1 to 25 of 34 ISO/IEC 27001 Jobs in the City of London

Information and Cyber Security within EMEA. Manage the intragroup relationships across AD and EMEA for Information and Cyber Security, ensuring service levels are met for all services received and / or provided. Accountabilities & Responsibilities : Define intra group security governance and service management framework Enhance and embed the operating / engagement model and service level agreement to ensure continuous … depth knowledge of third-party regulations across UK and EU such as ECB's EBA, DORA and related standards Information and Cyber Security Frameworks and industry Standards (e.g., NIST / ISO 27001 / COBIT / ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

is hiring for Security Audit Analyst for London, UK location, Job: Security Audit Analyst Job Type: Open for both Permanent and Fixed Term Contract Location: London, UK(3 Days / Week onsite) Job Description: Overview The Third-Party Audit Consultant is responsible for conducting customer audits, managing short-term projects, and assessing third-party security compliance. This role requires … ISO 27001 Lead Auditor certification and a solid understanding of risk management principles. Requirements Certification as an ISO 27001 Lead Auditor, with hands-on experience conducting audits and managing audit processes. Ability to manage short-term projects independently, from planning to execution, including audit preparation and report generation. Familiarity with technology systems … of third-party vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing More ❯

time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response … capable of working effectively with diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / Relationship Management. You have excellent … or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response … capable of working effectively with diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / Relationship Management. You have excellent … or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

best practice Develop and support cloud security policies and technical standards Conduct security assessments, risk analysis, and contribute to security roadmaps Collaborate with teams to integrate security into CI / CD and cloud-native applications Configure and manage Microsoft Defender for Cloud, Defender for Endpoint, and Sentinel Deploy Microsoft Purview for compliance and information protection Manage Microsoft 365 Defender … and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with SOC and managed Sentinel provider on incident handling Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit … key stakeholders Technical Skills Deep expertise in Azure security and Microsoft Defender suite Advanced skills in Microsoft Sentinel, Purview, Intune, and Defender for Endpoint Strong experience with Entra ID / Active Directory, Conditional Access, and PIM Hands-on with PowerShell and Microsoft Graph API for security automation Familiarity with M365 security, Zero Trust models, and Microsoft Information Protection Knowledge More ❯

Technical Expertise * Strong understanding of cyber security principles and risk management. * Hands-on experience with cloud security, particularly Azure services and tools. * Familiarity with security frameworks such as ISO 27001, NIST, or CIS. * Knowledge of security technologies (firewalls, remote access, ZTNA). * Exposure to threat modelling and cyber threat intelligence is advantageous. Core Skills * Excellent communication … be treated in the strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

Sentinel - essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell … scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500 / SC-400 / SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. Senior Security engineer, M365 Consultant, M365 Engineer, Senior Cloud Security Engineer, Infrastructure More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

Security Risk Analyst 6-month contract London / Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role … able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the … improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party / vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic More ❯

premises systems to validate secure configurations. Conducting general risk assessments of new applications or tools being used within the organisation. Experience in co-ordination of the requirements to meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience … administrating PAM solutions, such as CyberArk. Understanding of NCSC cyber security principles and good practice. Familiarity with change and configuration management from a cyber perspective. Working knowledge of ISO 27001 or NIST standards. Relevant certifications (e.g., Security+, CySA+, CISMP) are desirable. If you are interested, please apply at first instance More ❯

across the organisation Manage stakeholder relationships across IT, operations, and compliance teams Implement and optimise Microsoft security tools and frameworks Ensure alignment with regulatory and industry standards (e.g. ISO 27001, GDPR) Support the business in adopting secure-by-design and Zero Trust principles Tech Environment: Microsoft Sentinel Microsoft Defender (Cloud, Endpoint, Office 365) Microsoft Entra ID More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

stakeholders. Develop training and support materials for IT risk awareness. Contribute to enterprise risk planning and resolution strategy development. Experienced Required 10+ years of experience in IT Risk, Internal / External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to … work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA / FCA, BMA, CBI). Strong analytical, verbal, and written communication skills. Highly organised, emotionally intelligent, and proactive in navigating complex environments. If you are interested in exploring this further then please reach out to as@arthur.co.uk. More ❯

stakeholders. Develop training and support materials for IT risk awareness. Contribute to enterprise risk planning and resolution strategy development. Experienced Required 10+ years of experience in IT Risk, Internal / External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to … work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA / FCA, BMA, CBI). Strong analytical, verbal, and written communication skills. Highly organised, emotionally intelligent, and proactive in navigating complex environments. If you are interested in exploring this further then please reach out to as@arthur.co.uk. More ❯

domains. Industry and Market Awareness Stay informed of external trends, technologies, and regulatory developments to shape future integrated solution strategies. Requirements: Telecommunication Network Architecture Expertise- Deep knowhow of IP / MPLS, SDWAN, Radio access network, 3GPP standards and Core telecom network system Enterprise and Solution Architecture Expertise Deep understanding of architecture principles and frameworks (e.g. TOGAF), with the ability … solutions. Systems Integration Proficient in integrating diverse systems using APIs, middleware, messaging, and data transformation patterns across cloud and on-premises platforms with architecture experience of integration of OSS / BSS and customer interfaces. Cloud and Modern Infrastructure Architecture Skilled in solutions on public cloud platforms (e.g. AWS, Azure, GCP), including use of containers, serverless, and hybrid cloud strategies. … make sound architectural decisions. Security and Compliance by Design Knowledge of secure architecture practices and regulatory requirements, ensuring solutions protect sensitive data and meet compliance standards (e.g. GDPR, ISO 27001). Leadership and Mentoring Experience leading architecture teams, guiding junior architects, and building architectural maturity across delivery functions. Business and Commercial Acumen Ability to align technical More ❯

Experience with firewalls, intrusion detection systems, antivirus software, authentication systems, content filtering, and log management. * Experience with network security and networking technologies. * Knowledge of security frameworks and certifications - NIST, ISO27001, Cyber Essentials etc * Tech stack experience: Extreme Networks Switches & Wireless, Silver Peak Aruba SD-WAN, Check Point firewalls, NetScaler load balancers, Tenable Nessus vulnerability scanner, Rapid7 SIEM, Forcepoint Stonesoft URL More ❯

Cybersecurity Consultant – Manager Location – Hybrid – London 1 day / wk (ish) Salary £65 – £80k + all the usual benefit’s Looking for more than just another consulting gig? If you're a seasoned cybersecurity consultant who’s hands-on, client-focused, and ready to lead — this is your chance to play a pivotal role in shaping this fast-growing … complex consulting projects for major UK clients — from security gap assessments to crisis simulations, risk frameworks, and technical reviews. Support the development and delivery of both technical (e.g. M365 / cloud config reviews, vulnerability assessments) and GRC engagements. Help shape and evolve our cyber propositions , working closely with delivery leads across managed services, threat intel, and MDR. Scope and … inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an More ❯