1 to 25 of 31 ISO/IEC 27001 Jobs in Gloucestershire

and procedures. Conduct post-incident reviews and lessons learned sessions to improve response capabilities. Security Tools: Utilize and maintain security tools and technologies, such as firewalls and intrusion detection / prevention systems. Ensure security tools are properly configured and updated. Evaluate and recommend new security tools and technologies to enhance security operations. Documentation: Create and maintain detailed documentation of … in scripting and automation for security tasks (e.g. Python, PowerShell). Information Security Frameworks: Working knowledge of common frameworks and standards, such as ISO 27001 / 2 / 5, NIST800-53, and Cyber Essentials. Risk Management and Compliance: Thorough understanding of Information Security Risk Management and Compliance frameworks, including ability to assess information risks More ❯

security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30 / 53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138 / 139). Proficiency in security threat More ❯

security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30 / 53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138 / 139). Proficiency in security threat More ❯

cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy / standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to the design of secure client … and threats. The subsequent analysis to quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy … verify that documentation relating to process and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation More ❯

enforce security best practices for Azure tooling, cloud workloads, and infrastructure components. Architect solutions for large-scale data centre migrations and greenfield deployments, including transformation from IaaS to PaaS / service compute. Oversee the deployment and optimisation of the Microsoft Defender Suite and cloud-native Azure security tooling. Design and manage network security components such as NSGs, network segmentation … Experience leading cloud migrations from on-premises or private data centres to Azure. Familiarity with Oracle environments, particularly during infrastructure transformation initiatives. Practical knowledge of DevSecOps and securing CI / CD pipelines. Strong foundation in network security, segmentation, and Azure networking principles. Certifications (Preferred) CISSP – Certified Information Systems Security Professional CCSP – Certified Cloud Security Professional CISM or SSCP – Highly … desirable Bonus Skills & Knowledge Awareness of compliance and risk frameworks such as ISO 27001, NIST, and CIS Benchmarks. Ability to support threat modelling, cloud risk assessment, and incident response planning. Exposure to Infrastructure-as-Code (IaC) security using tools like Terraform, ARM templates, or Bicep. Skilled in translating technical risks into business terms for senior stakeholders. More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

projects, functions, and services as required. Practicing continuous self-learning to keep up-to-date with industry trends and developments to enhance your relevant skills. Skills & experience Essential skills / behaviours: You'll have a broad understanding of the services that the organisation provides to its customer base and be able to map this to Cyber Security policies and … communicator with the ability to interface at the highest level and exhibit good verbal, written and presentation skills. Experience of working within key Cyber Security principles and standards (ISO 27001, NIST, Cyber Essentials, MITRE). [i] Experience working in a customer-facing role desirable. You should have experience in managing team driven workloads. Demonstrable experience driving More ❯

OT Cyber Security Consultant Location: UK-wide (Remote / Hybrid) Job Type: Full-time Salary: Up to 100K + Benefits (depending on experience) We are currently recruiting for two OT Cyber Security Consultants to join a leading, nationwide organisation delivering high-impact cyber advisory services across critical infrastructure and the built environment. These roles are ideal for experienced cyber … within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport More ❯

experience in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What More ❯

IAM SailPoint Analyst - Urgent Contract Day Rate: £450 - £550 Via Umbrella Engagement Location: Gloucestershire (Hybrid 1-2 Days P / W - Can be flexible) We are seeking a highly motivated IAM SailPoint Analyst to join our Information Security team. This role is crucial for administering, maintaining, and supporting our Identity and Access Management (IAM) systems and processes, ensuring users … Strong understanding of IAM concepts (authentication, authorization, provisioning, SSO, MFA, PAM). Familiarity with directories (Active Directory, LDAP). Knowledge of industry security frameworks and compliance (e.g., NIST, ISO 27001). Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome More ❯

to day IT operations. A few of our employee benefits are: 25 days holiday per year (plus bank holidays), increasing with long service and with the opportunity to buy / sell up to 5 days Private medical insurance with optional family cover Pension scheme of up to 7% employer contribution Life Assurance 4x salary (flexible up to 10x) Group … servers including upgrades, backups, server hardware upkeep, and virtual environments, including hypervisor support (Nutanix, VMware). Physical DataCentre support and maintenance activities EndPoint Support; Build, support, and maintain Windows / Linux workstations Documentation & Compliance: Maintain and update knowledge articles, technical documentation, and support compliance reporting and remediation efforts. User Lifecycle & Asset Management: Oversee new hire / leaver processes … MCP) VMware / VCP, or Nutanix certifications are highly desirable Experience with Nutanix and Cohesity Experience with Linux Workstation and Server Support Working to standards in accordance with ISO27001, CyberEssentials Plus, UK Government MoD framework Knowledge and application of ITIL concepts, or an ITIL v3 certification Business Continuity / Disaster Recovery Testing, Planning and Upkeep Ability to manage More ❯

