21 of 21 ISO/IEC 27001 Jobs in the City of London

role for someone who enjoys solving practical security challenges and building automation that makes secure development the default. Location: London – 3 days in office / 2 days remote Salary: Negotiable + comprehensive benefits package Requirements for DevSecOps Engineer: This company is seeking a technically strong security engineer with proven … experience in DevSecOps, Cloud Security Engineering, or Infrastructure Security within a modern cloud environment. Strong hands-on experience with CI / CD pipelines and automation tooling Deep experience securing AWS environments (Azure or GCP also considered) Practical experience implementing and tuning security scanning and vulnerability management tools Strong scripting ...

continuous monitoring improvements. Design, implement, optimize, and monitor security controls and tooling from the ground up, strengthening security across endpoints, infrastructure, and application CI / CD pipelines. Collaborate with engineering teams to raise the security bar through reviews, guidance, and automation. Respond to security incidents in real time - manage … participate in tabletop exercises, incident simulations, and coordinate external penetration tests. Partner with Solutions Engineering to support enterprise customer onboarding, including SSO integrations (SAML / OIDC), network allowlisting, and security reviews. Join customer-facing technical and security discussions where needed, acting as a trusted security point of contact. Risk ...

Define, maintain, and communicate the product vision and roadmap aligned with company strategy. Gather and analyse user feedback, market trends, and regulatory requirements (ISO 13485, ISO 27001, ISO 42001, GDPR, AI Act). Translate compliance and business needs into clear functional requirements … short-term impact. Problem Solver: Self-driven, proactive, and positive team player. Whats on Offer Competitive salary and comprehensive benefits package. Flexible working (hybrid / remote options). Generous leave policies. Health insurance and wellbeing support. Career progression, mentorship, and global exposure. Opportunity to shape a growing HealthTech SaaS ...

/ Windows servers, SQL / Oracle databases Excellent attention to detail, communication skills, PowerShell scripting Incident management experience, Microsoft Office proficiency Desirable: ISO27001 / NIST knowledge, Splunk / ServiceNow / SailPoint, 24 / 7 shift flexibility Location: London with hybrid working model (3 days … great fit: Identity Access Management Engineer, IAM Engineer, RSA IGL Engineer, Cyber Security Engineer, Privileged Access Management Specialist, Identity Governance, SailPoint, Splunk, ServiceNow, ISO27001, NIST, financial services security. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate ...

Senior Security Analyst / Security Engineer London (City) | £80,000–£90,000 | Permanent If you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring … hands-on Senior Security Analyst / Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years ...

level) Embed security culture and human risk management approaches Support secure GenAI adoption aligned to regulatory requirements Drive architecture improvements aligned to NIST, ISO 27001, CIS, COBIT Contribute to proposals, RFPs, and proposition development Required Domain Expertise Security Assurance ISO 27001, NIST … Security Secure GenAI design and governance Understanding of EU AI Act, GDPR, DPA 2018 AI risk modelling and controls frameworks Security Architecture Enterprise and / or application security design Secure architectural patterns and control frameworks Security posture improvement initiatives Your Background ~2+ years delivering Cybersecurity projects Experience across domains ...

with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ISO 22301 / business continuity Coordinate internal / external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate ...

Security Architect / AI Security Strategy Manager to play a key role in shaping and delivering the organisation s AI security agenda. This is a strategic leadership opportunity for a candidate with strong experience across AI governance, information security, target operating model design, and enterprise stakeholder engagement . … year planning Deep understanding of AI concepts, governance frameworks, enterprise adoption models, and associated risks Strong knowledge of information security frameworks and AI regulations / standards , including: ISO 27001 ISO 42001 NIST AI RMF EU AI Act Proven experience working with senior stakeholders ...

TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS / Azure Security are a plus. Our company fosters a values-driven and people-centric work environment that enables our employees to: · Accelerate growth, both professionally … core · Unlock global opportunities to work and learn with the industry’s best Let’s unleash your full potential at Persistent - persistent.com / careers “Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. ...

complex technical controls (Cloud Security, Identity, Zero Trust) into clear, enforceable standards. You will serve as the bridge between "What the Framework says" (NIST / TPN) and "What the Architecture does." Key Responsibilities 1. Governance Framework Architecture Build the Engine: Design and maintain the comprehensive hierarchy of Information Security … coder, but you must understand core security concepts (e.g., SAML Container Security , Network Segmentation ) well enough to debate standards with Engineers. Skills & Competencies: LogicGate / GRC Tools: Proven experience configuring and managing enterprise GRC platforms (LogicGate, ServiceNow, Archer, OneTrust). Strategic Autonomy: Ability to manage the entire document lifecycle ...

