13 of 13 ISO/IEC 27001 Jobs in Reading

Product Delivery Manager +SC cleared role +Hybrid working 2 / 3 days a week in Reading +Inside IR35 + 80 - 83 ph We are seeking an experienced Product Delivery Manager to lead the delivery of model-based Product Security digital capabilities across a complex, regulated engineering environment. Reporting … digital toolchains, including: Threat & risk modelling (STRIDE, STPA-Sec, TARA, attack trees) Security requirements & controls modelling SBOM & vulnerability management Cryptography & key management governance Configuration / change control Verification & validation orchestration Security / assurance case evidence Define Product Security reference architecture and Digital Thread integrations Own roadmap, backlog ...

Systems Engineer +SC cleared role +Hybrid working 2 / 3 days a week in Reading +Inside IR35 + 80 - 83 ph We are seeking an experienced Senior Systems Engineer to lead the delivery of model-based Product Security digital capabilities across a complex, regulated engineering environment. Reporting … digital toolchains, including: Threat & risk modelling (STRIDE, STPA-Sec, TARA, attack trees) Security requirements & controls modelling SBOM & vulnerability management Cryptography & key management governance Configuration / change control Verification & validation orchestration Security / assurance case evidence Define Product Security reference architecture and Digital Thread integrations Own roadmap, backlog ...

structured documentation suitable for both humans and AI models. Ensure all documentation is version-controlled, accessible, and aligned to enterprise governance frameworks. ISO & Cybersecurity Alignment: Ensure policies … support compliance with: ISO 27001, ISO 27701, ISO 22301, ISO 31000, Cyber Essentials / CE+, NIST Cybersecurity Framework (CSF). Conduct gap analyses against new or updated standards and lead remediation activity. Audit & Assurance: Support internal and external audit ...

seeking an experienced Information Security Manager to lead, develop, and continuously improve our Information Security Management System (ISMS) , ensuring compliance with ISO 27001:2022 and protecting the digital infrastructure. In this strategic yet hands-on role, you'll manage cyber risk , drive security governance , and embed … information assurance, incident response, supplier security , and regulatory compliance . What you'll do: Own and maintain the ISMS in line with ISO 27001 standards. Lead audits, risk assessments, and incident response. Oversee supplier assurance and security governance. Promote cyber awareness and staff training. Support ongoing ...

Oracle HCM Cloud - Functional Lead Location: Reading / Havant / Thatcham / Perth Duration: 3 month Support the successful delivery of the Oracle Fusion HCM Project through liaison with SI Partners, OCS, Business SMEs and IT colleagues through the build, test and cut over phases. Take particular … Integration's and Data Migration Workstream, mitigate, and manage these as required. Support the upcoming test phases with expertise in Parallel Payroll Runs / Payroll Comparison testing a particular focus Produce a range of project documentation, including but not limited to specs, strategies, project plans, RAID items. Translate technical ...

contribute to projects, upgrades, and service transformations with minimal disruption to clinical services Ensure compliance with NHS, information governance, and security standards (including ISO27001) Provide out-of-hours support on a rota basis tomaintainavailability of core systems for frontline clinical services Deputise for the IT Infrastructure Manager whenrequired About … other questions you may have. Pleasedonthesitate to call:Shiva PallapothuIT Infrastructure Manageron01189046290 or email:Shiva.Pallapothu@berkshire.nhs.ukwhollbe delighted to help. Person Specification Education / Qualifications / Training Essential Educated to degree level or significant equivalent experience. Certification in Microsoft Azure, Windows Server Hybrid Administrator Associate or significant relevant experience ...

