22 of 22 ISO/IEC 27001 Jobs in Wales

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

IT risks across infrastructure, data protection, and lifecycle management. * Own and maintain the IT risk register, ensuring mitigation plans are in place. * Align risk management frameworks with industry standards (ISO27001, NIST, CIS Critical Controls). * Lead IT audits, coordinate fieldwork, and track findings to ensure timely resolution. * Develop and implement IT policies, procedures, and security awareness initiatives. * Act as an … SME, providing guidance on IT governance, compliance, and risk mitigation strategies. Required Skills & Qualifications * Proven experience in IT risk management, security governance, and compliance. * Strong knowledge of ISO27001, GDPR, PCI-DSS, and cybersecurity frameworks. * Experience in IT audit coordination and risk assessment methodologies. * Excellent communication and stakeholder management skills. * Desirable - Certifications such as CRISC, CISA, CISM, or CISSP Benefits More ❯

IT risks across infrastructure, data protection, and lifecycle management. * Own and maintain the IT risk register, ensuring mitigation plans are in place. * Align risk management frameworks with industry standards (ISO27001, NIST, CIS Critical Controls). * Lead IT audits, coordinate fieldwork, and track findings to ensure timely resolution. * Develop and implement IT policies, procedures, and security awareness initiatives. * Act as an … SME, providing guidance on IT governance, compliance, and risk mitigation strategies. Required Skills & Qualifications * Proven experience in IT risk management, security governance, and compliance. * Strong knowledge of ISO27001, GDPR, PCI-DSS, and cybersecurity frameworks. * Experience in IT audit coordination and risk assessment methodologies. * Excellent communication and stakeholder management skills. * Desirable - Certifications such as CRISC, CISA, CISM, or CISSP Benefits * Hybrid More ❯

PureCyber combines both defensive & offensive cyber security, with expert governance & compliance consultancy - offering organisations a comprehensive service. Our all-in-one solution simplifies cyber security by providing 24 / 7 protection, proactive threat intelligence, expert consultancy, and real-world attack simulations - all from a single, trusted source. Our goal is to provide peace of mind to our clients, knowing … Drive awareness and education of cybersecurity risks and responsibilities throughout the organisation. Travel to client sites as required. Person Specification Essential: Experience implementing security standards and frameworks such as ISO27001, PCI DSS, NIST, IASME Cyber Assurance etc. Proven ability to lead risk assessments and manage control frameworks Strong written and verbal communication skills, with the ability to present risk topics … to both technical and non-technical stakeholders. ISO27001 Lead Implementer or Auditor certification Desirable: CISSP, CISM, CRISC or other relevant certification. Cyber Essentials certification More ❯

clearly to non-technical stakeholders Work closely with teams to support data-driven decisions Compliance & Lifecycle Support GDPR compliance and Data Lifecycle Management Contribute to maintaining Cyber Essentials and ISO27001 standards Training & Culture Promote data literacy across teams Deliver internal training on Power BI, Excel and other data tools Embed data metrics into team performance tracking What You’ll Need More ❯

clearly to non-technical stakeholders Work closely with teams to support data-driven decisions Compliance & Lifecycle Support GDPR compliance and Data Lifecycle Management Contribute to maintaining Cyber Essentials and ISO27001 standards Training & Culture Promote data literacy across teams Deliver internal training on Power BI, Excel and other data tools Embed data metrics into team performance tracking What You'll Need More ❯

experience managing cybersecurity or IT risk-related projects in complex or regulated environments. - Strong understanding of cybersecurity frameworks, risk management, and compliance requirements. - Experience working with or aligning to ISO27001, NIS Regulations, or similar standards. - Excellent stakeholder management and communication skills, with the ability to influence at all levels. - Strong organisational skills and the ability to manage multiple priorities simultaneously. More ❯

experience managing cybersecurity or IT risk-related projects in complex or regulated environments. - Strong understanding of cybersecurity frameworks, risk management, and compliance requirements. - Experience working with or aligning to ISO27001, NIS Regulations, or similar standards. - Excellent stakeholder management and communication skills, with the ability to influence at all levels. - Strong organisational skills and the ability to manage multiple priorities simultaneously. More ❯

3+ years of hands-on Azure engineering experience (IaaS ? PaaS), including Infra as Code. Strong SQL skills and proficiency in Python or PySpark . Built or maintained data lakes / warehouses using Synapse , Fabric , Databricks , Snowflake , or Redshift . Experience hardening cloud environments (NSGs, identity, Defender). Demonstrated automation of backups, CI / CD deployments, or DR workflows. … work effectively across time zones and teams. Thrives in a small, high-trust, high-autonomy team culture. Day-to-Day Responsibilities Infrastructure & Automation: Deploy and manage infrastructure using Bicep / Terraform , GitHub Actions , and PowerShell / DSC . Data Engineering: Architect and implement scalable ETL / ELT solutions; model schemas, optimize performance, and apply lakehouse best practices. … Security & Resilience: Implement best-practice cloud security (NSGs, Defender, Conditional Access), automate DR / backups, and run quarterly restore drills. Collaboration: Partner with AI Product Owners, Business Performance, and Data Analysts to translate business needs into robust data solutions. Mentorship & Knowledge Sharing: Act as a data SMEguiding system administrators and upskilling junior technical team members. What You'll Achieve More ❯