Position: Business Analyst - Third Party Cyber Security Location: London or Reading 2 days p / week; 3 days remote Type: Contract, Inside IR35, 6 Months Rate: £540 p / day (umbrella rate) We are seeking a Business Analyst to support a major third-party cyber security transformation programme … cyber initiatives Skills & Experience: Proven ability to gather and translate requirements into structured outputs Experience in risk, cyber, or procurement domains and designing frameworks / models Strong analytical mindset with excellent stakeholder engagement skills Familiarity with cyber security regulations (GDPR, NIS2, DORA) and third-party standards (ISO ...

public sector accounts. This is a remote, client-facing role for a highly technical and experienced presales professional with a strong Government / Public Sector background and current SC clearance . Key Requirements We are looking for a client-facing technical expert with deep presales experience, capable of operating … commercial value Confident at C-Suite Level and able to hold customer meetings onsite Strong expertise in: Cisco routing, switching, gateways, and applications TCP / IP, SNMP, Netflow, VoIP LAN / WAN topologies (MPLS, Frame Relay, ATM) Security concepts and network infrastructure design Network performance and fault / ...

security of a fast-growing, cloud-native platform in the financial services space. You’ll play a key role in automating infrastructure, streamlining CI / CD pipelines, and enabling engineering teams to deploy safely and confidently. This role offers the opportunity to work with cutting-edge technologies, including … Kubernetes, Terraform / OpenTofu, and modern CI / CD pipelines, while helping define best practices for a regulated, high-impact platform. What You’ll Do: Infrastructure & Automation: Build and maintain cloud infrastructure, CI / CD pipelines, and automated deployment workflows. Security & Compliance: Implement automated security controls ...

premise experience is essential. Experience operating as a proxy SME in a complex, multi-regional enterprise environment. Deep understanding of proxy technologies: explicit / transparent proxies, PAC files, SSL decryption, authentication, etc. Strong understanding of TCP / IP, DNS, HTTP / S, and authentication technologies (Kerberos, SAML … Ability to convert business and security requirements into robust technical designs. Solid background producing technical documentation and design artefacts. Desirable Skills Any relevant proxy / security certifications. Familiarity with ISO 27001, NIST CSF or related security frameworks. Experience working within regulated environments or with ITIL ...

Hiring: Cyber Security / Solutions Engineer (MSP) London | Hybrid working We’re partnering with a fast-growing Managed IT Services Provider in the creative industry, supporting 5,000+ users across 100+ businesses. Built on great people, strong culture, and a relentless focus on quality, this is a brilliant opportunity … engineers What they’re looking for: Strong hands-on cyber security experience within an MSP or similar environment Firewall experience (Palo Alto, Fortinet) EDR / endpoint protection (Microsoft Defender, Sophos, Bitdefender) Network & cloud security knowledge (Azure, AWS, VPNs, VLANs, DNS) Incident response & vulnerability management experience Cyber Essentials / ...

minimisation, retention and deletion policies for embeddings / state, audit logging, and alignment to client compliance requirements (e.g., GDPR, SOC2 / ISO27001 where applicable). 2. Bespoke AI Agent Creation Build custom domain-specific agents using OpenAI, Claude, Gemini or other LLM providers. Design multi-step agent workflows … architecture. Skills & Experience Technical Strong hands-on experience delivering production LLM systems using major providers (OpenAI, Anthropic, Google) Proficiency in Python or JavaScript / TypeScript for agent logic, tool integration and orchestration. Experience with vector databases (Pinecone, Chroma, Weaviate, Redis, etc.). Solid understanding of RAG pipelines, embeddings, prompt ...

Manager (SOC Lead) Insurance London My client, a leading insurance organisation based in the City of London, is seeking an experienced Security Operations Manager / SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving … Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR / XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks such as National Institute of Standards ...

Senior / Security Risk Assurance Manager - SC cleared Location: Hybrid (60% on-site presence) Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role The Senior Security Risk Assurance Manager plays a critical role in strengthening the organisation's security posture through strategic risk-based assurance activities. … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

governance frameworks. This senior leadership role requires deep expertise across regulatory, industry, and cybersecurity standards specifically the UK Telecom Security Act, PCI DSS, ISO 27001, and NIS2. You will act as the organisations authoritative subject-matter expert, ensuring end to end compliance, overseeing risk posture … strategy that ensure alignment with business objectives and regulatory obligations. You will be an authority on the Telecoms Security Act, PCI DSS, NIS2 and ISO27001, and will have proven experience with risk management and security assurance. This is an outstanding opportunity for an accomplished GRC Manager to join a market ...

raise improvements through service partners Ensure compliance with security standards, policies and regulatory requirements Support patching, backups and identity management workflows Contribute to ISO27001 audit activity and maintain documentation Manage hardware / software lifecycle and asset records Align procurement with onboarding / offboarding processes Support integration … Strong understanding of infrastructure, networking and Microsoft 365 Hands-on troubleshooting with Windows, hardware, SaaS and A / V Knowledge of security frameworks; ISO27001 desirable Familiarity with asset management systems and GDPR requirements Strong communication and stakeholder management Ability to support budgeting and cost optimisation Experience leading IT / ...

Deep understanding of access management, intrusion detection, and network security (routers, NLBs, V-LANs). Proficiency in applying industry standards and legislation such as ISO27001, PCI DSS, and SOX. Preferred Qualifications: Industry-recognised certifications such as CISSP, CISA, or CISM. Product-specific certifications in Cisco or Checkpoint technologies. Hands … experience with VA / PT tools, Anti-Malware, and Email security solutions. London Based | Permanent Role | £85,000 + (DOE) If you are ready to manage multiple projects at various lifecycle stages and provide high-level technical support, I want to hear from you. If the above sounds ...