1 to 25 of 41 ISO/IEC 27001 Jobs in Scotland

on key security metrics and risk indicators. Identify, register and assess cyber risks across business processes, applications, and industrial systems and translate security policies into actionable controls for IT / OT environments. Drive cybersecurity awareness and training tailored to business and OT users. Ensure compliance with industry regulations (e.g. ISO / IEC 62443, GDPR … IEC 62443). Relevant certificates for proof of competence are an advantage: CISSP, GICSO, CRISC CISM, CISA, ISO 27001 Lead Auditor / Implementer Good knowledge of the ISO 27000 series of standards Very good abstraction skills and pronounced skills in logical-analytical and informatic thinking Very good command of spoken and … on support from committed colleagues. We offer attractive employment conditions and opportunities for personal and professional development. More Information We welcome your application in English, no later than 24 / 08 / 2025. We kindly request that you do not send applications by any means other than via our website as we cannot guarantee that we will be More ❯

Microsoft Dynamics Nav Developer. This is an excellent opportunity to make a meaningful impact within a collaborative and forward-thinking environment. The Role at a Glance: Microsoft Dynamics NAV / BC Developer - C / AL / AL. 100% Remote UK £60,000 - £70,000 Training and Development Contributory pension scheme, Perkbox Membership Company: Leading provider of tailored … chain, inventory management and the back-office; benefiting both the NHS and healthcare suppliers Pedigree: First GS1 UK Approved Solution for inventory management in the NHS. ISO / IEC 27001:2022 Certified. ISO Certified Awards: Extensive awards in the Heath Tech, Innovation & Supply Chain Categories Other Tech Innovations: 360 Healthcare Management … Familiar with Microsoft SQL Server, XML, APIs, and other OOP languages (e.g., C#, Java). Tooling & Standards: •Experienced with DevOps, GitHub, and automated testing tools. •Knowledge of ISO9001 and ISO27001 standards and integrated management systems. Consultancy & Mentoring: •Consultancy experience in Microsoft Dynamics NAV / BC implementations. •Familiar with third-party NAV / BC tools such as Tasklet Mobile More ❯

using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role: Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards Conduct risk assessments across business units, vendors, and projects Monitor regulatory changes and ensure compliance with legal and contractual obligations Support … Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Knowledge of OneTrust risk management toolset or similar preferred More ❯

Information Security Specialist Apply remote type Hybrid locations Glasgow (GBS) time type Full time posted on Posted 14 Days Ago job requisition id JR352 The Team The Cyber Defence / Security Operations Team manages Clyde & Co's global cyber security operations, including Threat & Vulnerability Management and Detection & Response. The team supports secure delivery across the Firm while protecting against … evolving cyber threats. This role will support the development of a 24 / 7 Detect & Response capability by working with IT, business stakeholders, and third parties to reduce and pre-empt cyber risk. It's an exciting opportunity to contribute to a high-performing, evolving security function. Key Responsibilities Reporting to the Cyber Defence / Security Operations Global … Lead, the role supports and enhances security operations across: Threat & Vulnerability Management Configure and monitor endpoint / host-based security tools. Identify and manage vulnerabilities; lead mitigation discussions. Oversee vulnerability scans and third-party pen tests. Track and resolve test findings. Stay updated on emerging threats. Incident Detection & Response Triage and investigate security incidents. Respond to incidents and enhance More ❯

by helping anticipate, detect, and respond to evolving cyber threats. What You'll Do Design and implement secure software solutions, applying security-by-design principles and recognised standards (ISO 27001, NIST). Conduct threat modelling, code reviews, vulnerability assessments, and penetration tests to identify and mitigate risks. Respond to security incidents, perform root cause analysis, and … in using vulnerability assessment and penetration testing tools (e.g. Nessus, Burp Suite) Familiarity with security frameworks (ISM, PSPF, ISO 27001) and tools like SIEM, IDS / IPS, and threat intelligence platforms Excellent problem-solving, communication, and collaboration skills, with strong attention to detail and a proactive mindset We welcome applications from candidates with entry-level More ❯

investigation of incidents, root cause analysis, and coordination of response actions. Implement and administrate security operational controls across AWS, Azure, and on-prem environments, ensuring consistent alignment with ISO 27001, PCI-DSS, CIS and internal governance requirements. Deliver clear, actionable security reporting and dashboards for both technical and executive audiences, covering vulnerabilities, threats, control coverage, and … schemes. Contributory workplace pension scheme. Additionally, you'll get an extra day to celebrate your birthday. Opportunities to grow : You'll receive training and coaching for your personal development / progression, and employee recognition programmes to help you grow in your career. Health : You'll have access to private medical insurance, life assurance, and more. Wellbeing : You'll enjoy … discounts on gym memberships, cycle to work schemes, and a 24 / 7 employee assistance programme. You'll also have sociable working hours and breakfast / snacks provided in the office. Supportive, open, and value-driven culture : Ethics. Dedication. Solutions. Empathy. Our values aren't just words hanging in the reception. They guide us all daily. It's More ❯

the effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders … board members, and external partners to ensure accountability and clear decision-making processes. Qualifications A proven track record in leading cybersecurity risk and governance transformations in complex or government / defence environments. Deep knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory obligations. Experience designing and implementing cybersecurity governance structures from the … field. Professional certifications: CISSP, CISM, CRISC (or equivalent experience). Minimum 10 years' experience in cybersecurity transformation, ideally in a defence or maritime context. UK Government security clearance (DV / SC) Why Nortal We live by our values: commit to delivering value and results, take ownership, empower yourself and others, and own your future and growth A collaborative and More ❯

Develop and implement security policies and practices, with a strong emphasis on DLP and DSPM. Ensure proactive risk management and compliance with internal and external regulatory standards (e.g., ISO 27001, NIST). Continuously assess and improve the organisation's data security posture. Innovation and Change Enablement Partner with the DLM Product Owner to modernise data loss … you'll need Experience leading engineering teams and running technical product delivery. Strong background in infrastructure strategy, automation, and cybersecurity. Knowledge or experience of working in Data Loss Prevention / Data Security and with a variety of DLP or DSPM technology solutions. Ability to handle budgets, develop strategic plans, and deliver measurable outcomes. Expertise in developing and implementing security … in change management or programme delivery to implement technology strategy and vision. In addition, any experience of these would be useful Experience with cloud infrastructure, DevOps practices, and CI / CD pipelines. Familiarity with infrastructure monitoring, logging, and alerting tools. Knowledge of regulatory compliance frameworks (e.g. ISO 27001, NIST). Knowledge of Information Security, SIEM More ❯

Develop and implement security policies and practices, with a strong emphasis on DLP and DSPM. Ensure proactive risk management and compliance with internal and external regulatory standards (e.g., ISO 27001, NIST). Continuously assess and improve the organisation's data security posture. Innovation and Change Enablement Partner with the DLM Product Owner to modernise data loss … you'll need Experience leading engineering teams and running technical product delivery. Strong background in infrastructure strategy, automation, and cybersecurity. Knowledge or experience of working in Data Loss Prevention / Data Security and with a variety of DLP or DSPM technology solutions. Ability to handle budgets, develop strategic plans, and deliver measurable outcomes. Expertise in developing and implementing security … in change management or programme delivery to implement technology strategy and vision. In addition, any experience of these would be useful Experience with cloud infrastructure, DevOps practices, and CI / CD pipelines. Familiarity with infrastructure monitoring, logging, and alerting tools. Knowledge of regulatory compliance frameworks (e.g. ISO 27001, NIST). Knowledge of Information Security, SIEM More ❯

IT Solutions Architect (Aberdeen / Scotland) As an IT Solutions Architectwithin Redsquid , you will be responsible for designing and delivering best-in-class IT solutions tailor ed to the evolving needs of our clients. This is a hands-on, client-facing role that combines deep technical expertise with strong commercial awareness and strategic thinking. About the Job Permanent, Full … role that combines deep technical expertise with strong commercial awareness and strategic thinking. You will lead technical discovery sessions, design scalable solutions acrossMicrosoft 365, Azure, Microsoft Sentinel, Intune, andnetwork / firewall infrastructure, and support the sales team with pre-sales input and client proposals. You will also guide project delivery, ensuring solutions are implemented to a high standard with … governance including policies, management groups, tagging, cost control, and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating workbooks / dashboards, and writing KQL queries. Understanding of incident response, security event correlation, and automation via Logic Apps. Solid grasp of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection More ❯

2nd Line / 3rd Line Service Desk Analyst Job Type: Permanent Full-Time - Hybrid 3 days in the office / 2 days WFH Location: Edinburgh City Centre Salary: £28,000.00-£40,000.00 (depending on experience) Hours of work: The hours of work are 37.5 per week between 7:30 - 18:00 with 1h lunch break (rotating shifts … client is a leading IT MSP based in the Edinburgh area who are recruiting for a 2nd Line Service Desk Analyst or 3rd Line Service Desk Analyst. 2nd Line / 3rd Line Service Desk Analyst Responsibilities: Provide an exceptional customer experience through technical support and assistance to end-users remote or on-site as required. Troubleshoot and resolve hardware … commitment to good quality and information security management (ISO 27001 and ISO 9001 certifications) by adhering consistently to policies and procedures. 2nd Line / 3rd Line Service Desk Analyst Knowledge / Skills Required: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed More ❯