3+ years of hands-on Azure engineering experience (IaaS PaaS), including Infra as Code. Strong SQL skills and proficiency in Python or PySpark . Built or maintained data lakes / warehouses using Synapse , Fabric , Databricks , Snowflake , or Redshift . Experience hardening cloud environments (NSGs, identity, Defender). Demonstrated automation of backups, CI / CD deployments, or DR workflows. … work effectively across time zones and teams. Thrives in a small, high-trust, high-autonomy team culture. Day-to-Day Responsibilities Infrastructure & Automation: Deploy and manage infrastructure using Bicep / Terraform , GitHub Actions , and PowerShell / DSC . Data Engineering: Architect and implement scalable ETL / ELT solutions; model schemas, optimize performance, and apply lakehouse best practices. … Security & Resilience: Implement best-practice cloud security (NSGs, Defender, Conditional Access), automate DR / backups, and run quarterly restore drills. Collaboration: Partner with AI Product Owners, Business Performance, and Data Analysts to translate business needs into robust data solutions. Mentorship & Knowledge Sharing: Act as a data SME—guiding system administrators and upskilling junior technical team members. What You'll More ❯

data and recommending protective measures. Experience managing a team of specialists across different sites in a dynamic environment. Understanding of UK Government Security Policy Framework and standards like ISO 27001 and the Data Protection Act. Ability to work effectively within a team in a multi-disciplinary setting. HMG Vetting at Security Clearance (SC) level required prior … to starting. Willingness to pursue professional development qualifications in security, such as ISO 27001 Security Auditor. Behaviours Assessment during the selection process will focus on: Communicating and Influencing Managing a Quality Service Leadership Working Together Technical skills Assessment will include: Applied Security Capability - Practitioner More ❯

Microsoft Dynamics Nav Developer. This is an excellent opportunity to make a meaningful impact within a collaborative and forward-thinking environment. The Role at a Glance: Microsoft Dynamics NAV / BC Developer - C / AL / AL. 100% Remote UK £60,000 - £70,000 Training and Development Contributory pension scheme, Perkbox Membership Company: Leading provider of tailored … chain, inventory management and the back-office; benefiting both the NHS and healthcare suppliers Pedigree: First GS1 UK Approved Solution for inventory management in the NHS. ISO / IEC 27001:2022 Certified. ISO 9001-2015 Certified Awards: Extensive awards in the Heath Tech, Innovation & Supply Chain Categories Other Tech Innovations … Familiar with Microsoft SQL Server, XML, APIs, and other OOP languages (e.g., C#, Java). Tooling & Standards: • Experienced with DevOps, GitHub, and automated testing tools. • Knowledge of ISO9001 and ISO27001 standards and integrated management systems. Consultancy & Mentoring: • Consultancy experience in Microsoft Dynamics NAV / BC implementations. • Familiar with third-party NAV / BC tools such as Tasklet Mobile More ❯

Microsoft Dynamics Nav Developer. This is an excellent opportunity to make a meaningful impact within a collaborative and forward-thinking environment. The Role at a Glance: Microsoft Dynamics NAV / BC Developer - C / AL / AL. 100% Remote UK £60,000 - £70,000 Training and Development Contributory pension scheme, Perkbox Membership Company: Leading provider of tailored … chain, inventory management and the back-office; benefiting both the NHS and healthcare suppliers Pedigree: First GS1 UK Approved Solution for inventory management in the NHS. ISO / IEC 27001:2022 Certified. ISO 9001-2015 Certified Awards: Extensive awards in the Heath Tech, Innovation & Supply Chain Categories Other Tech Innovations … Familiar with Microsoft SQL Server, XML, APIs, and other OOP languages (e.g., C#, Java). Tooling & Standards: • Experienced with DevOps, GitHub, and automated testing tools. • Knowledge of ISO9001 and ISO27001 standards and integrated management systems. Consultancy & Mentoring: • Consultancy experience in Microsoft Dynamics NAV / BC implementations. • Familiar with third-party NAV / BC tools such as Tasklet Mobile More ❯

understanding of the plugins including those in the XrmToolBox. Understanding of PCF Controls and how they can be used to extend Dynamics functionality Design configurations and customisation of Dataverse / Dynamics entities and forms Design of PowerApps integrations with other Azure components such as Logic Apps, Azure Service Bus and Azure Functions Consult on API designs for purposes such … IPO. Proactively apply HMG IA technical security controls according to ISO 27001 & the Security Policy Framework (SPF) Person specification Design configurations and customisation of Dataverse / Dynamics entities and forms Understanding of PCF Controls and how they can be used to extend Dynamics functionality Good understanding of the plugins including those in the XrmToolBox Design More ❯

open mind and exploring innovative ways to solve problems, working in a fail-fast fashion to provide required functionality Proactively apply HMG IA technical security controls according to ISO 27001 & the Security Policy Framework (SPF) Working Style This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to … Experience of working with cloud technologies including Azure Working knowledge of Azure DevOps Experience with Git Advocate of DevOps principles Excellent understanding of C# Experience in Web Services and / or RESTful APIs Has a good understanding of architectural principals with design patterns such as SOA and Micro-Services Experience of writing SQL statements How to apply Click the More ❯

