1 to 25 of 40 ISO/IEC 27001 Jobs in the Midlands

What youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO / IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance , review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. … the near term). Significant experience in cyber security consulting or assurance, ideally within the public sector. Deep knowledge of GRC frameworks and standards ( e.g. CAF, ISO / IEC 27001, PCI DSS). Strong client-facing skills , able to communicate complex issues clearly to technical and non-technical audiences. Proven track record of … on time and influencing decision-making. Excellent written and verbal communication, including the ability to produce polished consultancy reports. Desirable certifications: ISO 27001 Lead Auditor / Implementer, CISSP, CISM, CRISC, CCP (GRC), or equivalent. Driving license and willingness to travel to client sites across the UK as required . Why join 4C Strategies? Work with More ❯

response, and resolution. Maintain and refine incident response protocols, ensuring business continuity and minimal disruption. Compliance & Risk Ensure compliance with our Saint-Gobain Policies & Rules, International Standards (e.g. ISA / IEC 62443, ISO / IEC 27001, NIST) and local legal requirements. Conduct risk assessments, reporting outcomes to senior leadership with … businesses to share, collaborate and uplift our UK&I Cyber & Information Security maturity and resilience. What We're Looking For Proven experience (3+ years) in cyber security within industrial / manufacturing / plant environments. CISSP certification (required). Strong understanding of Industrial Control Systems (HMI, PLCs, SCADA) and industrial cyber security frameworks such as the Purdue Model. Demonstrated More ❯

you. About the role: Develop and sustain the Business Management Systems in line with the required industry standards (including: IATF16949 / ISO9001 / ISO14001, TISAX / ISO27001 and AS9100 etc), accreditation requirements and business requirements across the organisation through existing and new procedures. Regulate, control, and improve the quality of all processes throughout the business. Manage the … where appropriate Train others in all aspects of the business management systems and application of procedures Assign and delegate audits to the internal audit team Undertake regular system, product / process, and effectiveness testing audits across all business management systems Ensure corrective actions are undertaken to address non-conformities found Verify closure of non-conformities with Certification Bodies and … analysis of nonconformities Ensure ongoing compliance with all Management Systems (IATF16949 / ISO9001 / ISO14001 etc) (including: IATF16949 / ISO9001 / ISO14001, TISAX / ISO27001 and AS9100 etc) Attend various meetings and action / communicate instructions Produce written reports and make presentations Undertake continuous training and development Identify business improvement opportunities within the organisation More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

Outside IR35, Dev / Sec Ops Engineer, Azure, AWS, Technical Blueprint, Best practice, Regulatory Environment background. West Midlands, London We are seeking a Senior DevSecOps Engineer to lead governance, architecture guidance, and assurance for cloud and infrastructure security across Microsoft Azure, AWS, and key SaaS platforms. This role is pivotal in defining technical blueprints, setting security standards, and ensuring … best practices, validate implementations, and support audit readiness across IaaS, PaaS, and SaaS environments. Key Responsibilities Define and maintain multi-cloud security standards and reference blueprints (e.g. Azure Policy / Initiatives, AWS Control Tower / SCPs) Own security architecture patterns and contribute to HLD / LLD, threat models, and risk assessments Set assurance criteria and control evidence … standards (Entra ID Conditional Access, MFA, PIM; AWS IAM federation) Govern SaaS security onboarding (SSO, OAuth governance, DLP controls, vendor assessments) Specify telemetry and logging requirements for Microsoft Sentinel / SOC and review analytics / reporting Lead compliance mapping for ISO 27001 and curate audit-ready evidence packs Chair Cloud & Platform Security design reviews More ❯

members. Experience required Degree in Software Engineering or related discipline. Minimum of 5+ years in a software leadership or management role. Proven experience leading software teams of 20+ developers / testers. Strong software engineering background with an understanding of modern coding standards, patterns, and tools. Demonstrated success delivering complex software projects on time and within budget. Hands-on experience … with Agile / Scrum, sprint planning, backlog grooming, and release management. Proficiency in risk management, resource allocation, and stakeholder communication. Knowledge of secure software development practices essential with any experience of the cybersecurity industry desirable. Understanding of ISO 9001 / ISO 27001 quality standards. A background in C# or C++ preferred. This More ❯

