1 to 25 of 28 ISO/IEC 27001 Jobs in Surrey

The Information Security Director develops, shapes, and maintains Sycurio's information security capability, driving the attainment and maintenance of the ISO27001, PCI-DSS, and SOC2 compliance. They are the subject matter expert on all things regarding security and compliance, owning the information risk management processes. They are the thought leader on all matters within the security and compliance domain such … the information security strategy to relevant parties and providing assurance of policies, procedures, and systems. Develop, maintain, and expand the information security management system ('ISMS') to optimise compliance for ISO27001, PCI-DSS, and SOC2. Identify gaps in the information security capability, both technical and operational, and propose remediation and mitigation plans and solutions. Responsible for the Company's information security … degree in Computer Science, Cybersecurity, or related field (Master's preferred). Industry certifications such as CISSP, CISM, CISA, or equivalent. Experience: 10+ years of information security experience. Financial / Fintech services / payments desirable. Deep knowledge of security frameworks (PCI, ISO 27001, NIST) and regulations (GDPR, CCPA). Experience with PCI DSS compliance More ❯

and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving … to work every day. And you'll never stop growing, whatever your level . Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers More ❯

and strategic capabilities across our on-premise and cloud-hosted solutions, including: Secure configuration of endpoints, OS, applications, containers and PaaS services, aligning to best practice for certifications (i.e., ISO27001) Data classification and data loss prevention Log collection and SIEM / SOAR monitoring and automated response Security testing, including automated testing and assessing formal penetration tests Contribute to the … associated tooling Experience in the operational running of SIEM / SOAR technologies, ideally including Azure Sentinel / Purview Information security frameworks, with experience of maintaining certification programmes (ISO27001) and aligned with standards in the automotive and rail industry Any of the following certifications would be an advantage: EC-Council Certified Ethical Hacker, Certified Penetration Testing Professional, Certified Cloud … value of 4 times base salary Opportunity to join the McLaren Applied Pension Plan Company funded individual private healthcare with the opportunity to extend to partner or spouse and / or dependents at a discounted rate. Ride-to-work with Evans Cycles – take advantage of the Government’s Cycle-to-Work scheme which offers savings of up to More ❯

security tools (Wiz, Puppet, Nexpose) Proficiency in Python, PowerShell, and other scripting languages Experience in a Security Operations role within a complex environment Understanding of cybersecurity standards and frameworks (ISO27001, NIST800-53, CIS, OWASP,SOC2) Equal Opportunity Employer At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in More ❯

Social network you want to login / join with: We are seeking an experienced Cybersecurity Architect with deep expertise in Cisco Cyber Vision to design and implement secure industrial control system (ICS) architectures. You will play a critical role in assessing, developing, and implementing cybersecurity strategies that ensure the resilience and compliance of IT / OT networks. Key … Responsibilities: Design and implement cybersecurity architecture for IT / OT environments with an emphasis on industrial systems. Lead the deployment and integration of Cisco Cyber Vision across various industrial networks. Conduct risk assessments and threat modeling for ICS / SCADA systems and recommend mitigation strategies. Develop and maintain security standards, reference architectures, and best practices aligned with NIST … 7+ years of experience in cybersecurity, with at least 3 years in an architect role. Hands-on experience with Cisco Cyber Vision including deployment, configuration, and integration with SIEM / SOC tools. Deep understanding of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS / SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS / IPS, and More ❯

with the latest security trends, threats, and technology solutions. Ensure compliance with relevant laws, regulations, and industry standards. Prepare and present security reports to senior management. Skills Preferred Skills / Requirements Ideally around 5 years of experience in cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, ITIL, NIST). … Experience with security tools and technologies (e.g., firewalls, IDS / IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with cloud and internet security. Familiarity with regulatory requirements (e.g., GDPR, HIPAA). Qualifications / training desirable but not essential. More ❯

with the latest security trends, threats, and technology solutions. Ensure compliance with relevant laws, regulations, and industry standards. Prepare and present security reports to senior management. Skills Preferred Skills / Requirements Ideally around 5 years of experience in cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, ITIL, NIST). … Experience with security tools and technologies (e.g., firewalls, IDS / IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with cloud and internet security. Familiarity with regulatory requirements (e.g., GDPR, HIPAA). Qualifications / training desirable but not essential. More ❯