to multitask and prioritise in a fast-paced environment. Desirable: Experience using Power BI to visualise and communicate data insights. Awareness of international information security standards and frameworks (e.g. ISO27001, ISO27017, GDPR, Cyber Essentials Plus). Understanding of common security risks, threats, and mitigation approaches. Tenacity, attention to detail, and a problem-solving mindset. Willingness to learn and develop in More ❯

reduce manual intervention. Support the company in integration of new technologies. Work with our IT security and compliance team to improve IT security and maintain the company's ISO 27001 certification, Cyber Essentials Plus, and BSI C5. Actively participate in on-call and platform service, troubleshooting, resolving issues, and handling escalations to other technical teams, senior More ❯

by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … . Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or … application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible More ❯

down to the successful candidate. You can expect: Design and manage scalable, secure cloud environments using Azure Bicep, ARM, or Terraform Lead the implementation of DevSecOps practices including CI / CD, secrets management, zero-trust security, and vulnerability management Develop secure cloud-native architectures including microservices, containers, and serverless patterns Ensure compliance with industry security and privacy standards ( e.g. … ISO 27001, SOC 2, GDPR) Secure containerised environments, including Kubernetes and Docker Collaborate with developers to integrate secure deployment pipelines across the SDLC Support deployments in client environments, including on-prem and multi-cloud Continuously improve infrastructure processes for performance, reliability, and security Where you'll be stretched (and thrive): We're growing fast: That means … skillsyou'll need to succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI / CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as More ❯

not limited to requirements such as GDPR & ISO 27001. Collaborating with other areas within the company such as the Infrastructure & DevOps teams to integrate virtualisation with CI / CD pipelines and other automation frameworks. Skills: VMWare - vSphere Hyper-V Strong knowledge with automation and scripting technologies such as Python, PowerShell or Ansible. Cloud-based virtualisation (e.g., Azure … GCP, AWS) Knowledge around relevant industry standards such as ISO 27001 & GDPR. Benefits Healthcare package Life Works Gym Allowance Cycle to Work Long-Term Sickness Insurance Employee Assistance Programme Discretionary Bonus Infrastructure Engineer (DV Cleared) | £70,000-£90,000 | VMware | Hyper-V Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this More ❯

skills and experience Strong stakeholder management skills A strong understanding of enterprise ICT and security principles A strong understanding of cloud security concepts and technologies Understanding of the CI / CD process and security integrations Audit experience (eg ISO 9001 / 27001) is desirable Excellent communication and collaboration skills What we offer A competitive More ❯

way Work closely with digital, cybersecurity, platform, and business teams to translate strategic goals into practical technical designs Champion security-by-design and compliance with frameworks like NIS2 and ISO27001 Guide architectural decisions across Azure, Power Platform, M365, and related tools Steer innovation, solution modernisation, and cloud governance Manage a team of solution architects, developing capability and fostering a culture More ❯

way Work closely with digital, cybersecurity, platform, and business teams to translate strategic goals into practical technical designs Champion security-by-design and compliance with frameworks like NIS2 and ISO27001 Guide architectural decisions across Azure, Power Platform, M365, and related tools Steer innovation, solution modernisation, and cloud governance Manage a team of solution architects, developing capability and fostering a culture More ❯

across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001 / 2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138 / 139). Familiarity with HMG security More ❯

Role: Penetration Tester Type: Permanent Location: Cheltenham / Remote Clearance: SC / DV Are you an offensive security specialist who is excited about delivering the best service possible? Keen to work in a business where you stand to work alongside some very talented testers? CND are working with a boutique Cyber Security consultancy who are focused on the … penetration testing • Ideally, a knowledge of Cloud services such as Azure or AWS • Capability to script or code in Bash, Python etc • Appreciation for Cyber Security standards such as ISO27001, PCI-DSS or CIS This is a role with a growing, exciting organisation who can offer you a strong degree of progression and the ability to undertake testing work with More ❯

product features or platforms. Monitor and report on product performance, customer satisfaction, and uptake across the client base. Ensure services are compliant with security and regulatory standards (e.g. ISO 27001, Cyber Essentials Plus). Work closely with technical architects and engineering leads to ensure technical feasibility and service alignment. Essential Skills & Experience Proven experience as a More ❯

product features or platforms. Monitor and report on product performance, customer satisfaction, and uptake across the client base. Ensure services are compliant with security and regulatory standards (e.g. ISO 27001, Cyber Essentials Plus). Work closely with technical architects and engineering leads to ensure technical feasibility and service alignment. Essential Skills & Experience Proven experience as a More ❯

to deliver cyber services, working closely with those responsible for service delivery. Managing and coordinating all processes and work instructions documented in accordance with Jisc's certifications, including ISO9001, ISO27001, and CREST. Developing and implementing strategies to streamline the onboarding process, ensuring it is efficient and effective. Quickly addressing and resolving any issues or challenges that arise during the onboarding … bank holidays) that includes three closure days over Christmas plus the opportunity to buy up to an additional 5 days leave during the flexible benefits window A comprehensive 24 / 7 mental health support package, including coaching and appropriate counselling or specialist therapy, with no predetermined limit on the number of sessions you can access Annual Jisc performance award More ❯

e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government) Undertake cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across … Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't have a fixed More ❯