22 of 22 ISO/IEC 27001 Jobs in Nottingham

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

MuleSoft, and legacy systems. Create patterns for zero-trust, API security, and data protection. Own Identity & Access: Design enterprise IAM with IdP integration (SSO / SAML / OIDC), SCIM provisioning, lifecycle controls, and secret management. Platform Security Leadership: Implement Salesforce Shield, Event Monitoring, Transaction Security Policies, and secure … Compliance: Map data flows, define ROPA, and embed privacy-by-design controls aligned to GDPR, HIPAA, and PCI DSS. Drive DevSecOps Excellence: Integrate SAST / DAST, IaC scanning, SBOM generation, and secure release governance into delivery pipelines. Monitor & Respond: Build detection use cases, integrate logs into SIEM, and establish ...

Office (GSO), which sets and ensures that the Information Security policy and standards are implemented across Experian. You will lead accreditation projects (Cyber Essentials, ISO27001, PCI-DSS), and report to the Regional Lead of Client Security Assurance. You will: Lead a complex group of accreditation projects as it relates … Partner with other stakeholders to establish the accreditation program and workstreams' governance framework, ensuring adherence to those standards. Establish and document project scope, milestone / detailed plans and risks, and then use as a basis for all discussions across the program to ensure full agreement. Engage with partners ...

tools, such as: Qualys, Rapid7, Tanium, Axonius, Armis, or other. Experience applying the following models to an enterprise security program: CMMI, ISO / IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model. Experience developing security reports, trends, and metrics analysis. Experience with the application … MITRE ATT&CK, PCI, HIPAA, GDPR or similar. Experience with cloud security practices Experience with business and technical requirements analysis, business process modeling / mapping, methodology development, and data mapping Additional Information Benefits package includes: Great compensation package and discretionary bonus plan Core benefits include pension, bupa healthcare, sharesave ...

collaboration, and continuous learning. Role Purpose We are seeking a Product Owner to lead the development and evolution of a modern, scalable, secure SaaS / cloud platform, while acting as the Security / Cyber SPOC for the organization. This hybrid role combines cloud product leadership with security oversight … ensuring the platform delivers exceptional customer experience and meets enterprise-grade security and compliance standards. Cloud & SaaS Product Leadership Define and own the cloud / SaaS roadmap, aligning with business objectives and customer needs. Drive the delivery of cloud-native SaaS capabilities, including: Multi-tenancy Self-service onboarding Elastic ...

HIPAA). Continuously contribute to process improvement, suggesting ways to enhance efficiency and customer satisfaction. Required Skills & Experience Education to NQF Level 3 / 4 in a computing-related discipline (e.g., A Level in Computing or ICT, NCC Education Level 3 Diploma in Computing, IT Users Level 3 Certificate … / Diploma). Strong GCSE results, including Maths, English, and Science. Minimum of 3 years' commercial experience in an IT and / or application support environment. Solid understanding of hosted IP telephony. Proficiency with MS Office 365 / Admin, Microsoft Windows 11, MacOS Proficiency with Azure, Teams ...

security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI / CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company's security, privacy, and data protection posture … testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure / AWS / GCP). Excellent communication skills with the ability to influence stakeholders and explain security to both technical and non-technical audiences. ...

national-scale address and change-of-address datasets. You'll take true ownership of production workflows and data pipelines that run every day, 24 / 7, supporting long-standing commercial partnerships. You'll become the expert on a mission-critical proprietary platform, with the freedom to help modernise … redevelop it. Data Quality, Analysis & Reporting Perform analytical comparisons across large datasets to assess quality, identify discrepancies and generate scoring outputs. Build derived / third-party datasets for benchmarking and analytical validation. Produce clear, meaningful insights for internal teams and selected clients. Summarise results and contribute to reports ...

Role Title: Cyber Security Architect Duration: contract to run until 31 / 07 / 2026 Location: Remote Clearance required: Active SC and NPPV Clearance is Necessary Role purpose / summary We are looking for an experienced Cyber Security Architect to lead security reviews of tenant designs … platforms meet stringent security requirements. This role is critical in preparing environments for secure onboarding and aligning with enterprise and regulatory standards. Key Skills / requirements Tenant Design Review Assess and validate cloud tenant architectures for compliance with security policies and frameworks. Identify gaps in proposed designs and recommend ...

cloud and Azure-based solutions. Translate customer requirements into secure, scalable technical architecture. Embed MDR and cyber resilience into solutions, working closely with SOC / security teams. Provide architectural guidance across pre-sales, delivery, and technical teams. Act as a technical authority in client meetings, proposals and reviews. Maintain … technologies to drive ongoing improvements. Solution Architect – Key Skills Required Essential Proven Solution Architect experience within an MSP environment. Strong Microsoft Azure expertise (IaaS / PaaS, governance, identity, networking, landing zones). Security experience across MDR, threat detection, SIEM / SOAR or security monitoring. Solid understanding of hybrid ...

Title: Security Architect Job Type: Contract Location: Remote / London (twice a month visits in London) Day Rate: £550 / day (INSIDE IR35) Contract Length: 3 Months Security Architect - Role & Responsibilities Oversee and manage the change control portfolio from a compliance and cyber risk perspective. Ensure … Security Architect - Required Experience 5+ years' experience as a Cyber Security Architect Strong understanding of information security governance, risk management, and compliance frameworks (ISO 27001, NIST, CIS, etc.). Hands-on experience defining, implementing, and enforcing security policies and controls Experience guiding cross-functional teams ...

