16 of 16 ISO/IEC 27001 Jobs in Gloucestershire

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST 800-53 or OWASP … Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa More ❯

Access Control (RBAC) policies to ensure users receive appropriate access based on defined roles. Enforce access control standards and ensure alignment with organisational and regulatory requirements (e.g. GDPR, ISO 27001). Monitor IDAM systems for security incidents, vulnerabilities, and compliance risks, responding promptly to mitigate threats. Manage identity provisioning, de-provisioning and entitlement reviews across cloud … excellent documentation and communication skills. Relevant certifications (e.g. CISSP, CIAM, CISM) or equivalent experience. A proactive, collaborative approach and commitment to continuous improvement. Core Skills Identity & Access Management (IAM / IDAM) Azure Active Directory / Entra ID Role-Based Access Control (RBAC) Multi-Factor Authentication (MFA) Single Sign-On (SSO) Privileged Access Management (PAM) Authentication & Authorisation Security Administration … IT Governance & Compliance Cybersecurity / ISO 27001 / GDPR Active Directory Cloud Security (Microsoft 365 / Azure) Why Join? Work within a respected global organisation investing heavily in digital transformation and cyber resilience. Opportunity to lead on IDAM improvement projects and shape access governance strategy. Flexible hybrid working environment with excellent benefits. Ongoing More ❯

Access Control (RBAC) policies to ensure users receive appropriate access based on defined roles. Enforce access control standards and ensure alignment with organisational and regulatory requirements (e.g. GDPR, ISO 27001). Monitor IDAM systems for security incidents, vulnerabilities, and compliance risks, responding promptly to mitigate threats. Manage identity provisioning, de-provisioning and entitlement reviews across cloud … excellent documentation and communication skills. Relevant certifications (e.g. CISSP, CIAM, CISM) or equivalent experience. A proactive, collaborative approach and commitment to continuous improvement. Core Skills Identity & Access Management (IAM / IDAM) Azure Active Directory / Entra ID Role-Based Access Control (RBAC) Multi-Factor Authentication (MFA) Single Sign-On (SSO) Privileged Access Management (PAM) Authentication & Authorisation Security Administration … IT Governance & Compliance Cybersecurity / ISO 27001 / GDPR Active Directory Cloud Security (Microsoft 365 / Azure) Why Join? Work within a respected global organisation investing heavily in digital transformation and cyber resilience. Opportunity to lead on IDAM improvement projects and shape access governance strategy. Flexible hybrid working environment with excellent benefits. Ongoing More ❯

Experience: Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries Proven experience implementing and managing ISMS frameworks, preferably ISO 27001 certification Deep understanding of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards Experience with industrial control systems security, particularly in safety … critical environments Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments Technical Expertise: Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, aviation-specific standards) Experience with security architecture design for complex technical systems Understanding of aviation safety management systems and their integration with cybersecurity programmes Familiarity with certification processes and … for presenting security strategies to technical and executive audiences Experience building security teams and developing cybersecurity culture within engineering organisations Preferred Qualifications: Professional certifications such as CISSP, CISM, ISO 27001 Lead Auditor, or aviation security qualifications Experience with hydrogen infrastructure, electric propulsion systems, or clean energy technologies Knowledge of aviation certification processes (FAA, EASA, CAA) Background More ❯

not limited to requirements such as GDPR & ISO 27001. Collaborating with other areas within the company such as the Infrastructure & DevOps teams to integrate virtualisation with CI / CD pipelines and other automation frameworks. Skills: VMWare - vSphere Hyper-V Strong knowledge with automation and scripting technologies such as Python, PowerShell or Ansible. Cloud-based virtualisation (e.g., Azure … GCP, AWS) Knowledge around relevant industry standards such as ISO 27001 & GDPR. Benefits Healthcare package Life Works Gym Allowance Cycle to Work Long-Term Sickness Insurance Employee Assistance Programme Discretionary Bonus Infrastructure Engineer (eDV Cleared) | £70,000-£100,000 | VMware | Hyper-V Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this More ❯

in enterprise-level cloud and hosting environments Strong knowledge of Azure IaaS / PaaS, EntraID, networking, and virtualisation Experience with Infrastructure as Code (IaC) and ITIL / ISO27001 environments Excellent communication skills, able to engage technical and business stakeholders Why join? Work with cutting-edge Azure cloud technologies Opportunity to influence long-term IT strategy Supportive, collaborative culture More ❯

SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience within Operational Technology / IoT-rich environments would be an added bonus If this sounds like a role you would be interested in, please apply online ASAP - Shortlisted applicants will be contacted within More ❯

global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others.Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. … Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of … years experience.Skills Required: Proven experience in information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical More ❯

fast-growing consultancy. Key Responsibilities of the IT Technical Lead: Define and maintain TwinStream s IT strategy in partnership with leadership. Take ownership of our IT estate, from AWS / M365 accounts to endpoint management. Provide technical leadership and mentoring to the IT team. Drive incident resolution and problem management when needed. Partner with stakeholders across Delivery, InfoSec, Finance … Infrastructure as Code (Terraform, Microsoft365DSC, etc.). Backup & Disaster Recovery planning and execution. SaaS deployment and support, ensuring compliance. Engaging with stakeholders at all levels. Desirable extras: Knowledge of ISO27001, Cyber Essentials Plus, and information security tooling. Public sector client experience. Linux and Windows system administration. Why Join Us? Generous Pension 8% employer contribution Private Medical Healthcare including dental & optical More ❯

to the team. Key Responsibilities of the Lead Infrastructure Engineer: Define and maintain TwinStream s corporate IT strategy with senior leadership. Own and manage the IT estate from AWS / M365 accounts to mobile devices and laptops. Provide technical leadership, mentoring, and guidance to the IT team. Work with our Service Manager to continuously improve IT capabilities as an … monitoring). Infrastructure as Code (Terraform, Microsoft365DSC). Backup & Disaster Recovery planning and execution. SaaS deployment and integration. Strong stakeholder engagement and communication skills. Nice to Have: Knowledge of ISO27001, Cyber Essentials Plus, and InfoSec tooling. Experience working with public sector customers. Linux and Windows system administration. Why Join Us? Pension Plan 8% employer contribution. Private Medical Healthcare including dental More ❯

and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯

and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus – Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯

Accurately delivering high quality work to agreed timelines. Taking the initiative on project work, and knowing how to jump straight in. Supporting client engagements, including pitches and presentations. Skills / Knowledge You have relevant and recent experience working within the cyber security industry. You have experience in a consulting or customer facing role. You have worked in technical client … with security controls within cloud-based infrastructure (e.g Azure, AWS, GCP). This may include design, configuration, or protective monitoring. You have experience working with security control frameworks e.g. ISO27001, NIST, CAF or others. You have demonstrable continuous personal development with relevant certifications and accreditations. You have strong interpersonal skills You have UK security clearance at SC or above or More ❯

Ping ID Specialist / IAM Consultant - SC Clearance Location: Cheltenham Road, Bishops Cleeve Work Type: 70% Remote, 30% Office Length: Initial Short Term Contract, c.2 months with scope for extensions Rate: £450 - £500 (Inside) Clearance: Must have active SC Clearance Role Description: IAMSME with experience of Web SSO / MFA and Application integration, based upon Ping Directory, Ping … and MFA for existing applications. Working with client project manager and support planning work breakdown steps Proficient in stakeholder management. Knowledge of government security standards and processes such as ISO27001 standards, NNPPI, NIST & Cyber Essentials Plus & GDPR. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and More ❯

looking for an experienced Governance, Risk & Compliance (GRC) Project Manager to lead and deliver key compliance and accreditation programmes across the business. This role will focus on maintaining our ISO27001 and Defence Cyber Protection Partnership (DCPP) accreditations, while driving projects to achieve new certifications in ISO9001, ISO20000, and ISO14005. You ll play a pivotal role in shaping and embedding governance … stakeholders to ensure policies, processes, and controls are aligned with compliance standards, and ensuring projects are delivered on time and to scope. What You ll Do: Manage and maintain ISO27001 & Cyber Essentials+ accreditations Ensure compliance with DCPP requirements Lead accreditation projects for ISO9001, ISO20000, and ISO14005 Work with auditors, certification bodies, and key stakeholders Develop and embed governance policies, processes … senior management Deliver project plans, timelines, and reports for compliance initiatives What You ll Bring: Proven track record as a GRC, Compliance, or IT Project Manager Strong knowledge of ISO27001 (implementation & certification) Hands-on experience leading accreditation or certification programmes Excellent understanding of governance, risk, and compliance frameworks Strong stakeholder management and communication skills Detail-oriented, organised, and able to More ❯

ready for operational handover. Manage risks associated with installation or decommissioning, communicating with project managers and other stakeholders, and adopting measures to reduce risks. Plan, estimate, and schedule installation / decommissioning work, minimizing disruption and seeking necessary approvals for changes. Maintain high levels of IT security by implementing security baselines and configuration hardening in collaboration with cyber security engineers. … relevant infrastructure experience in an IT Engineer role. Strong experience with Microsoft environments and implementing security best practices. Knowledge of network security principles, IAM, and compliance frameworks like ISO 27001. Proficiency in virtualisation technologies, public cloud platforms, and hybrid environments. Excellent communication skills, able to act as a bridge between technical and non-technical stakeholders. If you are More ❯