1 to 25 of 917 ISO/IEC 27001 Jobs in the UK

GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO Information Security Analyst Liverpool City Centre … keen eye for detail. A proactive mindset and willingness to learn and grow in the role. Benefits: 25 days holiday + BH Enhanced maternity / paternity packages Employee wellbeing support including counselling sessions and CBT programmes Company pension and life assurance Recognition and reward platform, regular socials, and long … service awards Important Notes: Sponsorship isn’t available GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO More ❯

GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO Senior Information Security Analyst (FTC … company offers a supportive, inclusive environment where personal development and employee wellbeing are a top priority. Benefits include: 25 days holiday +BH Generous paternity / maternity leave policies Life assurance and pension scheme Flexible benefits pot and early access to earned pay Regular company-wide recognition programmes and team … events Important to Know: Sponsorship is not available at this time. GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec More ❯

the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. More ❯

the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. More ❯

compliance effectiveness, you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: - ISO / IEC 27001:2022 - NIST Cybersecurity Framework - PCI-DSS 4.0.1 - UK GDPR, NIS2 Directive, CAP1753, and related sector obligations . This … their ongoing security posture meets Virgin Atlantic requirements Conduct internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements Support internal / external audits, evidence readiness, and corrective action tracking Maintain the policy and control framework, identifying non-compliance and advising on remediation or risk acceptance … and reliable protective security measures to effectively limit opportunities for attackers to compromise networks and systems is incorporated in project design. About you CRISC / CISA / CISM certification through ISACA or an equivalent professional body. ISO 27001 Lead Implementer / Auditor certification More ❯

. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote. Close Date: 25 / 03 / 2025 We also provide the following additional benefits: Reservist Leave - Additional 18 days full pay and 22 unpaid. Personal Pension Plan … Information Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO 27001 / 27002 including the governance forum agenda and minutes. Policies and Standards: Establish GRC policies, standards and procedures to monitor UKPN information security controls, exceptions … standards. We are looking for a detailed knowledge and practical expertise in at least 3 of the following specialist areas: Specific Industry Standards. IS / IT Operational Controls and Governance. Business Continuity Planning and Disaster Recovery. Supply Chain and 3rd Party Risk Management. Problem Solving: The role must have More ❯

Managing Consultant - IAM / PAM Managing Consultant - IAM / PAM Location: Global role - UK based - Manchester, London Or Cheltenham Role Purpose: NCC Group are investing in expanding our digital identity service line, to grow and expand capabilities, offerings and propositions. This new global practice will focus on three … Management (AM) and Customer Identity (CIAM). The opportunity is for an IAM technical consultant with hands-on technical experience, performing as an engineer / developer to support large-scale IAM deployments, supporting the implementation of identity lifecycle management, access governance and / or privileged access. The role … the service line leader. Summary: This is a fantastic new opportunity to join our Global IAM team. The ideal candidate will have previous IAM / PAM engineering and development experience and exposure gained from delivering complex IAM engagements, ideally across a broad client base. In addition to your technical More ❯

and business leadership to ensure seamless program execution and operational buy-in. Lead program governance and execution frameworks, including risk assessment, remediation planning, KPI / OKR reporting, and change control processes. Ensure cybersecurity controls and program components align with leading industry frameworks (e.g., ISO / IEC … regulatory compliance Fluency in German and English (written and spoken) is required Deep knowledge of security frameworks and methodologies (e.g., NIST, ISO / IEC 27001, CIS Controls, BSI, MITRE ATT&CK) Demonstrated ability to lead cross-functional teams and manage large-scale cybersecurity … initiatives Relevant certifications such as PMP, CISM, CISSP, ISO 27001 Lead Implementer / Auditor are highly desirable Bachelor's or Master’s degree in Cybersecurity, Information Systems, Engineering, or related field Understanding of cloud platforms (e.g., AWS, Azure, GCP) and modern enterprise IT environments is More ❯