Job Description Warwick / Wokingham- 2 Days a week (Hybrid) Network Security JD : Designing, Architect, Implementing and Maintaining an organization's network security infrastructure solutions like Firewalls, IDPS, Proxy, Load Balancers, VPN, WAF etc., align with the organization's strategies, policies, and standards. Design and manage firewall policies, network access controls, AAA mechanisms, MFA, IAM solutions, RBAC, Privilege Management … and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security (OCI / Azure / AWS), Web Security, Email Security, Logging and Monitoring, General PKI and Cryptography. Evaluate and recommend security technologies, tools, and methodologies to enhance network security posture. Monitor network traffic … Maintain accurate documentation of network security configurations, processes, and procedures. Minimum 5 years’ Experience as a Security consultant, Security Architect or equivalent. Hold any Certification like Palo Alto PCNSA / PCNSE, F5, CompTIA, Zscaler, Azure, AWS, CISSP, CCSP, ISSAP, ITIL etc., Mandatory Skills: Palo Alto Networks - Firewalls . Experience: 5-8 Years . Reinvent your world. We are building More ❯

Location: Daventry, Northamptonshire Job Type: Permanent Posted: Friday, 29th August 2025 Business Systems Manager The COMPANY Our client is an independent company who have carved themselves a niche supplying / designing powertrain components (exhausts, and other specialist Automotive components) to OE Automotive customers. Their reputation and expertise is such that many of the most prestigious manufactures utilise their services. … needs of external stakeholders Assign audits to the internal audit team Ensure ongoing compliance with all Management Systems including: IATF16949 / ISO9001 / ISO14001, TISAX / ISO27001 and AS9100 First point of contact for supplier and customer-driven systems The CANDIDATE The right Business Systems Manager candidate will possess; Background in business management quality systems Automotive (or More ❯

planning through to handover, while also providing 3rd line support when required. The Infrastructure Engineer role will involve: Delivering infrastructure projects such as Azure IaaS migrations, VMware upgrades, Intune / Autopilot rollouts, Office 365 deployments, and telephony modernisation Leading change initiatives, ensuring smooth delivery, documentation, and transition to Service Desk support Supporting core systems including Windows Server, Active Directory … SQL, and networking (LAN / WAN / VPN / WiFi) Producing clear project documentation, progress reports, and stakeholder updates Working closely with clients across education and commercial sectors, building trusted relationships Skills & Experience required: Proven track record as an Infrastructure Engineer (or Senior 3rd Line Engineer) with hands-on project delivery Strong technical background across Microsoft … able to update stakeholders and produce project documentation Why this opportunity? Join a fast-growing IT services provider with exposure to a wide range of infrastructure projects Accredited organisation (ISO27001, Cyber Essentials Plus, Microsoft Partner status) Clear career path into more senior engineering or project delivery roles as the business continues to grow Collaborative, supportive team culture where Infrastructure Engineers More ❯

IT, and Fleet. Every person in every team is contributing the lasting impact our Team makes. Help build and keep the nation's critical infrastructure connected and protected 24 / 7. Reporting into the Network Services Business Unit Security Manager, the Senior Information Security officer will ensure security is embedded into all areas of the business and appropriate technical … and compliance technical assessments of all applicable standards, policies, regulation, and legislation compliance Creation of security standards and requirements documents for projects and activities to be based on ISO 27001, NIST 800-53 and ISO 22301. Review risks, propose mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process More ❯

IT, and Fleet. Every person in every team is contributing the lasting impact our Team makes. Help build and keep the nation's critical infrastructure connected and protected 24 / 7. Reporting into the Network Services Business Unit Security Manager, the Senior Information Security officer will ensure security is embedded into all areas of the business and appropriate technical … and compliance technical assessments of all applicable standards, policies, regulation, and legislation compliance Creation of security standards and requirements documents for projects and activities to be based on ISO 27001, NIST 800-53 and ISO 22301. Review risks, propose mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process More ❯

IT, and Fleet. Every person in every team is contributing the lasting impact our Team makes. Help build and keep the nation's critical infrastructure connected and protected 24 / 7. Reporting into the Network Services Business Unit Security Manager, the Senior Information Security officer will ensure security is embedded into all areas of the business and appropriate technical … and compliance technical assessments of all applicable standards, policies, regulation, and legislation compliance Creation of security standards and requirements documents for projects and activities to be based on ISO 27001, NIST 800-53 and ISO 22301. Review risks, propose mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process More ❯

technology risk, technology audit, within a financial institution, licensed money transmitter, or payments related e-commerce function. - A good understanding of IT risk and control frameworks: COBIT, NIST, ISO 27001, ITIL or equivalent. - Understanding of SDLC. PREFERRED QUALIFICATIONS - Certified Information Systems Auditor (CISA) or equivalent IT auditing and risk certification. - Certified Information Security Manager (CISM), Certified … and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country / region you're applying in isn't listed, please contact your Recruiting Partner. Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran More ❯

