1 to 25 of 33 ISO/IEC 27001 Jobs in the City of London

Information and Cyber Security within EMEA. Manage the intragroup relationships across AD and EMEA for Information and Cyber Security, ensuring service levels are met for all services received and / or provided. Accountabilities & Responsibilities : Define intra group security governance and service management framework Enhance and embed the operating / engagement model and service level agreement to ensure continuous … depth knowledge of third-party regulations across UK and EU such as ECB's EBA, DORA and related standards Information and Cyber Security Frameworks and industry Standards (e.g., NIST / ISO 27001 / COBIT / ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

the Associate Director, providing crucial administrative and compliance support. You will be instrumental in ensuring our business management systems are maintained and developed in line with all relevant ISO standards. Key Responsibilities Integrated Management Systems: Act as the primary administrator for our integrated management systems, ensuring they are maintained in line with ISO 9001, ISO … protected characteristics that fall under the Equality Act 2010. We encourage and welcome applications from all sections of society and are more than happy to discuss reasonable adjustments and / or additional arrangements as required to support your application. Candidates must be eligible to live and work in the UK. For the purposes of the Conduct Regulations 2003, when … advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary / contract vacancies we are acting as an Employment Business. More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

is hiring for Security Audit Analyst for London, UK location, Job: Security Audit Analyst Job Type: Open for both Permanent and Fixed Term Contract Location: London, UK(3 Days / Week onsite) Job Description: Overview The Third-Party Audit Consultant is responsible for conducting customer audits, managing short-term projects, and assessing third-party security compliance. This role requires … ISO 27001 Lead Auditor certification and a solid understanding of risk management principles. Requirements Certification as an ISO 27001 Lead Auditor, with hands-on experience conducting audits and managing audit processes. Ability to manage short-term projects independently, from planning to execution, including audit preparation and report generation. Familiarity with technology systems … of third-party vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing More ❯

best practice Develop and support cloud security policies and technical standards Conduct security assessments, risk analysis, and contribute to security roadmaps Collaborate with teams to integrate security into CI / CD and cloud-native applications Configure and manage Microsoft Defender for Cloud, Defender for Endpoint, and Sentinel Deploy Microsoft Purview for compliance and information protection Manage Microsoft 365 Defender … and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with SOC and managed Sentinel provider on incident handling Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit … key stakeholders Technical Skills Deep expertise in Azure security and Microsoft Defender suite Advanced skills in Microsoft Sentinel, Purview, Intune, and Defender for Endpoint Strong experience with Entra ID / Active Directory, Conditional Access, and PIM Hands-on with PowerShell and Microsoft Graph API for security automation Familiarity with M365 security, Zero Trust models, and Microsoft Information Protection Knowledge More ❯

Technical Expertise * Strong understanding of cyber security principles and risk management. * Hands-on experience with cloud security, particularly Azure services and tools. * Familiarity with security frameworks such as ISO 27001, NIST, or CIS. * Knowledge of security technologies (firewalls, remote access, ZTNA). * Exposure to threat modelling and cyber threat intelligence is advantageous. Core Skills * Excellent communication … be treated in the strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

integrate with LLM APIs (e.g., Gemini, Azure OpenAI) and internal systems. Implement advanced front-end security features including token handling, session management, data masking, and audit logging. Translate UX / UI designs into modular, reusable components aligned with enterprise design systems. Integrate front-end applications with REST / GraphQL APIs, WebSockets, and backend services. Collaborate with AI engineers … Ensure compliance with cybersecurity and data privacy standards through secure coding practices and regular code reviews. Deploy applications to GCP (Firebase, Cloud Run) and Azure App Services using CI / CD pipelines hardened for security and compliance. Participate in code reviews, technical design discussions, and architecture planning sessions. Required Knowledge, Skills & Experience Proven experience building secure, production-grade front … end applications in regulated environments (e.g., finance, healthcare, government). Strong proficiency in modern JavaScript / TypeScript frameworks (React, Next.js) and responsive UI development. Demonstrated ability to build front-end applications from scratch in greenfield or innovation lab settings. Experience developing interactive UIs, dashboards, chat interfaces, and data visualizations for AI-powered tools. Skilled in integrating front-end applications More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

Security Risk Analyst 6-month contract London / Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role … able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the … improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party / vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

stakeholders. Develop training and support materials for IT risk awareness. Contribute to enterprise risk planning and resolution strategy development. Experienced Required 10+ years of experience in IT Risk, Internal / External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to … work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA / FCA, BMA, CBI). Strong analytical, verbal, and written communication skills. Highly organised, emotionally intelligent, and proactive in navigating complex environments. If you are interested in exploring this further then please reach out to as@arthur.co.uk. More ❯

stakeholders. Develop training and support materials for IT risk awareness. Contribute to enterprise risk planning and resolution strategy development. Experienced Required 10+ years of experience in IT Risk, Internal / External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to … work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA / FCA, BMA, CBI). Strong analytical, verbal, and written communication skills. Highly organised, emotionally intelligent, and proactive in navigating complex environments. If you are interested in exploring this further then please reach out to as@arthur.co.uk. More ❯

