cambridge, Liverpool, Manchester, Southampton, United Kingdom Recruiter contact: Laura Kennedy We’re a global engineering, management, and development consultancy. Our purpose is to improve society by considering social outcomes in everything we do, relentlessly focusing on excellence and digital innovation, transforming our clients’ businesses, our communities, and employee opportunities. A fundamental part of … office hours or on UK clients' sites, so flexibility is important. Role responsibilities Develop, review and implement cybersecurity policies, protocols and procedures, such as IEC 62443 or ISO27001, including working in IACS domains. Provide expert advice on cybersecurity measures and best practices across OT and IT projects. Understand client requirements and analyse specifications. Conduct reviews and audits to … IEC62443, NIS, NIS2, Cloud Security Principles and GDPR. Strong analytical and problem-solving skills. Good communication and interpersonal skills. Experience with security tools and technologies such as firewalls, IDS / IPS, and SIEM. Experience working with Operational Technology (OT). Professional registrations or certifications such as CiiSEC, CISSP, GICSP, or related would be advantageous. UK Immigration Mott MacDonald Ltd. More ❯

Role: IT Engineer - 2nd / 3rd Line Place of work: Glasgow, City Centre Contract type: Full-time, Permanent Working Hours: Monday – Friday, 9am – 5pm Do you thrive in a fast-paced environment and have a passion for delivering excellence in IT support? If so, Jones Whyte has an excellent opportunity for you where you will have the chance to … shine and contribute your expertise. We are seeking a skilled and proactive 2nd / 3rd Line IT Engineer to join our IT Support Team. This role blends advanced ticket-based support responsibilities with hands-on cybersecurity exposure. Why Jones Whyte? At Jones Whyte, we’re more than just a law firm—a dynamic community built on collaboration, innovation, and … a shared commitment to excellence. Joining us means stepping into a role where your expertise is valued, and your growth is a priority. The Role As a 2nd / 3rd line IT Engineer, you will be supporting the firm with advanced tasks, ensuring the smooth running of our technology. You'll be responsible for maintaining, troubleshooting, and improving our More ❯

invests in the latest industry leading technologies to facilitate the delivery of our ground-breaking business solutions. We adopt integrated ways of working such as "DevOps" and employ Agile / Scrum methodology approach to manage our work. Though this is a varied role, your key tasks will include: Manage, mentor, and help to develop the cyber security team. Using … our existing Microsoft Licensing Agreement. Work closely with the Security Operating Centre and Networking engineers, to drive security initiatives across the wider team. Participate in and deliver multi-discipline / cross team projects acting as the cyber security subject matter expert. Act as the technical lead and escalation point for all cyber security related queries. Research and advise on … from a security perspective (Defender, Azure) Vulnerability Management Web Application Filtering DLP Cloudflare Secure File Transfer Firewalls Remote Access / VPN PKI Infrastructure DNS Email Gateways Security Audits ISO27001 Azure DevOps (Scrum principles, Release Pipelines) Knowledge of Mitre Attack Framework ITIL (Supervising Service Desk Queue) Strong Interest In all aspects of security Microsoft Operating Systems (Desktop, Server) Exchange Online More ❯

a wide range of infrastructure improvements. From migrating to Azure AD and Intune, to rolling out Defender across the business and helping push toward Cyber Essentials Plus and ISO 27001 compliance - there's a lot going on, and you'll be in the thick of it. Alongside cloud migration work, you'll also be involved in … DNS, DHCP, routing, firewalls, web filtering Exposure to cloud migrations, ideally Azure (some AWS experience also fine) Experience supporting enterprise platforms like IIS & SQL Familiarity with compliance standards (ISO 27001, Cyber Essentials, NIST) Excellent problem solving and communication skills There's no on call requirement, though some flexibility around out of hours work may occasionally be More ❯

days ago Be among the first 25 applicants Direct message the job poster from Dev / Null Security Head of Talent at DevNull Security | Championing Innovation in Cybersecurity, Recruitment & Retention Company Description Dev / Null Security is a cyber security consultancy that specializes in security solution architecture, engineering, implementation, and operational support. With decades of experience, our team … that keeps the organization moving forward. Prior financial services experience is essential. Qualifications & Certifications: Bachelors or master’s degree in cybersecurity, computer science, software engineering, or related field. CISSP / CISM certification or other broad cybersecurity industry-recognised certificate. Architect-level certification in one or more public cloud platforms. Platform & Technology: BizzDesign, Archi, or generic UML visualisation experience for … first company, our consulting team may be required to travel to a physical site 2-3 times per week (either Edinburgh, Birmingham, Sheffield, Manchester or Glasgow) subject to project / customer requirements. A career in cybersecurity should be accessible for everyone. We encourage all applicants, regardless of race, ethnicity, gender, age, sexual orientation, disability, or neurotype. We want to More ❯