Social network you want to login / join with: At MVW Technology Ltd we are committed to fostering the growth and development of all our team members. We offer a range of professional development opportunities to support both permanent staff and contractors in advancing their skills and careers. Through training programs, mentorship, and access to industry resources, we ensure … technical documentation including architecture diagrams, runbooks, and operational procedures Support the development of technical project plans and participate in change advisory processes Ensure alignment with security standards (e.g. ISO 27001, GDPR) and adherence to governance frameworks QUALIFICATIONS AND SKILLS Proven experience in architecting and deploying Microsoft Intune for MDM and MAM Expert knowledge of Microsoft Autopilot … such as MD-102, MS-102, SC-300, or equivalent (preferred) On-premises and traditional infrastructure technologies including Virtualisation, VDI, storage, firewalls, AV + Threat Protection, Windows Server, DNS / DHCP, backup solutions Strong analytical and documentation skills PERSONAL ATTRIBUTES Motivated self-starter Personable and professional manner Process orientated Humble We actively encourage applications from individuals with disabilities and More ❯

Social network you want to login / join with: At MVW Technology Ltd we are committed to fostering the growth and development of all our team members. We offer a range of professional development opportunities to support both permanent staff and contractors in advancing their skills and careers. Through training programs, mentorship, and access to industry resources, we ensure … technical documentation including architecture diagrams, runbooks, and operational procedures Support the development of technical project plans and participate in change advisory processes Ensure alignment with security standards (e.g. ISO 27001, GDPR) and adherence to governance frameworks QUALIFICATIONS AND SKILLS Proven experience in architecting and deploying Microsoft Intune for MDM and MAM Expert knowledge of Microsoft Autopilot … such as MD-102, MS-102, SC-300, or equivalent (preferred) On-premises and traditional infrastructure technologies including Virtualisation, VDI, storage, firewalls, AV + Threat Protection, Windows Server, DNS / DHCP, backup solutions Strong analytical and documentation skills PERSONAL ATTRIBUTES Motivated self-starter Personable and professional manner Process orientated Humble We actively encourage applications from individuals with disabilities and More ❯

Social network you want to login / join with: Senior Associate, Cybersecurity compliance (global role in a virtual working environment), woking col-narrow-left Client: Grant Thornton International Ltd Location: woking, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 col-wide Job Description: About Grant Thornton … IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom / Europe Main responsibilities The Senior Associate will support with the implementation of the cybersecurity compliance programme, including: Collaboration with IT assurance engagement teams across the GT network Review of … a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and / or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and lead More ❯

ensure consistency, uphold best practices, and drive compliance efforts that align with industry standards and regulatory expectations. How Youll Spend Your Time Assistingwith the compliance program and integrated quality / information security management system to maintain alignment with industry standards Facilitatingand conducting risk assessments in order to ensure risks are effectively identified and managed according to the company framework … your skillset using innovative tools and technologies along the way. You will grow and develop, and be a part of an amazing international team, advancing your career further. Experience / Knowledge / Competencies You Will Need: Must have excellent oral and written communication skills and expertise in: UK & EU privacy legislation completing risk assessments in general, privacy assessments … program Demonstrate discretion, integrity and ethical judgment in all compliance-related matters We would like to speak to you if you have Managed a compliance program (SOC, HIPAA, ISO9001, ISO27001, preferred) within a technology or healthcare company Excellent knowledge of legal requirements and procedures but particularly privacy legislation in the UK & EU Knowledge of privacy legislation in US, Canada, Australia More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯

status of all mitigating controls to both Business and Technology risk committees as appropriate. The scope of this role covers all Technology Risks; IT Strategy and Architecture, Service Management / Stability, Capacity / Capability Management, Disaster Recovery and Crisis Management. This role will also integrate the output from the Information Security Risk and Transformation Risk teams into the … overall risk reporting for each Business Unit. You’ll Help Us Make Health Happen Through Interpreting and communicating to the Business Unit changes to Risk Polices, Business / IT Strategy, legislation that impact the existing Risk and Control Framework. Identifying and assessing Technology Management and Information Security issues so that control environments are properly defined and residual risk regularly … essential. Demonstrable experience in Information Technology audits or IT Assurance (e.g., CISSP, CISM, CISA, CRISC, CCAK) A sound understanding of British and International Security Standards (e.g., ISO / IEC 27001, ISO / IEC 27002, NIST, CIS-20, PCIDSS) and the UK regulatory environment (e.g., ICO, FCA, PRA and More ❯

Social network you want to login / join with: col-narrow-left Client: Aimhire Location: Woking, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 10.06.2025 Expiry Date: 25.07.2025 col-wide Job Description: Do you want to work with a FinTech startup in the capital markets vertical? At Aimhire.io, we are … for creating cutting-edge financial products. Key Responsibilities: Design, implement, and maintain cloud-native infrastructure (primarily AWS) to support Klear’s distributed systems and APIs. Manage and optimize CI / CD pipelines, ensuring rapid and reliable code delivery. Work closely with the engineering team to support microservices architecture, focusing on latency-sensitive and high-availability services. Monitor system performance … conduct root cause analysis, and implement observability best practices (metrics, logging, tracing). Harden infrastructure and deployments with infrastructure as code (Terraform / CDK / CloudFormation). Lead incident response, system reliability efforts, and infrastructure scalability initiatives. Manage messaging queues (e.g., Kafka, RabbitMQ) and optimize for low-latency event handling and throughput. Contribute to evolving our security posture More ❯

