1 to 25 of 44 ISO/IEC 27001 Jobs in the Thames Valley

Compliance Location: Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally Contract: Permanent Hours: Full time Salary: £70,000 per annum, plus car / car allowance Benefits: 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme About the Job As our Head of Cybersecurity Governance Risk and … but please apply if you think youd be able to perform well in this role! Excellent written and verbal communication skills Previous experience within a GRC function, IT Security / Cyber team, Internal Audit or an IT environment Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001 Risk management … Cybersecurity Risk and Compliance Lead, Information Security Compliance Manager, Head of InfoSec Governance, ISO 27001 Compliance Lead, ISO 27001 Lead Implementer / Auditor, NIST Cybersecurity Framework, Risk management (cyber / information security), Information Security Management System (ISMS), Control assurance / control testing, Regulatory compliance (GDPR, UK Cyber Essentials), Security More ❯

be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development,be joining a company that prioritizes both your growth and the safety of our clients. We're … highly skilled Cyber Security Team you will be responsible for contributing to our information security consultancy, with opportunities to work on information security assessments within sizeable projects, conduct ISO 27001 audits, help implement aspects of ISO 27001, and engage in risk management. Furthermore, there is potential for growth into such diverse fields … as PCI DSS, privacy, and business continuity. Essential experience and skills: Recognized ISO 27001 Lead Auditor qualification. Significant experience in auditing ISO 27001 based Information Security Management Systems. Significant experience in consulting and implementing Information Security Management Systems. Strong knowledge of regulatory frameworks such as the GDPR. Significant previous IT experience. Ability More ❯

As the GRC Analyst, you’ll work closely with process owners, auditors, and stakeholders to monitor and address risk and compliance issues. You’ll be responsible for administering ISO 27001, ISO 22301, and PCI compliance programs, managing audits, and overseeing our GRC tooling to ensure it’s configured and maintained to the highest standards. … Key Responsibilities Own and manage the GRC tool and vendor relationship Lead risk assessments, compliance reviews, and validation testing Support and manage ISO 27001, 22301, and other audits Maintain a central repository for audit evidence Develop and enhance the GRC framework in line with best practices Collaborate across teams to identify and mitigate IT and business … Head of Audit What We’re Looking For Strong computer literacy and adaptability to niche IT systems (essential) Proficiency in Microsoft Teams, PowerPoint, Word, etc. (essential) Experience with ISO 27001 and 22301 Familiarity with GRC tooling and supply chain management (preferred) Excellent organisational, communication, and interpersonal skills Ability to influence at all levels and communicate with More ❯

Information Security Specialist (ISO Certified) About the Role Our client, a leading organisation in Berkshire, is seeking an experienced Information Security Specialist with in-depth knowledge of ISO 9001, ISO 14001, ISO 22301, ISO 27001, and PCI-DSS compliance. This role will be central to designing, implementing, and … in-class security and compliance frameworks, ensuring that all information assets and operational processes are safeguarded to the highest standards. Key Responsibilities Develop, implement, and maintain compliance with ISO , and PCI-DSS standards. Conduct risk assessments, security audits, and vulnerability testing across systems and processes. Lead incident response activities, ensuring rapid and effective mitigation. Collaborate with internal stakeholders … and external auditors to achieve and maintain certifications. Deliver organisation-wide security and compliance awareness training. Monitor and report on security performance, providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days / week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most … drug design. You will play a pivotal role in aligning data governance, security operations, and compliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI / ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for ISO … NIST, GDPR, HIPAA, GxP, and the EU AI Act. Demonstrated experience leading compliance certification programmes and external audits. Strong understanding of cybersecurity and IT infrastructure within ML / cloud environments. Proven track record managing risk end-to-end — from identification to mitigation and communication. Practical experience with privacy and data lifecycle controls, including audit trails, de-identification, and retention. More ❯

opportunity for a security leader with extensive experience designing and implementing enterprise-grade security architectures across complex, highly regulated environments. The role will focus heavily on cloud security, AI / ML security, regulatory compliance, and secure-by-design frameworks for critical systems. Why This Role? Shape and deliver the security architecture strategy for enterprise cloud and AI / … MLOps with security guardrails. Act as a trusted advisor to senior leadership , influencing both business and technology direction. Key Responsibilities Define and evolve security architecture strategies for cloud, AI / ML, and MLOps environments . Act as a senior security advisor to leadership, engineering, and business stakeholders. Develop security architecture standards, patterns, and guidelines for enterprise solutions, with specific … coverage for AI / ML workloads. Conduct security architecture reviews, threat modelling, and risk assessments for AI / ML systems and pipelines . Ensure solutions comply with European financial services regulations (GDPR, PSD2, DORA, NIS2) as well as emerging AI governance frameworks (e.g., EU AI Act, NIST AI RMF). Integrate security into DevSecOps and MLOps pipelines , including More ❯