2nd Line / 3rd Line Service Desk Analyst Job Type: Permanent Full-Time - Hybrid 3 days in the office / 2 days WFH Location: Edinburgh City Centre Salary: £28,000.00-£40,000.00 (depending on experience) Hours of work: The hours of work are 37.5 per week between 7:30 - 18:00 with 1h lunch break (rotating shifts … client is a leading IT MSP based in the Edinburgh area who are recruiting for a 2nd Line Service Desk Analyst or 3rd Line Service Desk Analyst. 2nd Line / 3rd Line Service Desk Analyst Responsibilities: Provide an exceptional customer experience through technical support and assistance to end-users remote or on-site as required. Troubleshoot and resolve hardware … commitment to good quality and information security management (ISO 27001 and ISO 9001 certifications) by adhering consistently to policies and procedures. 2nd Line / 3rd Line Service Desk Analyst Knowledge / Skills Required: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed More ❯

operational technology to meet business, production, & operational goals. Principal Network & Cyber Security Engineer responsibilities Provide expertise in Network Design, implementation, & testing for networks supporting Automation & Control Systems Solutions Identify / define the network requirements for Automation & Controls solutions Develop Detailed Network Architecture Create Network Dataflow Diagrams Produce Cybersecurity requirement specifications Develop Network Schedules (IP addresses, Data communication, server & VM … Support standardization of project workflows Skills & Qualifications Expected: BSc Degree or equivalent experience Experience in Control System Network Design Engineering Understanding of IEC62443 & IEC 27001 / 2 standards Knowledge of Automation & Control engineering disciplines Experience in writing Network specifications Experience with multiple system implementations & control platforms Experience in Brownfield upgrades & replacements Knowledge of Rockwell & Schneider … PLC / SCADA systems (advantageous) Thorough knowledge of engineering practices, standards, & procedures Knowledge of cybersecurity tools & standards Multi-sector & global project experience Problem-solving skills Desirable: Knowledge of process automation & real-time systems Experience with security governance, risk, & compliance controls Experience with vulnerability management & penetration testing tools Candidates must be eligible to work in the UK. With over More ❯

place to work. About the role We're recruiting for an Internal Compliance Officer to be tesponsible for managing and maintaining compliance accreditations with a particular focus on ISO 27001, including leading internal and external audits and maintaining a comprehensive set of company policies. The role involves ensuring adherence to evolving regulations, general Health & Safety tasks … assessments, and supporting incident response processes. Key responsibilities include: Compliance Accreditations Overall management of Compliance areas of responsibility within our Information Security Management System (ISMS) including leading the ISO Committee, management and scheduling of internal audits and ensuring existing policies are updated to reflect organisational practises Responsibility of the successful completion and scheduling of our external audits with … our people strategy, with a number of innovative wellness initiatives such as flexi-time, where employees can vary their start and finish times within our core business hours and / or extend their lunch break by up to 2 hours per day. Employees also benefit from an additional two half days paid leave per year to focus on their More ❯

place to work. About the role We're recruiting for an Internal Compliance Officer to be tesponsible for managing and maintaining compliance accreditations with a particular focus on ISO 27001, including leading internal and external audits and maintaining a comprehensive set of company policies. The role involves ensuring adherence to evolving regulations, general Health & Safety tasks … assessments, and supporting incident response processes. Key responsibilities include: Compliance Accreditations Overall management of Compliance areas of responsibility within our Information Security Management System (ISMS) including leading the ISO Committee, management and scheduling of internal audits and ensuring existing policies are updated to reflect organisational practises Responsibility of the successful completion and scheduling of our external audits with … our people strategy, with a number of innovative wellness initiatives such as flexi-time, where employees can vary their start and finish times within our core business hours and / or extend their lunch break by up to 2 hours per day. Employees also benefit from an additional two half days paid leave per year to focus on their More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

site at our Glasgow office. This position is office-based, meaning regular in-person collaboration or use of office equipment is essential to maximize effectiveness for this team and / or position. Qualified applicants must live within commuting distance of our Glasgow office location and should expect to be in office a minimum of 4 days per week. At … OWASP Top 10 vulnerabilities) in web applications, mobile, and IoT devices. Help ensure the proper implementation of authentication and authorization mechanisms, encryption fundamentals, and secure communication protocols like TLS / SSL. Support threat modeling exercises (e.g., using STRIDE or DREAD methodologies) to identify potential security risks in system designs. Operational Product Security Support: Gain hands-on experience with common … Familiarity with Product Security Incident Response Team (PSIRT) processes, including vulnerability management. Knowledge of compliance frameworks (such as SOC 2, ISO 27001, or GDPR) and / or experience participating in security assessments or audits is a plus. Skills: Foundational Technical Skills: Solid understanding of authentication and authorization mechanisms, encryption fundamentals, and secure communication protocols like More ❯