Social network you want to login / join with: We are seeking an experienced Cybersecurity Architect with deep expertise in Cisco Cyber Vision to design and implement secure industrial control system (ICS) architectures. You will play a critical role in assessing, developing, and implementing cybersecurity strategies that ensure the resilience and compliance of IT / OT networks. Key … Responsibilities: Design and implement cybersecurity architecture for IT / OT environments with an emphasis on industrial systems. Lead the deployment and integration of Cisco Cyber Vision across various industrial networks. Conduct risk assessments and threat modeling for ICS / SCADA systems and recommend mitigation strategies. Develop and maintain security standards, reference architectures, and best practices aligned with NIST … 7+ years of experience in cybersecurity, with at least 3 years in an architect role. Hands-on experience with Cisco Cyber Vision including deployment, configuration, and integration with SIEM / SOC tools. Deep understanding of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS / SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS / IPS, and More ❯

and experience of working with organisations that have OT networks and standards utilised in the energy sector such as the Cyber Assessment Framework and IEC ISA 99 / 62443. You'll be helping multiple clients with different aspects of their security. The role is interesting and varied and a great opportunity for those that prefer spontaneity over … routine. A Day in the Life Delivering projects, including creating information security strategies, risk assessments of OT projects and assessments against frameworks like ISO 27001. Identify and develop new business opportunities with clients and prospects. Mentoring and supporting junior team members to raise the team's understanding of working with Energy clients. Stay updated on the latest information … non-technical audiences. What would be great to have CISSP, CISM, 62443 cyber security certificates Cyber Assessment Framework, NIST CSF, NIST SP 800-82, IEC ISA 99 / 62443, CIS Controls Strong understanding of IT and OT security risks Knowledge of the threat landscape Experience in Business development and proposal / tender writing How We Take More ❯

highly skilled Cyber Security Team you will be responsible for contributing to our information security consultancy, with opportunities to work on information security assessments within sizeable projects, conduct ISO 27001 audits, help implement aspects of ISO 27001, and engage in risk management. Furthermore, there is potential for growth into such diverse fields … as PCI DSS, privacy, and business continuity. Requirements Essential experience and skills: Recognized ISO 27001 Lead Auditor qualification and certificate Significant experience in auditing ISO 27001 based Information Security Management Systems Significant experience in consulting and implementing Information Security Management Systems Strong knowledge of regulatory frameworks such as the GDPR 5 years … across all sectors, which presents opportunities for both interesting work and career development. Dionach have leading industry certifications including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF, and ISO 27001, with a focus on improving customers' security, and developing people's skills and qualifications. Dionach are always looking for self-motivated people who wish to work More ❯

Internal Audit improves the effectiveness of risk management, controls, and governance processes. This position can be located in Madrid or Glasgow the following locations with a hybrid in-office / work from home arrangement. Job Description Cigna seeks an experienced information technology (IT) auditor to join its Internal Audit team, supporting the company’s rapidly evolving technology strategy. The … Information Technology, or related fields. Professional Experience: Minimum 5, with 7 years or more preferred, in internal or external IT auditing, with at least 2 years as a senior / in-charge IT auditor. Certifications: CISA, CISM, CRISC, CGEIT, CISSP, CIA, or equivalent. Technical Skills: Expertise in IT systems (Cloud, mainframe, client / server platforms) and proficiency with … Microsoft Office, data analytics tools (e.g., ACL), and dashboards (e.g., Tableau, PowerBI). Frameworks & Standards: Knowledge of COSO, COBIT, Sarbanes-Oxley, and IT / Cybersecurity standards like NIST, ISO 27001, CIS Controls. Healthcare Industry Knowledge: Preferred experience with healthcare systems and regulations. Skills and Attributes Effective communication and presentation skills with high attention to quality. More ❯

Direct message the job poster from Cathcart Technology Senior Tech Recruiter | IT Management & Delivery (C-Level / Software Management / Delivery / Product Management) Senior Information Security Manager required for one of Glasgow’s most prestigious professional services firms, in a permanent role. The organisation operates across a number of countries and is in the process of … a small team. However, the key part to this role is having strengths across Governance and Privacy, as well as security governance / risk. Cyber essentials knowledge and ISO27001 certification would be an added bonus. With the governance focus, you will still be heavily involved in projects and the delivery of these, alongside the setting of roadmaps and policies. … years as a Senior Information Security Professional, either as a Manager or senior member of a team Ability to implement and maintain an information security governance framework such as ISO27001 and NIST Ability to lead the infosec risk management processes, including Enterprise Risk Management Framework, Information Security Management System and NIST practices Certifications such as CISSP, CISM or CRISC ISO More ❯