Cyber & Technology Security Manager - Data Center Location: London / UK Salary: £85- £95k + Travel Allowance £5k / Anum , Bonus (2x salary), Pension, Life Assurance, Healthcare, Income Protection Contract: Permanent Reporting to: Senior European IT Director Are you ready to take full ownership of a high-profile cybersecurity function, shaping strategy across both IT and Operational Technology (OT … technology risk management. Key Responsibilities: Develop, implement, and maintain a robust cybersecurity strategy and governance framework aligned with business and regulatory requirements. Oversee technical security controls including firewalls, IDS / IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence … Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS / IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. Experience in OT security or within a data centre environment is advantageous. Why Join Us? This is More ❯

desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Ability to analyse data and generate reports using tools … Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable. More ❯

now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer - Responsibility: Carry out daily security engineering / operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make … recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application / web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer - Skills: Experience in Security Engineering, Network Security, and / … protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA / CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants More ❯

be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development,be joining a company that prioritizes both your growth and the safety of our clients. We're … the secure and ethical use of AI. While the primary focus is on AI, you will also apply your expertise to broader GRC projects, including information security assessments, ISO 27001 audits, and general information security consulting. The ability to be adaptable and work on a variety of projects is essential. Essential experience and skills: A strong … foundation in traditional GRC, demonstrated by significant experience in auditing and implementing Information Security Management Systems. A recognised ISO 27001 qualification (e.g., Lead Auditor or Lead Implementer) is essential. You must be able to apply this rigorous mindset to new challenges. Demonstrable, hands-on experience applying AI governance principles. This must include practical work such as More ❯

Cyber Security Consultant Salary > £65k - 80k Hybrid UK office 1-2 days / wk and Client Site as Required A multi-award-winning service provider is building out a Cyber practice and you can be a central figure reporting into and working with the CISO. This growing Cyber Practice will add to and complement their existing portfolio of services. … your clients, and proposing risk mitigating controls. A current knowledge of the cyber threat landscape. Experience auditing against security frameworks such as the ISO 27001 / Cyber Essential, identifying gaps and recommending controls. If you have certs such as, CISM, CISSP. Great verbal and written communication skills with the ability to communicate tech issues to More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

to targets in the new business sales team to prospective clients Making outbound calls to prospective clients on daily basis. Promoting a range of bespoke ICT Solutions (wireless technologies / converged IP Networks / audio visual tech and IP Security / CCTV Doing research to identify potential target clients and opportunities Keep on top of sales cycle … time keeping Self-starter Thrive under pressure A consultative sales approach Strong presentation skills Negotiation skills Qualifications 5 GCSE's including English Language and Maths GCSE, grade (A*-C / 9-4 or equivalent) (Essential) About the Employer VIETEC LTD Vietec was formed in 2005 and has grown into a leading ICT infrastructure solutions provider with many well known … clients. Our company is proud to hold many accreditations covering ISO9001 / 45001 / 27001, SSAIB and Construction line and this helps us play a vital role in supporting our clients in meeting their compliance needs. Our expert team designs and installs both bespoke complete network systems and isolated solutions that integrate into your existing system. More ❯

Job title Control Testing Lead - Cyber Security Ref 42015 Division Digital Location Hybrid - Clearwater Court - RG1 8DB Contract type Permanent Full / Part-time Full-time Hours 36 Salary A salary up to £78,000 per annum, depending on experience Job grade B Closing date 03 / 09 / 2025 As a Control Testing Lead , you will … Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to have / bring: Experience working in a regulated environment. Experience within the water utility industry or large, complex critical national infrastructure. Experience in internal audit, external audit, or assurance functions related … to IT or cybersecurity. Professional certifications such as CISA, CISSP, CRISC, or ISO 27001 Lead Auditor are advantageous. What's in it for you? Competitive salary: up to £78,000 per annum depending on experience Annual Leave - 26 days holiday per year, increasing to 30 with the length of service (plus bank holidays) Performance-related pay More ❯

. ✔️ Strong experience drafting & negotiating commercial contracts. ✔️ Knowledge of data protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS / fintech / tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional More ❯

. ✔️ Strong experience drafting & negotiating commercial contracts. ✔️ Knowledge of data protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS / fintech / tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional More ❯