domains. Industry and Market Awareness Stay informed of external trends, technologies, and regulatory developments to shape future integrated solution strategies. Requirements: Telecommunication Network Architecture Expertise- Deep knowhow of IP / MPLS, SDWAN, Radio access network, 3GPP standards and Core telecom network system Enterprise and Solution Architecture Expertise Deep understanding of architecture principles and frameworks (e.g. TOGAF), with the ability … solutions. Systems Integration Proficient in integrating diverse systems using APIs, middleware, messaging, and data transformation patterns across cloud and on-premises platforms with architecture experience of integration of OSS / BSS and customer interfaces. Cloud and Modern Infrastructure Architecture Skilled in solutions on public cloud platforms (e.g. AWS, Azure, GCP), including use of containers, serverless, and hybrid cloud strategies. … make sound architectural decisions. Security and Compliance by Design Knowledge of secure architecture practices and regulatory requirements, ensuring solutions protect sensitive data and meet compliance standards (e.g. GDPR, ISO 27001). Leadership and Mentoring Experience leading architecture teams, guiding junior architects, and building architectural maturity across delivery functions. Business and Commercial Acumen Ability to align technical More ❯

Experience with firewalls, intrusion detection systems, antivirus software, authentication systems, content filtering, and log management. * Experience with network security and networking technologies. * Knowledge of security frameworks and certifications - NIST, ISO27001, Cyber Essentials etc * Tech stack experience: Extreme Networks Switches & Wireless, Silver Peak Aruba SD-WAN, Check Point firewalls, NetScaler load balancers, Tenable Nessus vulnerability scanner, Rapid7 SIEM, Forcepoint Stonesoft URL More ❯

using RAG, fine-tuning, and scalable inference endpoints. Support pre-sales efforts, workshops, and proof-of-concepts alongside go-to-market teams. AI & ML Engineering Implement and optimise AI / ML models using frameworks like PyTorch, HuggingFace, LangChain, and NVIDIA Triton. Fine-tune foundation models for domain-specific use cases. Deploy and maintain inference services using REST / … pre-sales and solution support. Maintain high client satisfaction scores post-deployment. Produce thought leadership (blogs, talks, case studies) on real-world AI implementation. Required Qualifications Background in AI / ML engineering, applied AI, or technical solutions delivery. Strong experience with: Retrieval-Augmented Generation (e.g., LangChain, LlamaIndex, vector databases). LLM fine-tuning techniques (LoRA, PEFT, instruction tuning). … . Awareness of UK AI compliance and data sovereignty regulations (e.g., ISO 27001, SOC 2). Experience optimising GPU workloads. Contributions to open-source AI / ML projects or toolkits. Compensation & Benefits Competitive salary Potential equity or performance-based incentives Learning and development budget Hybrid work flexibility with occasional client or team site visits If More ❯

using RAG, fine-tuning, and scalable inference endpoints. Support pre-sales efforts, workshops, and proof-of-concepts alongside go-to-market teams. AI & ML Engineering Implement and optimise AI / ML models using frameworks like PyTorch, HuggingFace, LangChain, and NVIDIA Triton. Fine-tune foundation models for domain-specific use cases. Deploy and maintain inference services using REST / … pre-sales and solution support. Maintain high client satisfaction scores post-deployment. Produce thought leadership (blogs, talks, case studies) on real-world AI implementation. Required Qualifications Background in AI / ML engineering, applied AI, or technical solutions delivery. Strong experience with: Retrieval-Augmented Generation (e.g., LangChain, LlamaIndex, vector databases). LLM fine-tuning techniques (LoRA, PEFT, instruction tuning). … . Awareness of UK AI compliance and data sovereignty regulations (e.g., ISO 27001, SOC 2). Experience optimising GPU workloads. Contributions to open-source AI / ML projects or toolkits. Compensation & Benefits Competitive salary Potential equity or performance-based incentives Learning and development budget Hybrid work flexibility with occasional client or team site visits If More ❯

Cybersecurity Consultant – Manager Location – Hybrid – London 1 day / wk (ish) Salary £65 – £80k + all the usual benefit’s Looking for more than just another consulting gig? If you're a seasoned cybersecurity consultant who’s hands-on, client-focused, and ready to lead — this is your chance to play a pivotal role in shaping this fast-growing … complex consulting projects for major UK clients — from security gap assessments to crisis simulations, risk frameworks, and technical reviews. Support the development and delivery of both technical (e.g. M365 / cloud config reviews, vulnerability assessments) and GRC engagements. Help shape and evolve our cyber propositions , working closely with delivery leads across managed services, threat intel, and MDR. Scope and … inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an More ❯

Cybersecurity Consultant – Manager Location – Hybrid – London 1 day / wk (ish) Salary £65 – £80k + all the usual benefit’s Looking for more than just another consulting gig? If you're a seasoned cybersecurity consultant who’s hands-on, client-focused, and ready to lead — this is your chance to play a pivotal role in shaping this fast-growing … complex consulting projects for major UK clients — from security gap assessments to crisis simulations, risk frameworks, and technical reviews. Support the development and delivery of both technical (e.g. M365 / cloud config reviews, vulnerability assessments) and GRC engagements. Help shape and evolve our cyber propositions , working closely with delivery leads across managed services, threat intel, and MDR. Scope and … inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an More ❯