and business leadership to ensure seamless program execution and operational buy-in. Lead program governance and execution frameworks, including risk assessment, remediation planning, KPI / OKR reporting, and change control processes. Ensure cybersecurity controls and program components align with leading industry frameworks (e.g., ISO / IEC … regulatory compliance Fluency in German and English (written and spoken) is required Deep knowledge of security frameworks and methodologies (e.g., NIST, ISO / IEC 27001, CIS Controls, BSI, MITRE ATT&CK) Demonstrated ability to lead cross-functional teams and manage large-scale cybersecurity … initiatives Relevant certifications such as PMP, CISM, CISSP, ISO 27001 Lead Implementer / Auditor are highly desirable Bachelor's or Master’s degree in Cybersecurity, Information Systems, Engineering, or related field Understanding of cloud platforms (e.g., AWS, Azure, GCP) and modern enterprise IT environments is More ❯

all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness … standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking … sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling More ❯

Cyber Security Architect SC or DV Cleared (DV Eligible) £65,000 – £95,000 DOE + Excellent Benefits London (Hybrid) Secure Government Projects DevSecOps / SIEM / ISO 27001 / Azure / CISSP Permanent Apply by emailing luke.parry@searchability.com Are you a Cyber … implementing secure architectures across complex environments Leading technical teams and advising on security controls and risk management Shaping cloud and DevSecOps security strategies (AWS / Azure / GCP) Supporting accreditation and compliance with security frameworks (ISO 27001, NIST, JSP 440, Secure by Design) What … role: Strong experience in a Security Architecture role Knowledge of frameworks such as ISO 27001, NIST, CIS Familiarity with TOGAF / SABSA methodology Understanding of SIEM, firewalls, IDS / IPS, vulnerability management Cloud security expertise – AWS, Azure, or Google Cloud DevSecOps knowledge, CI / More ❯

Cyber Security Architect SC or DV Cleared (DV Eligible) £65,000 – £95,000 DOE + Excellent Benefits London (Hybrid) Secure Government Projects DevSecOps / SIEM / ISO 27001 / Azure / CISSP Permanent Apply by emailing luke.parry@searchability.com Are you a Cyber … implementing secure architectures across complex environments Leading technical teams and advising on security controls and risk management Shaping cloud and DevSecOps security strategies (AWS / Azure / GCP) Supporting accreditation and compliance with security frameworks (ISO 27001, NIST, JSP 440, Secure by Design) What … role: Strong experience in a Security Architecture role Knowledge of frameworks such as ISO 27001, NIST, CIS Familiarity with TOGAF / SABSA methodology Understanding of SIEM, firewalls, IDS / IPS, vulnerability management Cloud security expertise – AWS, Azure, or Google Cloud DevSecOps knowledge, CI / More ❯

Compliance Consultant, you have solid consulting, technology management, or service operations experience in the field of cyber security. You have experience in the design / implementation in multiple areas of cyber security, such as identity and access management, infrastructure security, data security, application security, or incident detection and response. … related to security. - Experience in cyber security design and implementation in one or more of the following areas (application security, identity and access management / data protection / infrastructure security such as networks / logging and monitoring, incident detection and response). - Business level Korean reading, document … such as CISSP, CISA, CISM, or CCSP Implementation experience in one or more of the following: Next Generation Firewalls, Web Application Firewalls, Intrusion Detection / Prevention, Incident Response, and Security Information and Event Management (SIEM), Identify and Access Management (IAM) controls. - Implementation experience with compliance frameworks such as NIST More ❯

the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the OnSpring GRC Tool and can effectively assess and communicate technical security requirements to teams across the … and other business leadership teams to drive a culture of risk awareness. Ensure that all security risks align with regulatory requirements such as ISO 27001, NIST, GDPR, and other international security frameworks. Provide oversight and work closely with risk owners to manage the development and implementation … insights to executive leadership and board members. Relevant senior security certifications (e.g., CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer / Auditor) are highly desirable. More ❯

