1 to 25 of 68 ISO/IEC 27001 Jobs in the East of England

and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8 / 5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender. Role This company is seeking an experienced DevSecOps … testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI / CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident … GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com / privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8 / 5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender. Role This company is seeking an experienced DevSecOps … testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI / CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident … GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com / privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London TPBN1_UKTJ More ❯

to the development of a long-term security roadmap that supports the organisation's strategic goals. Ensure ongoing compliance with frameworks and certifications such as Cyber Essentials Plus, ISO 27001, and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk … language for diverse audiences. Hands-on experience operating in or collaborating with a Security Operations Centre (SOC). Well-versed in applying recognised risk management methodologies such as ISO 27005 and NIST Risk Management Framework. Strong written and verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP … risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in return Guaranteed 3-Month contract £28.49 p / h PAYE or £36.98 p / h UMB Fully remote working - if travel is needed it will be expensed Part-time work whereby you work 3 days a More ❯

manage complex technical issues while maintaining a focus on customer service and business needs. An understanding and interest in audio-visual systems, including Digital Signage. Good knowledge of ISO 27001 and other relevant information security standards, with a proven track record of implementing and maintaining security management systems in compliance with ISO standards. Proven … Foundation-level cloud certification (e.g., Microsoft Azure Fundamentals, AWS Cloud Practitioner) Service Desk Institute (SDI) certification or similar, to reinforce user-centric service delivery. Awareness of ISO9001 / ISO27001 or similar frameworks. Exposure to tools and project delivery methodologies (e.g., PRINCE2 Foundation, Lean practitioner, AgilePM Foundation). Working Hours: Monday - Friday 08:30 - 17:30 Excellent company benefits More ❯

and policies aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Develop and maintain secure designs for firewalls, VPNs, intrusion prevention systems (IPS / IDS), network segmentation, and zero trust network access (ZTNA). Collaborate with IT, cloud, and cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and … of network protocols, routing, switching, DNS, DHCP, and encryption standards. Strong hands-on experience with network security solutions such as firewalls (e.g., Palo Alto, Fortinet, Cisco ASA), NAC, IPS / IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence … and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC, Azure / AWS security certs). Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM More ❯

and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving … to work every day. And you'll never stop growing, whatever your level . Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers More ❯

engineering controls e.g. encryption, masking and pseudonymisation. Detailed understanding of the information lifecycle and the self assurance framework for Records Management. Experience of implementing data security standards such as ISO27001, PCI DSS, NIST CSF, CAA CAF etc. Ability to effectively manage cyber security risks and can clearly communicate with key stakeholders to minimise the risk to easyJet. DESIRABLE SKILLS Experience … CISSP, CEH, GIAC, or CASP+ COMPETENCIES Ownership and Delivery . Has a clear focus to deliver results, working to targets, reviewing progress and adapting their plans accordingly, motivating themselves / the team to achieve. Customer and Shareholder Value . Understands who their customers are and seeks to exceed their needs, focussing on the importance of safety for both customers More ❯

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information More ❯

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information More ❯

findings into clear business language for various stakeholders. Produce and present high-quality technical and non-technical reports. Support clients in achieving and maintaining certifications (e.g., Cyber Essentials, ISO 27001). Stay informed on cybersecurity … trends and tools, and continuously build your expertise. Collaborate across delivery, project management, and sales teams to deliver outcomes. Mentor junior consultants and contribute to internal improvement initiatives. Skills / Must Have: 2+ years of hands-on Information Security or IT Administration experience. Strong communication skills (written and verbal), with stakeholder management ability. Working knowledge of both offensive and … working model Cycle to Work and IT Purchase Schemes (subject to T&Cs) Salary: Competitive – dependent on experience and certifications. Additional Information: Employment Type: Permanent, Full-Time (36.25 hours / week) Location: Hybrid – Bury St Edmunds Office More ❯

Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience … endpoint, and cloud security. - Ability to assess and communicate technical vulnerabilities in business terms. - Experience working with or within a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and … You will always however hear from us by phone if we are able to take your CV forward to the next stage. You can also follow us at Twitter / Facebook / LinkedIn or via our website . More ❯

details About the role Are you driven by a strong sense of integrity and a passion for safeguarding digital infrastructure? We are looking for a proactive and experienced Cyber / Information Security Lead to join our 3C ICT Shared Services team. In this pivotal role, you will uphold the highest standards of confidentiality, integrity, and availability across our IT … 27001, Cyber Essentials Plus, and risk mitigation Relevant qualifications such as CISSP, CISM, Security+, or equivalent Strong technical understanding of network and application security, anti-virus / EDR, SIEM solutions, and vulnerability testing tools Excellent communication skills with the ability to explain complex technical issues to non-technical audiences A collaborative, analytical and proactive approach to More ❯

follow security protocols. Reporting & Documentation: Create and maintain clear, concise reports, metrics, and documentation related to security incidents, risks, and controls. What we need from you; Practical experience of ISO27001 / 27004 / 27005 and NIST Risk Management Framework (RMF) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation … benefits: Access to private healthcare, dental schemes, Workplace ISA, Go Green Car Scheme, technology and lifestyle options (£500 annual allowance) Holidays: 25 days plus bank holidays, option to buy / sell leave and to accrue up to 12 additional flexi leave days per year Pension: Award winning pension scheme (up to 15% employer contribution) Wellbeing: Employee Assistance Programme with More ❯

SQL) for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess More ❯

SQL) for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess More ❯

Administrator Associate (MD-102) Microsoft Certified: Exchange Online Support Engineer (MS-220) Microsoft Certified: Identity and Access Administrator Associate (SC-300) Microsoft Certified: Endpoint Administrator Associate (MD-102) Additional / Desirable Certifications: Power Platform Fundamentals (PL-900) ITIL Foundation Certificate in IT Service Management Cisco Certified Network Associate (CCNA) or CCENT What We Offer: 33 days holiday (inclusive of … opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

Chief Information Security Officer (CISO) Location: Stevenage Salary: Up to £100,000 (depending on experience), 35% Bonus, £510 p / m car allowance, pension We have a fantastic opportunity for aChief Information Security Officer (CISO), where you will play apivotal role in planning, leading, and delivering cyber security strategies aligned with the company's mission and vision. You willbe … the primary Cyber and Information Security / Assurance advisor to the Group Head of Security / Company Directors. About the CISO Opportunity As the CISO, you will be responsible for the protection and compliance of all information systems and data, ensuring adherence to national and international security regulations. You will engage closely with key stakeholders, including the MOD … We're Looking For Extensive experience in Secure by Design, system accreditation, and government encryption. Strong knowledge of ISO 27001, Cyber Essentials Plus, and NIST / CMMC frameworks. Experience of defining and implementing strategies Executive level leadership and management experience Excellent communication skills to articulate complex security solutions. CISSP, CISM, or GIAC certifications. Current DV More ❯

LogMeIn Central, Duo MFA, and managing Linux servers would set you apart. If you’re familiar with SQL databases, web servers (like cPanel), scripting languages like Python and EDR / XDR platforms such as ESET, you’ll have an edge. Above all, we value someone eager to learn, adapt and grow with us as we migrate to Office … and SSO configuration. Implement security best practices for Azure AD and Office 365 environments. Cybersecurity and Compliance Monitor and respond to potential security alerts from tools like antivirus, EDR / XDR and firewalls. Help enforce cybersecurity policies and controls in line with standards such as ISO 27001 or Cyber Essentials Plus. Support deployment and monitoring … of EDR / XDR platforms (experience with ESET XDR is a plus). Assist with security awareness initiatives, phishing simulations and end-user training. Manage MFA (e.g. Duo or Microsoft) and conditional access in Microsoft 365. Conduct basic audits on permissions, data access, user accounts and system security settings. Email Archiving & Security Manage MailStore for email archiving to reduce More ❯

plans Identify control gaps and recommend improvements Leverage data-driven testing and automation tools Collaborate with stakeholders and deliver clear, actionable insights What You Bring: 8+ years in InfoSec / IT, with 3+ years in control testing or IT audit Strong knowledge of frameworks (NIST, ISO 27001, CIS, COBIT) Certifications: CISA, CISSP, CISM, or ISO 27001 Lead Auditor Excellent analytical, communication, and stakeholder engagement skills Nice to Have: Experience with Sailpoint, Rapid7, Wiz.io, RSA Archer, ServiceNow Familiarity with cloud security, automation, and agile methodologies Big 4 background and data analytics proficiency Be part of a team that values innovation, collaboration, and continuous improvement. Please click here to find out more about More ❯