Title: Cyber Security Consultant (GRC / Assurance) Location: Fully Remote (UK wide travel required) Employment Type: Permanent Salary: Competitive Start Date: Immediate Industry: IT Services & Consulting One our Cyber & IA consultancies are growing their GRC & Assurance consulting capability and want motivated security professionals who enjoy working closely with clients … hear from you. This is a remote role with flexibility for travel across the UK, Europe, and occasionally globally required. Cyber Security Consultant (GRC / Assurance) – Key Responsibilities Deliver governance, risk & compliance programmes Assess organisations to standards: NIST, CAF, ISO 27001, CE, SbD Develop policies ...

ISO 27001, CIS) Proficiency with automation and scripting to streamline security processes Background in Infrastructure as Code (ideally Terraform), audit / compliance activities, and securing CI / CD pipelines Strong communication skills with a proactive, problem-solving mindset Benefits include: 27 days annual leave ...

with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness … pipelines. Build and maintain systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks ...

assessments whilst collaborating with senior consultants and team leaders Maintain compliance with legal frameworks governing penetration testing and disclosure Specializations You May Develop: SCADA / OT environment security testing Cloud infrastructure penetration testing (AWS, Azure) Web services and API security Mobile application testing (iOS / Android … CHECK Team Leaders, CREST Certified Testers, and forensic specialists delivers: Penetration Testing & Security Audits: Infrastructure, application, and mobile assessments Compliance Advisory: PCI DSS, GDPR, ISO27001 implementations and certifications Incident Response & Forensics: 24 / 7 emergency response and digital evidence analysis Specialist Services: SCADA testing, social engineering, business continuity planning ...

Skills Experience with Azure data services (Fabric, Databricks, Synapse, ADF) Understanding of governance frameworks and ownership models (e.g., DAMA) Exposure to compliance environments (ISO 27001, GDPR, retention) Familiarity with unstructured data scanning and basic M365 integrations (nice to have, not essential ...

information security management, including policy development, governance frameworks and risk-based decision-making. Strong understanding of key standards such as GovAssure, Cyber Essentials, ISO27001 and ISO22301. Experience influencing stakeholders, advising senior leaders and communicating complex security concepts in a clear, accessible way. A proactive, solutions-focused mindset with the ability ...

enterprise customers. Translating requirements, leading impact assessments, generating actionable mitigations and advising on implementation. What You'll Bring Strong background in Azure security engineering / architecture, ideally in a consulting or professional services capacity. Practical knowledge of cloud security frameworks such as CAF, Well-Architected, CIS, NIST etc. Hands … beneficial. Key Responsibilities Domain Knowledge. Expertise in designing, implementing, and maintaining secure architectures, with a deep understanding of industry-standard frameworks such as ISO 27001, NIST, and CIS Controls. Knowledge of threat modelling, risk assessments, and mitigation strategies tailored to various technical and business environments. Stay ...

Skills Required Active and valid SC clearance (mandatory) Strong understanding of supplier risk, governance & compliance Experience with frameworks such as CAF, NIST, CE & ISO 27001 Excellent stakeholder engagement and influencing skills Technical security background beneficial Public sector experience + security clearance advantageous Please apply ...

operates, plus working closely with those customers who host the TAINA Platform themselves. They care deeply about best practice and work well together. Experience / skills we are looking for Primary skills: GCP, AWS, Kubernetes, Docker, Network Security GCP Cloud Service management, e.g., Kubernetes, Cloud SQL, IAM, etc. … management and configuration Proven Kubernetes experience Google Cloud Service management, GKS, Secret Management, etc. Experienced in scripting languages such as PowerShell Information security, including ISO27001 Working with network security services, IPS, IDS, firewalls Windows network management VPN management Domain setup and management Exposure to integration projects with large Banks ...

approaches and maintain CI / CD pipelines for reliable deployment and testing Security & Compliance - Operate to the highest security standards as expected by ISO27001 Qualifications and Skills Required Skills and Experience Ø 5+ years of Python backend development experience (fewer years' experience is acceptable for exceptional candidates) Ø Strong … better cross-team collaboration Ø Experience implementing LLM integration frameworks Ø Background in pharmaceutical or healthcare domain Ø Familiarity of working to ISMS ISO27001 standards Ø Growth mindset combined with tenacity Ø Entrepreneurial approach driven by curiosity and innovation Ø Deep customer centricity What We Offer Ø Competitive salary ...

scalable, secure, reliable, and enterprise-ready. Key Responsibilities Own the full platform architecture, including ingestion, scoring, data stores, APIs, and dashboards. Lead AI / ML-powered enrichment and scoring systems. Build and scale microservices, event-driven pipelines, and automated intelligence workflows. Harden cloud infrastructure and implement security, compliance … director-level leadership experience. Strong experience with cloud platforms, microservices, distributed systems, and data engineering. Solid security and compliance knowledge; experience with SOC2, ISO27001, CE+, or similar standards is a plus. Experience building early-stage or founding engineering teams. Comfortable balancing hands-on engineering with strategic leadership. Experience in risk ...