security standards and frameworks such as NCSC NIS Guidance, CAF, ISO 27001, ISO 27005, NERC CIP, ISA-99 / IEC 62443, and NIST CSF. Collaborate effectively with client stakeholders, nurturing relationships and providing strategic cybersecurity counsel. Support business development and client … with leading cybersecurity standards and frameworks : NCSC NIS Guidance, CAF ISO 27001, ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF Outstanding communication skills with the ability to engage both technical and non-technical stakeholders. Strong teamwork and collaboration More ❯

years+ experience leading Cyber Security Defense and Operations teams. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Hold an industry recognised information security qualification such as GIAC / GCIA / GCIH, CISSP or CompTIA Advanced Security Practitioner … CASP+) and / or SIEM-specific training and certification. An understanding and knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Practical experience of incident response More ❯

and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance (e.g. ISO / IEC 27001 and SOC 2 certification). What you'll be doing Develop, implement and monitor a strategic, comprehensive enterprise … a combination of risk management, information security and IT jobs. Knowledge of common regulatory and information security management frameworks, such as ISO / IEC 27001, NIST, SOC 2 and GDPR. Excellent written and verbal communication skills and high level of personal integrity. Innovative More ❯

engineering and development team to ensure in-house technologies comply with relevant security standards, regulations, and industry certifications, such as OWASP, CIS, PCI-DSS, ISO27001 to ensure security is prioritised throughout the development lifecycle Maintains current understanding of policy, regulations, and compliance standards that affect assigned areas of responsibility and … practices 3+ years of information security experience in cloud environments. In depth experience secure coding practices, threat modeling, secure architecture design, and secure SDLC / CICD pipelines In-depth technical experience with identifying and advising on the remediation of application security vulnerabilities on application platforms, including cloud and web … and information security executives and in influencing stakeholders to achieve strategic objectives Experience in working with industry frameworks and standards such as OWASP, PCIDSS, ISO27001 / 27002, CIS and NIST Information Security (CISSP, CISA, Security +) and cloud certification (preferably GCP / AWS) What’s In It For More ❯

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent). Certifications in security governance and frameworks: ISO / IEC 27001, IEC 62443, NIST CSF, CAF, or CIS Controls. Additional vendor or platform-specific certifications (AWS, Azure … are advantageous Essential skills Strong understanding of core cybersecurity principles, including confidentiality, integrity, availability, and risk management. Practical experience implementing security controls across IT / OT infrastructure. Proficiency in system hardening techniques. Ability to conduct technical risk assessments, identify control gaps, and propose actionable remediation plans. Familiarity with enterprise … with the ability to clearly explain technical risks and solutions to technical and non-technical stakeholders. Desired skills Familiarity with UK regulatory frameworks (NIS / NIS2, Ofgem CAF, ECAF, GDPR / DPA18, ISO 27001, or Cyber Essentials Plus). Understanding secure architecture principles, including More ❯

to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing … ISO 27005, EBIOS RM). Even better if you’re certified! You're curious and have already read cybersecurity frameworks and methodologies (ISO27001 / 2, IEC 62443, ANSSI, NIS, NIST…) Soft Skills Required: Mindset is key: you’re motivated, dynamic, and autonomous You enjoy teamwork … English (you can understand conversations, lead meetings, and write reports…) Other Requirements: Master’s degree or equivalent Certifications such as IEC 62443, ISO27001 / 2 / 5, EBIOS EM, ISC2 are a plus! Driver's license (B), useful for some travel Integrity360 Employee Benefits (UK) At More ❯

to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing … ISO 27005, EBIOS RM). Even better if you’re certified! You're curious and have already read cybersecurity frameworks and methodologies (ISO27001 / 2, IEC 62443, ANSSI, NIS, NIST…) Soft Skills Required: Mindset is key: you’re motivated, dynamic, and autonomous You enjoy teamwork … English (you can understand conversations, lead meetings, and write reports…) Other Requirements: Master’s degree or equivalent Certifications such as IEC 62443, ISO27001 / 2 / 5, EBIOS EM, ISC2 are a plus! Driver's license (B), useful for some travel Integrity360 Employee Benefits (UK) At More ❯

and Experience Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan ). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good … salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05 139). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good … salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