Social network you want to login / join with: Head of Engineering / System Development Manager - up to £70k base with great benefits Remote working with an office Glasgow We are looking for a strategic, hands-on Head of Engineering to lead and scale our software engineering function. This senior leadership role will focus heavily on software engineering … and governance around API design (RESTful services, rate limiting, versioning, monitoring, etc.). Ensure high data consistency, operational integrity, and well-documented interface contracts between services. Software Delivery, CI / CD & DevOps Define and implement scalable CI / CD pipelines using modern DevOps tooling, including automated build, test, deploy, and rollback strategies. Champion continuous delivery practices with robust … APIs. Security Engineering & Governance Partner with security engineers to integrate security throughout the software lifecycle (shift-left security, secure coding, threat modelling). Own the implementation of secure authentication / authorization practices, audit logging, encryption at rest / in transit, and other application security standards. Ensure software and infrastructure meet organizational security and compliance requirements (e.g., GDPR, ISO More ❯

Azure Solutions Architect (Contract) IaC / Terraform | DevOps | Azure Certifications | Mission-Critical Location: United Kingdom (Hybrid / Remote options depending on project requirements) Contract Type: Day Rate Contract Duration: Initial 6-12 months (extension likely) Role Overview We are seeking an experienced Azure Solutions Architect to join a complex, mission-critical programme within the defence, aerospace, and security … compliant, and cost-effective Azure solutions. Collaborate with cybersecurity teams to ensure solutions meet UK government security classifications, accreditation processes, and relevant compliance frameworks (eg NCSC, MOD JSP, ISO 27001). Support deployment automation and Infrastructure-as-Code (IaC) approaches leveraging Azure Resource Manager (ARM), Bicep, or Terraform. Conduct Azure cost optimisation, performance tuning, and cloud More ❯

management of the transition of technical project to BAU Infrastructure support Ownership of issues relating to IT Infrastructure support Ensure that IT infrastructure is managed and maintained to meet ISO27001, Cyber Essentials Plus accreditation and maintaining a regular penetration testing schedule Work within the ITIL framework INDIVIDUAL RESPONSIBILITIES: Work with Head of IT and other stakeholders to fulfil IT strategy … solver and trouble-shooter with strong Commercial awareness Ability to work under effectively under pressure and under own initiative Presentable and articulate with ability to demonstrate and build confidence / credibility with staff Methodical and organised with attention to detail #J-18808-Ljbffr More ❯

Social network you want to login / join with: Location: Fully Remote Contract Duration: 12 Months Fixed-Term Anticipated Renewal Date: December 2025 About Us: Sentinel is working with a leading global IT and technology services company. They drive digital transformation for businesses worldwide, providing cutting-edge solutions across cloud computing, data analytics, and security. We're committed to … integration. • Lead and actively participate in security audits, identifying vulnerabilities, and ensuring adherence to security policies. • Develop and enforce GCP security hardening measures (network segmentation, access controls, encryption, GDPR / ISO 27001 compliance). • Design and implement ETL pipelines for marketing data into BigQuery for Looker. • Optimise BigQuery data models and schemas for Looker exploration … Qualifications and Experience: • Extensive experience as a Cloud Engineer, specialising in GCP. • Proven background in marketing data environments, understanding infrastructure needs for marketing analytics and CDPs. • Demonstrable experience leading / contributing to security audits, vulnerability assessments, and compliance initiatives (GDPR, ISO 27001) within GCP. • Expertise in IaC with a strong preference for Terraform. • Profound understanding More ❯