Information Security Officer Hybrid – Home & London | Permanent | £68,000 | 35 hrs / week (flexible) A rare and brilliant opportunity to join this international development children’s charity, as their new Information Security Officer . You'll be the expert, working closely with the Chief Information Officer and other senior leaders to embed security practices across systems, suppliers, and staff. … experience in ICT security management and incident response (CIS and Cyber Essential Plus). Strong technical knowledge of Microsoft 365, Azure, and cloud security. Familiarity with frameworks like ISO 27001, NIST, and … CIS. Excellent communication skills and a pragmatic, risk-based mindset. Relevant certifications (e.g. AZ-500, CISSP, CISM, CCSP) are highly desirable. This role offers hyrbid working (1-2 days / week in office) as well as open discussion around different working patterns i.e 9-day fortnight and varied start / finish times. The organisation values professional development and More ❯

threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into CI / CD pipelines Monitor and respond to security incidents, coordinating investigation and remediation efforts Drive security automation and infrastructure-as-code initiatives Support compliance efforts (ISO 27001 … understanding of networking, identity & access management, and encryption technologies Hands-on experience with tools like Terraform, Kubernetes, SIEM platforms, and security scanners Familiarity with DevSecOps practices and modern CI / CD pipelines Strong scripting or coding skills (e.g., Python, Bash, or PowerShell) Excellent problem-solving, communication, and stakeholder engagement skills Nice to Have Security certifications (e.g., CISSP, AWS Security More ❯

Senior Manager Vulnerability Management Location: Reading, UK (Hybrid 4 days onsite) Type: Contract (6 months) | Rate: £475 / day | Start: ASAP Our client, a leading global organization in IT services, is seeking a Senior Manager Vulnerability Management to lead and evolve the end-to-end vulnerability management strategy for a major client within the CSP unit. You will be … 7+ years in cyber security, including 5+ years in vulnerability management. Proven experience leading teams in vulnerability assessment, pentesting, and risk management. Strong understanding of cloud technologies and CI / CD pipelines. Advanced knowledge of TCP / IP, system administration, OSI model, and defense-in-depth. Familiarity with control frameworks and regulations (ISO 27001 More ❯

data platforms. Perform threat modelling, architecture reviews, and propose mitigation strategies. Ensure alignment with European regulatory standards (e.g., GDPR, PSD2, DORA, NIS2). Embed DevSecOps into SDLC and CI / CD pipelines using IaC and automation tools. Drive adoption of Zero Trust principles, secure APIs, container security, and logging strategies. What Were Looking For 15+ years in Information Security … years of hands-on cloud security experience (AWS, Azure, or GCP multi-cloud preferred). In-depth understanding of financial services compliance requirements and frameworks (e.g., NIST CSF, ISO 27001, CSA CCM, PCI DSS). Expert-level knowledge of IAM, network security, encryption, API and application security, container security, and SIEM strategies. Proven leadership in DevSecOps More ❯

and management response is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop … standards, controls and consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company … in relation to information and cyber security risks. Working towards or achieved professional certifications (ISO27001 lead, ISC2, CISM or CRISC) advantageous. Benefits Competitive salary Company bonus Pension scheme Life assurance Income protection 25 days holiday plus bank holidays Electric Car / Bike to Work schemes More ❯

security, endpoint protection, email security, and other key cybersecurity tools. Manage incident response plans and investigations, coordinating with internal teams and external partners. Ensure compliance with standards like ISO 27001, GDPR, and NIST frameworks. Promote security awareness and training across departments. Requirements: Degree in Cybersecurity, Information Security, or related field. Proven experience … in manufacturing, energy, chemicals, or similar sectors. 15 years of experience in a deeply-technical hands on role, and high level stakeholder engagement. Strong knowledge of cybersecurity frameworks, ICS / OT security, and risk management. Hands-on experience with Microsoft 365 security tools, EDR, and related technologies. Demonstrated leadership in incident response and cross-functional security initiatives. More ❯

We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge of security frameworks, standards, and best practises (e.g., NIST, ISO 27001). Proficiency in security tools and technologies (e.g., firewalls, intrusion detection systems). Excellent analytical and problem-solving skills. Ability to communicate complex security concepts to More ❯

We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge of security frameworks, standards, and best practises (e.g., NIST, ISO 27001). Proficiency in security tools and technologies (e.g., firewalls, intrusion detection systems). Excellent analytical and problem-solving skills. Ability to communicate complex security concepts to More ❯

Architect (Security), you'll work directly with major enterprise customers, playing a strategic role in advisory, design, and technical delivery. What you'll do Provide expert guidance across SASE / SSE, PAM, detection, and data centre security technologies Lead customer engagements, providing advisory services, architecture guidance, roadmap planning, and solution governance Define and document high-level solution designs, technical … architecture engagements at the enterprise level Expertise in Secure Access Service Edge (SASE) and Secure Service Edge (SSE), especially with Zscaler Experience in at least three enterprise Zscaler SSE / SASE projects Ability to provide presales advisory, requirements gathering, and high-level solution design Strong understanding of Zscaler architecture and troubleshooting Broad knowledge across IAM, SSO, MFA, PAM, and … IDaaS Strong background in core security technologies such as firewalls, IDS / IPS, endpoint protection, and encryption Comfortable working with cloud platforms and designing secure architectures across Azure, AWS, or Google Cloud Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security More ❯