1 to 25 of 30 ISO/IEC 27001 Jobs in Scotland

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec / Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems. They're a great firm we've seen … more), so take a look and apply if this looks like a great next step for your career: Key Responsibilities: Develop, execute, and maintain the overarching information security strategy / policies / relevant frameworks in adherence to ISO standards and other key regulations Oversee the firm's ISO 27001 accreditation and oversee … regular risk assessments; taking ownership of the register and plans Draft and implement InfoSec metrics / key performance indicators / reporting (up to board level) to demonstrate security / control / initiative effectiveness Audit and improve the firm's security operations across the spectrum, including incident response and escalation / best coding and config practice More ❯

technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec / Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems. They're a great firm we've seen … more), so take a look and apply if this looks like a great next step for your career: Key Responsibilities: Develop, execute, and maintain the overarching information security strategy / policies / relevant frameworks in adherence to ISO standards and other key regulations Oversee the firm's ISO 27001 accreditation and oversee … regular risk assessments; taking ownership of the register and plans Draft and implement InfoSec metrics / key performance indicators / reporting (up to board level) to demonstrate security / control / initiative effectiveness Audit and improve the firm's security operations across the spectrum, including incident response and escalation / best coding and config practice More ❯

enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration • Lead end-to-end migration from legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. • Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem • Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance • Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. • Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (e.g., NHS DSP Toolkit, HIPAA). • Define data retention policies, PIA / DPIA frameworks … and lawful intercept / emergency call handling. DevOps & Automation • Establish CI / CD pipelines for flows, Lambda, Lex bots, and infrastructure using CloudFormation / Terraform / CDK. • Implement automated testing and version control for safe, repeatable deployments. Operational Excellence • Define KPIs / SLAs (AHT, CSAT / NPS, abandonment rates) and build real-time dashboards More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

Screening questions Prior experience supporting DERMS or other OT / IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud / hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting / automation … skills (Python, Bash, PowerShell) for operational efficiency Key Responsibilities: Deliver L2 / L3 support for DERMS applications, integrations, and services. Monitor system availability, performance, and data flows between DERMS, grid control systems (SCADA, ADMS, EMS), and distributed energy resources. Investigate and resolve incidents, service requests, and escalations in alignment with SLA requirements. Conduct root cause analysis (RCA) and drive … experience in application support, energy management systems, or grid operations platforms. Strong understanding of DERMS functions, distributed energy resources (solar, wind, batteries, EVs), and grid operations. Proficiency with Linux / Unix administration, databases (SQL / Oracle / PostgreSQL), and APIs / integration tools. Solid troubleshooting skills across application, middleware, and network layers. Experience with monitoring tools More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSEs digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews, pilots More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSEs digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews, pilots More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSE s digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSE’s digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSE’s digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews More ❯

enterprise standards for security, cost efficiency, and operational sustainability. Implementation & Migration Lead full-scale migrations from legacy platforms (e.g., Avaya, Cisco, Genesys) to AWS Connect. Design and deploy IVR / contact flows, Amazon Lex conversational bots, analytics tools, and agent support solutions. Integration & Ecosystem Development Architect seamless integrations with CRM and ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … PCI-DSS, ISO 27001, and industry-specific standards. Develop data retention policies, privacy impact frameworks, and procedures for emergency call handling. DevOps & Automation Establish CI / CD pipelines for Lambda, Lex bots, contact flows, and infrastructure using CloudFormation, Terraform, or CDK. Introduce automated testing, version control, and repeatable deployment practices. Operational Leadership Monitor KPIs / SLAs including AHT, CSAT / NPS, and abandonment rates via dashboards. Drive capacity planning, incident management, and continuous service improvement initiatives. Stakeholder & Governance Engagement Facilitate executive-level workshops, translating business needs into technical roadmaps. Prepare TCO / ROI analyses, investment cases, and maintain audit-ready documentation. Required Experience & Skills 15+ years in architecture or engineering roles, including More ❯

disaster recovery. This role will require a minimum of 2 days on site working in Glasgow and offers an excellent opportunity for the right candidate to progress. Required skills / Experience: Background in Information Security and the ability to lead a team of information security analysts In-depth knowledge of security policies and frameworks such as Cyber Essentials, ISO 27001 / 22301, and NIST Experience working with operations teams to ensure compliance Understanding of a variety of security tools, in particular Microsoft Purview or another data loss prevention platform Ability to research and evaluate emerging cyber security threats and how to manage them Experience having input into disaster recovery plans as well as the More ❯

disaster recovery. This role will require a minimum of 2 days on site working in Glasgow and offers an excellent opportunity for the right candidate to progress. Required skills / Experience: Background in Information Security and the ability to lead a team of information security analysts In-depth knowledge of security policies and frameworks such as Cyber Essentials, ISO 27001 / 22301, and NIST Experience working with operations teams to ensure compliance Understanding of a variety of security tools, in particular Microsoft Purview or another data loss prevention platform Ability to research and evaluate emerging cyber security threats and how to manage them Experience having input into disaster recovery plans as well as the More ❯