Job Title: Cyber Security Architect Location: South Wales / Remote Employment Type: Permanent, Full-Time Salary: £69,000 - £78,850 + excellent Benefits About the Role We're working with a well-established organisation in South Wales looking for a Cyber Security Architect to help shape and implement enterprise-wide security architecture. Reporting to the Senior Cyber Security Architect … role is key to developing the organisation's long-term Cyber Security Strategy and improving resilience across IT and OT environments. You'll lead on the design of robust, ISO27001-compliant frameworks, contribute to strategic security planning, and work closely with internal teams to embed best practice across systems and services. This is a great opportunity for someone ready to … a high-impact role that combines technical depth with strategic influence. Key Responsibilities Define and embed Security Architecture Principles to guide all programmes, projects, and changes Develop and maintain ISO27001-compliant security policies and an ISMS framework Create reference architectures for Identity and Privileged Access Management Provide architecture reviews for all new systems and major changes to existing ones Support More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

understanding of the plugins including those in the XrmToolBox. Understanding of PCF Controls and how they can be used to extend Dynamics functionality Design configurations and customisation of Dataverse / Dynamics entities and forms Design of PowerApps integrations with other Azure components such as Logic Apps, Azure Service Bus and Azure Functions Consult on API designs for purposes such … IPO. Proactively apply HMG IA technical security controls according to ISO 27001 & the Security Policy Framework (SPF) Essential Criteria Design configurations and customisation of Dataverse / Dynamics entities and forms Understanding of PCF Controls and how they can be used to extend Dynamics functionality Good understanding of the plugins including those in the XrmToolBox Design More ❯

understanding of the plugins including those in the XrmToolBox. Understanding of PCF Controls and how they can be used to extend Dynamics functionality Design configurations and customisation of Dataverse / Dynamics entities and forms Design of PowerApps integrations with other Azure components such as Logic Apps, Azure Service Bus and Azure Functions Consult on API designs for purposes such … IPO. Proactively apply HMG IA technical security controls according to ISO 27001 & the Security Policy Framework (SPF) Essential Criteria Design configurations and customisation of Dataverse / Dynamics entities and forms Understanding of PCF Controls and how they can be used to extend Dynamics functionality Good understanding of the plugins including those in the XrmToolBox Design More ❯

understanding of the plugins including those in the XrmToolBox. Understanding of PCF Controls and how they can be used to extend Dynamics functionality Design configurations and customisation of Dataverse / Dynamics entities and forms Design of PowerApps integrations with other Azure components such as Logic Apps, Azure Service Bus and Azure Functions Consult on API designs for purposes such … IPO. Proactively apply HMG IA technical security controls according to ISO 27001 & the Security Policy Framework (SPF) Essential Criteria Design configurations and customisation of Dataverse / Dynamics entities and forms Understanding of PCF Controls and how they can be used to extend Dynamics functionality Good understanding of the plugins including those in the XrmToolBox Design More ❯

understanding of the plugins including those in the XrmToolBox. Understanding of PCF Controls and how they can be used to extend Dynamics functionality Design configurations and customisation of Dataverse / Dynamics entities and forms Design of PowerApps integrations with other Azure components such as Logic Apps, Azure Service Bus and Azure Functions Consult on API designs for purposes such … IPO. Proactively apply HMG IA technical security controls according to ISO 27001 & the Security Policy Framework (SPF) Essential Criteria Design configurations and customisation of Dataverse / Dynamics entities and forms Understanding of PCF Controls and how they can be used to extend Dynamics functionality Good understanding of the plugins including those in the XrmToolBox Design More ❯

and maintain an in-depth technical knowledge of company products, services and solutions. Stock take customer spare parts held Ensure strict adherence to SLA when dealing with customer tickets / calls. Qualifications and Skills A good understanding of the English language, both spoken and written. The successful candidate must be articulate and have excellent interpersonal communication skills. Formal recognised … would be advantageous. Strong troubleshooting skills required. Printer repair and an understanding of mechanical print process is essential. Printer driver and connectivity- local & network experience is required. PC hardware / software experience required. Server Hardware experience required. Excellent customer service & client interfacing skills essential. Knowledge of the following types of printers - Hewlett Packard, Sharp, Xerox and Kyocera, Canon, Printek … with a high standard work ethic. To be flexible & willing to carry out additional duties as & when required. To Adhere to Group Information Security Policy Working to ISO9001 and ISO27001 standards at all times Any other duties as required Benefits Include: An industry matching salary as well as 25 days holiday and Bank Holidays Pension Scheme. Personal Insurance policy. A More ❯