Social network you want to login / join with: At MVW Technology Ltd we are committed to fostering the growth and development of all our team members. We offer a range of professional development opportunities to support both permanent staff and contractors in advancing their skills and careers. Through training programs, mentorship, and access to industry resources, we ensure … technical documentation including architecture diagrams, runbooks, and operational procedures Support the development of technical project plans and participate in change advisory processes Ensure alignment with security standards (e.g. ISO 27001, GDPR) and adherence to governance frameworks QUALIFICATIONS AND SKILLS Proven experience in architecting and deploying Microsoft Intune for MDM and MAM Expert knowledge of Microsoft Autopilot … such as MD-102, MS-102, SC-300, or equivalent (preferred) On-premises and traditional infrastructure technologies including Virtualisation, VDI, storage, firewalls, AV + Threat Protection, Windows Server, DNS / DHCP, backup solutions Strong analytical and documentation skills PERSONAL ATTRIBUTES Motivated self-starter Personable and professional manner Process orientated Humble We actively encourage applications from individuals with disabilities and More ❯

Linux-based servers, hypervisors, storage arrays, and networking. Oversee system monitoring, patching, upgrades, and incident response procedures. Ensure full compliance with security best practices and regulatory requirements (e.g., ISO 27001). Drive innovation and adoption of emerging technologies that improve efficiency, performance, or security. Act as the escalation point for complex infrastructure and system issues. Strategic … procurement to ensure optimal service delivery and value. Promote and ensure adherence to IT governance, policy frameworks, and industry standards. Lead and support internal and external audits, including ISO certification and compliance initiatives. Resolve conflicts within the team and with external stakeholders effectively and constructively. Maintain an awareness of commercial and financial implications of technology decisions. Key Requirements … disaster recovery, and business continuity strategies. Familiarity with configuration management and infrastructure-as-code tools (e.g., Ansible, Docker). Comprehensive knowledge of security best practices, hardening, and compliance (ISO 27001, GDPR, etc.). Leadership & Soft Skills: Demonstrable experience managing and developing high-performing technical teams. Strong stakeholder engagement skills with the ability to influence, negotiate, and More ❯

of the role is to monitor, support, report and instruct against the regulatory frameworks such as the NCSC Cyber Assurance Framework to ensure operational systems and networks owned and / or managed, by Operators of Essential Services, in the electricity and downstream gas sectors in Great Britain, remain resilient against cyber and related security threats. You’ll operate as … Deliverables Provide advice and guidance to the DGE sector on the compliance with the NIS regulations and ensuring through inspections, audits and testing that OES maintain compliance. Deliver and / or manage a set of inspections and assurance activities in line with the NIS regulations. Write and maintain high quality inspections and audit reports, providing analysis and outcomes. Provide … and use regulatory tools to drive improvements. Ensure alignment with government and industry objectives and standards, and liaise with senior stakeholders on how these can be met Key Skills / Capabilities Required Experience of security assurance in the Oil, Gas, Electricity industry. Experience in utilising operational technology / ICS related standards, NIS Regulations and NCSC Cyber Assurance Framework. More ❯

Social network you want to login / join with: col-narrow-left Client: Aimhire Location: glasgow, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 10.06.2025 Expiry Date: 25.07.2025 col-wide Job Description: Do you want to work with a FinTech startup in the capital markets vertical.? At Aimhire.io we are … for creating cutting-edge financial products. Key Responsibilities: ● Design, implement, and maintain cloud-native infrastructure (primarily AWS) to support Klear’s distributed systems and APIs. ● Manage and optimize CI / CD pipelines, ensuring rapid and reliable code delivery across ● Work closely with the engineering team to support microservices architecture, with focus on latency-sensitive and high-availability services. ● Monitor … system performance, conduct root cause analysis, and implement observability best practices (metrics, logging, tracing). ● Harden infrastructure and deployments with infrastructure as code (Terraform / CDK / CloudFormation). ● Lead incident response, system reliability efforts, and infrastructure scalability initiatives. ● Manage messaging queues (e.g., Kafka, RabbitMQ) and optimize for low-latency event handling and throughput. ● Contribute to evolving our More ❯