Role: - Solution Architect (Amazon Connect Architect) Location: Glasgow, UK (Hybrid) (3 Days onsite in a week is Mandatory) Duration: Both Contract & Permanent position Required Qualifications:- 15+ years in architecture / engineering, 10+ years in contact centre technologies, 5+ years with Amazon Connect. Proven delivery of enterprise-scale Amazon Connect implementations with complex integrations. Expertise in AWS services: IAM, VPC … Kinesis, CloudWatch, DynamoDB. Strong knowledge of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001, NHS DSP Toolkit). Hands-on experience with IaC (CloudFormation / Terraform / CDK) and serverless development (Node.js / Python). Preferred Qualifications:- AWS Solutions Architect Professional and Amazon Connect specialization. Experience with Contact Lens, Wisdom / Q in Connect, Voice ID, and outbound campaigns. Sector experience in healthcare / public sector or regulated industries. Familiarity with SIP, telephony routing, and Ofcom regulations. Success Metrics:- Delivery of secure, compliant architecture aligned to global regulatory standards. Achieve 99.99% availability, measurable improvements in CSAT / NPS, and reduced AHT. Full migration from legacy platforms within agreed More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

with IT, procurement, risk, and project teams to embed strong security practices throughout delivery lifecycles. ** Assist with audit activities and help maintain alignment with recognised frameworks such as ISO 27001 and NIST. ** Provide security guidance to stakeholders and promote a culture of awareness and accountability. Who We're Looking For ** Background in information security, risk assessment More ❯

Glasgow-based client who are looking for an Information Security Manager to harden their security posture, manage risk appetite, strengthen their GRC policies & controls focusing heavily on PCI-DSS & ISO27001, and manage their MSSP and a small team from a technical cyber perspective.The ideal candidate will have worked autonomously across these spaces previously. This role does not provide sponsorship. What … You'll Be Doing: Assisting the Head of IT with developing the scope for ISO27001 certificationAchieving ISO27001 certification further down the lineCoordinating the client's efforts to achieve / maintain compliance with PCI-DSS and NIS. Leading a small but growing information security function. Liaising with the managed service security provider from a policy improvement and managed detection and … developing security compliance in line with PCI-DSS and ISO27001. Experience working in an Information Security function in a managerial / mentorship capacity. Practical knowledge of PCI-DSS, ISO27001 and NIST.Experience implementing and validating security controls. Experience developing and improving long-term security strategies based on your knowledge of industry standardsA go-getter who's able to work autonomously More ❯

extended managed service team * Manage and presenting to the security advisory board * Implement and maintain compliance with industry best practice and security frameworks including Cyber Essentials +, NIST, CAF, ISO27001, and other recognised frameworks. * Act as the on-site SME facing off to, and working closely with, the organisation's managed service security provider. * Oversee advanced monitoring and risk management … the cybersecurity strategy * Drive security awareness initiatives What We're Looking For * Experience operating at a senior leadership level within security roles * Experience achieving and maintaining various security accreditations (ISO27001, Cyber Essentials+) on behalf of organisations * Experience owning or implementing a strategy * Strong communication skills * A technical IT background with a good understanding of networking, communication protocols and cloud technologies. More ❯

extended managed service team* Manage and presenting to the security advisory board* Implement and maintain compliance with industry best practice and security frameworks including Cyber Essentials +, NIST, CAF, ISO27001, and other recognised frameworks.* Act as the on-site SME facing off to, and working closely with, the organisation's managed service security provider.* Oversee advanced monitoring and risk management … the cybersecurity strategy* Drive security awareness initiatives What We're Looking For * Experience operating at a senior leadership level within security roles* Experience achieving and maintaining various security accreditations (ISO27001, Cyber Essentials+) on behalf of organisations* Experience owning or implementing a strategy * Strong communication skills* A technical IT background with a good understanding of networking, communication protocols and cloud technologies. More ❯