site at our Glasgow office This position is office-based, meaning regular in-person collaboration or use of office equipment is essential to maximize effectiveness for this team and / or position. Qualified applicants must live within commuting distance of our Glasgow office location and should expect to be in office a minimum of 4 days per week. At … OWASP Top 10 vulnerabilities ) in web applications, mobile, and IoT devices. Help ensure the proper implementation of authentication and authorization mechanisms, encryption fundamentals, and secure communication protocols like TLS / SSL. Support threat modeling exercises (e.g., using STRIDE or DREAD methodologies) to identify potential security risks in system designs. Operational Product Security Support: Gain hands-on experience with common … Familiarity with Product Security Incident Response Team (PSIRT) processes, including vulnerability management. Knowledge of compliance frameworks (such as SOC 2, ISO 27001, or GDPR) and / or experience participating in security assessments or audits is a plus. Skills: Foundational Technical Skills: Solid understanding of authentication and authorization mechanisms, encryption fundamentals, and secure communication protocols like More ❯

site at our Glasgow office. This position is office-based, meaning regular in-person collaboration or use of office equipment is essential to maximize effectiveness for this team and / or position. Qualified applicants must live within commuting distance of our Glasgow office location and should expect to be in office a minimum of 4 days per week. At … of product security compliance. Education & Certifications: Bachelor's degree in Computer Science, Information Security, Law, or a related technical field. Master's degree or relevant industry certifications (e.g., CIPP / E, CISM, CRISC, or specialized IoT / Product Security compliance certifications) are highly preferred. Experience: Minimum of 5 years of progressive experience in cybersecurity compliance, regulatory affairs, or … product security, with a strong focus on IoT and / or consumer electronics products. Demonstrable experience interpreting complex legal and regulatory texts and translating them into practical, engineering-consumable requirements. Proven track record of successfully guiding product development teams through compliance efforts for regulations such as EU CRA, UK PSTI Act, EU RED Delegated Act, GDPR, and CCPA. Familiarity More ❯

identify vulnerabilities, and suggest improvements. Stay updated on security trends, threats, and best practices. Skills & Qualifications: Mandatory: BSc Degree or equivalent experience Certifications such as CCNA, CCNP, CWNP, ISA / IEC 62443, GICSP (highly desirable) Experience in Control System Network Design Engineering Understanding of IEC62443 and IEC27001 / 2 standards Knowledge of automation and control engineering … disciplines Familiarity with industrial communication protocols (Modbus, DNP3, OPC) and security implications Experience in writing network specifications Experience with multiple system implementation projects and control platforms Experience in upgrades / replacements in automation / control projects Strong knowledge of engineering practices, standards, and procedures Knowledge of modern automation tools, methodologies, and security considerations in OT environments Organized, detail … oriented, inquisitive Desirable: Experience with Rockwell, Honeywell, Schneider PLC / SCADA systems Familiarity with telecom protocols, satellite communications, radio-link tech Experience with OT Intrusion Detection Systems With over 90 years of combined experience, NES Fircroft is a leading engineering staffing provider across multiple sectors worldwide, offering comprehensive support from visas to benefits and accommodation. More ❯

and principles Collaborate with IT, DevOps, and business teams to embed security into solution design Evaluate and recommend security tools, technologies, and controls Ensure compliance with industry standards (e.g. ISO27001, NIST, Cyber Essentials Plus) Provide expert guidance on secure configuration, identity management, and data protection Support incident response planning and post-incident reviews from an architectural perspective Qualifications & Experience Proven More ❯

engineering studies & cyber design documentation. Resolve engineering issues by applying standards and best practices. Skills & Qualifications: Minimum BSc degree or equivalent experience. Certifications such as CCNA, CCNP, CWNP, ISA / IEC 62443, or GICSP are highly desirable. Experience in Control System Network Design Engineering. Understanding of IEC62443 Cyber Security standards. Knowledge of IEC27001 / 2 Information … Security Management. Familiarity with industrial communication protocols (e.g., Modbus, DNP3, OPC) & their security implications. Experience with multiple system implementations & control platforms. Experience in brownfield upgrades / replacements. Strong knowledge of engineering practices, standards, and codes. Understanding of automation & control applications and tools. Knowledge of physical security & cybersecurity interplay in OT environments. Good awareness of safety standards & regulations for OT. … Proficiency with current industry technologies & software tools. Detail-oriented, organized, inquisitive. Desirable: Experience with Rockwell, Honeywell, Schneider PLC / SCADA systems. Familiarity with telecom protocols, satellite, & radio-link technologies. Experience with OT Intrusion Detection Systems. With over 90 years of combined experience, NES Fircroft is a leading engineering staffing provider across multiple sectors worldwide. We support contractors with visas More ❯