Social network you want to login / join with: Senior Associate, Cybersecurity compliance (global role in a virtual working environment), glasgow col-narrow-left Client: Grant Thornton International Ltd Location: glasgow, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 7 Posted: 10.06.2025 Expiry Date: 25.07.2025 col-wide Job Description: About Grant Thornton … IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom / Europe Main responsibilities The Senior Associate will support with the implementation of the cybersecurity compliance programme, including: Collaboration with IT assurance engagement teams across the GT network Review of … a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and / or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and lead More ❯

effectiveness of the process across SPR. What we’re looking for Skills and experience in cyber security supply chain risk management. Awareness of key legislation and regulation impacting IT / OT General Control requirements in an energy utility. Experience in planning, managing … and Supply chain risk management. Record of academic achievement, including some form of recognised qualification from further education, such as a degree or diploma. Useful qualifications (nice to have): ISO27001 CISM CRISC SANS qualifications What’s in it for you As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With … you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include: 36 days annual leave Holiday purchase – perfect your work / life balance with extra annual leave Share Incentive Plan and Sharesave Scheme Payroll giving and charity matched funding Technology Vouchers – save more and spread the cost of your technology More ❯

an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, CHECK, PCI QSA, and ISO 27001. With our focus on enhancing customers' security and fostering team development, you will be joining a company that prioritizes both your growth and the safety of our clients. More ❯

a multi award-winning workplace, most notably recognised by Best Companies as Best Company To Work For in the UK, Tech and the South East in 2023. We are ISO27001 and ISO9001 Certified by UKAS. We are also a CREST approved penetration testing and SOC company, IASME Cyber Essentials Certification body and Cyber Essentials Plus certified. Find out more about More ❯

Social network you want to login / join with: Head of Information Security – UK remote - £90,000 - £120,000 Our client, a leading technology innovator, is looking for an experienced Information Security leader to shape and drive their security strategy. As the Head of Information Security, you will be responsible for overseeing the development and implementation of an improved … to maintain compliance. To be considered for this role, you should have Proven experience in a senior Information Security leadership role. Strong knowledge of security frameworks such as ISO 27001, NIST, GDPR, and other compliance standards. Expertise in risk management, governance, and security architecture. Hands-on experience in designing and implementing security policies and strategies. Strong More ❯

Social network you want to login / join with: Head of Engineering / System Development Manager - up to £70k base with great benefits Remote working with an office Glasgow We are looking for a strategic, hands-on Head of Engineering to lead and scale our software engineering function. This senior leadership role will focus heavily on software engineering … and governance around API design (RESTful services, rate limiting, versioning, monitoring, etc.). Ensure high data consistency, operational integrity, and well-documented interface contracts between services. Software Delivery, CI / CD & DevOps Define and implement scalable CI / CD pipelines using modern DevOps tooling, including automated build, test, deploy, and rollback strategies. Champion continuous delivery practices with robust … APIs. Security Engineering & Governance Partner with security engineers to integrate security throughout the software lifecycle (shift-left security, secure coding, threat modelling). Own the implementation of secure authentication / authorization practices, audit logging, encryption at rest / in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO More ❯

way Work closely with digital, cybersecurity, platform, and business teams to translate strategic goals into practical technical designs Champion security-by-design and compliance with frameworks like NIS2 and ISO27001 Guide architectural decisions across Azure, Power Platform, M365, and related tools Steer innovation, solution modernisation, and cloud governance Manage a team of solution architects, developing capability and fostering a culture More ❯

an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, CHECK, PCI QSA, and ISO 27001. With our focus on enhancing customers' security and fostering team development, you'll be joining a company that prioritizes both your growth and the safety of our clients. More ❯

Social network you want to login / join with: Location: Fully Remote Contract Duration: 12 Months Fixed-Term Anticipated Renewal Date: December 2025 About Us: Sentinel is working with a leading global IT and technology services company. They drive digital transformation for businesses worldwide, providing cutting-edge solutions across cloud computing, data analytics, and security. We're committed to … integration. • Lead and actively participate in security audits, identifying vulnerabilities, and ensuring adherence to security policies. • Develop and enforce GCP security hardening measures (network segmentation, access controls, encryption, GDPR / ISO 27001 compliance). • Design and implement ETL pipelines for marketing data into BigQuery for Looker. • Optimise BigQuery data models and schemas for Looker exploration … Qualifications and Experience: • Extensive experience as a Cloud Engineer, specialising in GCP. • Proven background in marketing data environments, understanding infrastructure needs for marketing analytics and CDPs. • Demonstrable experience leading / contributing to security audits, vulnerability assessments, and compliance initiatives (GDPR, ISO 27001) within GCP. • Expertise in IaC with a strong preference for Terraform. • Profound understanding More ❯