Social network you want to login / join with: Microsoft Identity Engineer | Entra ID, PIM, PAM, PowerShell Automation | FinTech Software Company 4 month contract Our client is looking for a Microsoft Identity Engineer with deep expertise in Azure RBAC and PIM / PAM automation to shape and enforce enterprise-wide access governance. You’ll work at the core … Monitoring & Alerting: surface insights through Sentinel, Log Analytics and Azure Monitor, detect anomalies before they escalate. Policy Enforcement & Governance: ensure everything aligns to internal controls and external standards (ISO 27001, NIST, GDPR) Documentation & Collaboration: work closely with DevSecOps, application owners, and GRC teams to build secure-by-design patterns If this sounds like you, please get More ❯

environments Providing escalation and technical support to Operations teams for the internal systems, Managed Services and customer projects. Conducting regular checks of our customer networks in compliance with ISO 27001 ensuring they are optimised, secure and monitored. Monitor … identify and log work items against the health and service status of all networking components relating to the environments, including any performance degradation within the service Supporting the 24 / 7 / 365 escalation team by providing cover for network related issues managed by a on-call rota (every other week) Proactive security focus and remediation of tasks … Private medical insurance Access to Mental Health Support Homeworking budget One paid charity day (matched) per year Quarterly company paid team lunches Employee of the Quarter awards (time off / £) Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will More ❯

Partner with Technical & Operational transferable skills with technical, engineering and management experience who likes to think outside the... About the Role: We are seeking an experienced and dynamic Programme / Senior Project Manager to lead and develop a team delivering Data Centre Infrastructure and Physical Security projects across the UK and Europe. In this pivotal role, you will oversee … driving financial performance and margin improvement Implement best practices, standard operating procedures, and continuous improvement initiatives to optimize delivery efficiency Ensure full compliance with relevant industry standards (e.g., ISO 27001, CPNI, GDPR) and health & safety regulations Manage risks and resolve project escalations, ensuring minimal disruption and maximum client satisfaction Report regularly to senior leadership on project … with P&L ownership, budgeting, and financial reporting. Strong client management skills, with the ability to engage with senior stakeholders. Deep understanding of compliance frameworks and standards including ISO 27001, CPNI, GDPR, and health & safety regulations. Excellent communication and reporting skills, both written and verbal . Preferred Qualification PMP, PRINCE2 Practitioner, PSP, or CPP certification. Familiarity More ❯

Social network you want to login / join with: Technical Support Engineer Tier I, guildford col-narrow-left Client: Action1 Location: guildford, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 5 Posted: 31.05.2025 Expiry Date: 15.07.2025 col-wide Job Description: Who we are: Action1 reinvents patching with an infinitely scalable, highly secure … preempts ransomware and security risks, all while eliminating costly routine labor. Trusted by thousands of enterprises managing millions of endpoints globally, Action1 is certified for SOC 2 and ISO 27001. The company is founder-led by industry veterans Alex Vovk and Mike Walters, who founded Netwrix, which has grown into a multi-billion-dollar industry-leading cybersecurity company. … in Microsoft Windows operating systems. Ability to identify and troubleshoot failed patch installations. Be familiar with PowerShell scripting and able to understand basic scripts. Proficiency in Mac OS and / or Linux platforms. Demonstrate knowledge of software deployment and configuration using install switches. Be skilled in reading, writing, modifying, and backing up the Windows registry. Have previous experience in More ❯

in Microsoft .NET (C#), including modern versions such as .NET 9 Proven ability to write clean, scalable and testable code with a strong focus on unit testing and TDD / BDD practices Demonstrated success in producing robust design documentation and guiding teams through complex system designs Strong collaboration, delegation and communication skills — you can articulate technical decisions to technical … app frameworks such as MAUI or Xamarin would be an advantage Commercial experience in the healthcare domain and familiarity with compliance standards like ISO-27001, NHS DSPT / DTAC is a bonus What We Offer: A base salary of £75,000 - £85,000depending on experience Modern town centre offices in Guildford, with opportunityfor ad hoc home working More ❯

similar administrative or operational support role. The successful Business Administrator will be responsible for: Providing administrative support across all departments, maintaining consistent standards and alignment with ISO9001 (Quality) and ISO27001 (Information Security). Maintain and manage internal documentation, including templates, policies, procedures, and controls. Coordinate and control all document filing systems, both electronic and hard copy, with particular responsibility for More ❯

ABOUT IDBS IDBS helps BioPharma organizations unlock the potential of AI / ML to improve the lives of patients. As a trusted long-term partner to 80% of the top 20 global BioPharma companies, IDBS delivers powerful cloud software and services specifically designed to meet the evolving needs of the BioPharma sector. IDBS, a Danaher company, leverages 35 years … developing remediation plans, implement fixes, and draft communication of fixes or mitigations, including incident management. Application of regulations and adherence to standards: Ensure compliance with GDPR , HIPAA, GxP, ISO 27001, ISO 27017, SOC 2, EU AI Act … and Data Act. It would be a plus if you also possess previous experience in: AWS Security Specialty. Databricks security and compliance configuration. Familiarity with DevOps practices and CI / CD pipelines, working within the guidelines and policies of a highly regulated environment. At IDBS we believe in designing a better, more sustainable workforce. We recognize the benefits of More ❯