supporting the wider infrastructure environment when required. What youll be doing as an Azure Infrastructure Project Engineer: Leading implementation projects such as: Microsoft 365 security hardening Defender onboarding, Intune / conditional access, BitLocker, encryption, phishing simulations Azure migrations deploying new Azure VMs, Domain Controllers, SQL servers, configuring Azure Virtual Desktop (AVD) with FSLogix, backups and restores Teams Phone (Operator … Connect) implementing Teams telephony, auto attendants, call queues, voicemail, and number porting Supporting core infrastructure: Windows Server, Active Directory, VMware / Hyper-V, SQL, and networking (LAN / WAN / VPN / WiFi) Delivering changes from planning and design through to testing, go-live, and Service Desk handover Producing documentation, reporting progress, and providing training and … are desirable Why become an Azure Infrastructure Project Engineer here? Opportunity to deliver end-to-end Azure and infrastructure projects rather than just BAU support Accredited IT services provider: ISO27001, Cyber Essentials Plus, Microsoft Partner Direct exposure to projects such as Azure Virtual Desktop, Microsoft 365 security, and Teams telephony Career progression into senior technical or project delivery roles as More ❯

Security Center. Microsoft Sentinel Deep understanding of cloud-native security, zero-trust models, and secure network architecture Familiarity with compliance standards and security frameworks such as NIST, CIS, ISO 27001, GDPR, and HIPAA Excellent verbal and written communication skills with the ability to convey complex technical issues to business leaders Qualifications such as Microsoft Azure Security More ❯

frameworks, and standards (e.g., NIST, ISO 27001, CIS) Proficiency with automation and scripting to streamline security processes Background in Infrastructure as Code (ideally Terraform), audit / compliance activities, and securing CI / CD pipelines Strong communication skills with a proactive, problem-solving mindset Benefits include: 27 days annual leave plus bank holidays, with additional More ❯

opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

Linux OS’s. Skilled in protocol analysis, network architecture, and infrastructure design. Hold recognised Cyber Security qualification (CISSP, CISM or equivalent). Knowledge of industry related frameworks such as ISO27001, PCI DSS, Zero Trust Strong communication skills and the ability to communicate with colleagues at all levels. Ability to work with and manage 3rd party suppliers. Experience of managing change. More ❯

opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

Overview Monitor and manage IT security infrastructure Conduct vulnerability assessments and penetration tests Lead incident response and mitigation Implement security policies and procedures Ensure compliance with GDPR, ISO27001 Work with SIEM tools for threat detection Manage access controls and firewalls Oversee employee security awareness programs Respond to emerging cyber threats Document incidents and reports Collaborate with IT teams on security More ❯

Cybersecurity Issue / Risk Service Manager To grow the Cybersecurity team, we are looking for: Global Cybersecurity Risk Service Manager Location: Remote from Poland or UK Responsibilities: Owns the services related to Cybersecurity Risk Management Identify core requirements for Risk Management in cooperation with stakeholders Develop requirements and frameworks for Issue and Risk Management in alignment within the department … Deliver risk management services to Hitachi Energy in cooperation with the team Work closely with stakeholders to prioritize, create reports, and oversee security findings Improve management of security risks / issues and help identify areas of risk Report on the services and their continuous improvement Background: 8+ years of experience in IT / Information Security Governance in large … audit, or industry / operations) Experience in planning and operating security risk / issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) Knowledge of relevant security / governance frameworks (NIST CSF, ISO27001, CobiT, etc.) Experience in service build-up is a plus Security Governance / Risk Management More ❯

opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

initially 2 Software Engineers plus 1 Test Engineer) Architect and deliver embedded and platform software (C++ ver 17+, Python, Linux, FPGA, Django, .NET, JavaScript, SQL) Establish and govern CI / CD pipelines, automated testing, and coding standards Manage outsourced partners and drive knowledge transfer in-house Oversee engineering budget and report to senior leadership Operate in an agile, fast … Ensure robust documentation and compliance with security and quality standards Requirements Proven experience building and leading software teams in a hardware-integrated, fast scaling company or VC-backed startup / scaleup Hands-on delivery in embedded C++ on Linux, with FPGA integration Track record of architecting and delivering complex software systems Deep knowledge of CI / CD, automated … days per week in the West Midlands Desirables Experience with Yocto or PetaLinux, Vivado or Quartus, VHDL Platform engineering (API design, Django, .NET, JavaScript) Security and compliance awareness (ISO 27001, Cyber Essentials) Prior participation in technical due diligence for funding rounds Why join us? Fast-track your career in cutting edge quantum technology Join a fast More ❯

risk management services to Hitachi Energy in cooperation with the team Work closely with the stakeholders to prioritize, create reporting, and oversee security findings Improve management of security risks / issues and help identify areas of risk Reporting on the services, and their continuous improvement Background 8+ years of experience in IT / Information Security Governance in large … audit or industry / operations) Experience in planning and operating security risk / issue management-related processes and services Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security / governance frameworks (NIST CSF, ISO27001, CobiT, ) required Experience in service build up a plus Security Governance / Risk Management More ❯