Role / Job title Vulnerability Management Specialist Cloud Role type - Permanent / Fixed Term / Contracting Contract Mode of working Hybrid / office based Hybrid If Hybrid, how many days are required in office? 4 Number of positions 1 Duration of assignment 6 Months The Role … frameworks (e.g., Rapid7, Nessus, Qualys, OpenVAS). oknowledge in scripting languages (e.g., Python, PowerShell) for automation. oKnowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS Controls). Analytical Skills: oAbility to conduct risk assessments and prioritise vulnerabilities based on business impact. oExperience in creating ...

standards and guidance materials. Maintain a structured policy framework that aligns with organisational requirements, legal obligations and external standards (e.g. JSP 440 , JSP 604 , ISO27001 , NCSC , NIST , GDPR ). Collaborate with cyber, risk, legal, assurance and delivery stakeholders to ensure policies are fit-for-purpose and support effective implementation. Track … Skills & Experience Active SC Clearance Strong understanding of security and cyber policy frameworks including: JSP 440 / JSP 604 NCSC Cloud Security Principles ISO27001 / NIST Cybersecurity Framework Information assurance, data protection and risk governance in regulated environments Proven experience in writing, reviewing and maintaining formal policy documentation ...

Details Role / Job Title: Vulnerability Management Specialist Cloud Work Location: TCS Reading Role Type: Contract Mode of Working: Hybrid Hybrid Requirement: 4 days The Role The Vulnerability Specialist is responsible for working with all the stakeholders within Security and throughout the business for developing and enforcing the strategy … frameworks (e.g., Rapid7, Nessus, Qualys, OpenVAS). Knowledge in scripting languages (e.g., Python, PowerShell) for automation. Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS Controls). Skills & Competencies Analytical Skills Ability to conduct risk assessments and prioritise vulnerabilities based on business impact. Experience ...

business representatives. Explaining to and communicating with non-technical audiences You will have awareness of common Information Security management frameworks such as ISO 27001, COBIT, Information Security Forum and NIST. Job Summary: Develop and test Oracle Fusion HCM reports ensuring the alignment of application with business … documentation, including but not limited to specs, strategies, project plans, RAID items. Translate technical concepts or terminology for non-technical audiences. A strong customer / client focus, with the ability to manage expectations appropriately and provide a superior customer / client experience. Ability to interact with staff ...

across the business. Key Responsibilities Support compliance activities linked to key MOD and cyber frameworks, including: DEFCON , DEFSTAN 1568 , Cyber Essentials Plus , and ISO 27001 . Maintain compliance documentation, evidence logs, and audit trails. Assist with internal and external audits (audit experience preferred). Ensure security … Experience in compliance, audit, cyber security, or defence-regulated environments. Working knowledge of at least one of: DEFCON, DEFSTAN 1568, Cyber Essentials Plus, ISO 27001. Strong organisational and documentation skills. Confidence working with internal stakeholders in compliance-driven settings. High levels of accuracy and attention to detail. Desirable ...

Senior SOC Analyst – Cloud Security / Detection Engineering Location: Hybrid - Remote with the requirement to attend team meetings in the Reading office once a month Type: Permanent | Full-time Sector: Software / SaaS Salary: £75,000 - £90,000 + 5% annual bonus Ballantyne Technology is working exclusively … forensics and root cause analysis. Designing, tuning and improving detection across SIEM and EDR platforms. Proactive threat hunting across cloud infrastructure, applications, and CI / CD environments. Building and maintaining automation and response playbooks using SOAR tooling. Working closely with DevOps, infrastructure and engineering teams to improve security posture ...

awareness plan to support policy adoption Coordinate messaging across internal teams, suppliers, and delivery partners Translate complex security policy frameworks (e.g. JSP 440, ISO27001, NIST, NCSC ) into audience-appropriate materials Produce clear communication outputs such as FAQs, dashboards, briefing packs and campaign content Track policy updates, engagement gaps, and risks … inconsistent understanding or uptake Essential Skills & Experience: Background in cybersecurity , cyber policy , or information assurance Familiarity with frameworks such as JSP 440 , JSP 604 , ISO27001 , NIST , and NCSC Cloud Security Principles Experience delivering communications or policy engagement in secure or regulated environments Strong written and verbal communication skills - comfortable engaging ...