and deploy AI-powered automations that turn manual compliance tasks into real-time, self-service workflows. Skills you should HODL 7+ years in security engineering or technical external audit / advisory, including hands-on experience with industry frameworks (e.g. ISO 27001, SOC 2, PCI DSS, FedRAMP, NIST). Strong long-form and asynchronous writing skills … for a fully remote, globally distributed team. Built and / or made substantial contributions to a common controls framework. Knowledge of infrastructure as code, CI / CD, orchestration tools, and private key management. Familiarity with security capabilities for major cloud service providers (e.g. AWS, Azure, GCP). Ability to white-board architectures and technical process flows. Communicate limitations … controls with ease. Nice to haves Certifications: CRISC, CISSP, CCNA, CCSP Experience at a public technology, financial services, fintech, etc. company. Hands-on with blockchain relevant security standards and / or crypto-custody controls. Built or advised on LLM-based or general automations to manage stages of an assessment or control process. This job is accepting ongoing applications and More ❯

and audit-ready evidence Maintaining delivery continuity across multiple projects or vendors through structured handovers and knowledge transfer Supporting alignment with control frameworks (e.g. NIST CSF, DSPT, CE+, ISO 27001) To be successful in this role, you will have: Experience working as a Business Analyst on security, infrastructure, or compliance-related projects Demonstrated ability to structure … delivery Experience managing delivery dependencies and documentation across multiple stakeholders or vendors Exposure to risk-driven and audit-sensitive project environments (Desirable) Experience supporting NHS DSPT, CE+, or ISO 27001 projects (Desirable) Experience with delivery involving external suppliers, system integrators, or managed services Strong knowledge of business analysis techniques (e.g. process modelling, gap analysis, stakeholder mapping … Barring Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name Elysium Healthcare Address Elysium Healthcare Borehamwood WD6 1JN Employer's website https: / / www.elysiumhealthcare.co.uk / More ❯

initiative delivery across game and platform development teams. Managing third-party penetration testing, red teaming, and security assessments. Driving the integration of secure development practices and automation within CI / CD workflows. Supporting compliance and audit activities through structured documentation and reporting. Coordinating vulnerability management and helping teams meet security SLAs. Collaborating with cross-functional stakeholders to embed security … experience of effective and efficient cyber security delivery, project management or security engineering. Strong understanding of vulnerability management, secure software development, and compliance frameworks (NIST CSF 2.0, GDPR, ISO 27001). Strong examples of cross-functional stakeholder management, being a knowledgeable bridge between technical cyber security teams and non-cyber security colleagues. Proven track record of More ❯

IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom / Europe Main responsibilities The Senior Associate will support with the implementation of the cybersecurity compliance programme, including: Collaboration with IT assurance engagement teams across the GT network Review of … qualifications Bachelor’s degree in IT / Computer Science desirable One of or similar to the following is desirable: CompTIA Security+ or CASP+ Associate of (ISC)2 ISO27001 Practitioner Experience – Essential Demonstrable experience in a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing … standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and / or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and lead conversations with senior stakeholders Ability to prioritise and manage a varying workload Experience - Desirable Experience with using GRC solutions as part of a risk More ❯

IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom / Europe Main responsibilities The Senior Associate will support with the implementation of the cybersecurity compliance programme, including: Collaboration with IT assurance engagement teams across the GT network Review of … qualifications Bachelor’s degree in IT / Computer Science desirable One of or similar to the following is desirable: CompTIA Security+ or CASP+ Associate of (ISC)2 ISO27001 Practitioner Experience – Essential Demonstrable experience in a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing … standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and / or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and lead conversations with senior stakeholders Ability to prioritise and manage a varying workload Experience - Desirable Experience with using GRC solutions as part of a risk More ❯

IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom / Europe Main responsibilities The Senior Associate will support with the implementation of the cybersecurity compliance programme, including: Collaboration with IT assurance engagement teams across the GT network Review of … qualifications Bachelor’s degree in IT / Computer Science desirable One of or similar to the following is desirable: CompTIA Security+ or CASP+ Associate of (ISC)2 ISO27001 Practitioner Experience – Essential Demonstrable experience in a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing … standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and / or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and lead conversations with senior stakeholders Ability to prioritise and manage a varying workload Experience - Desirable Experience with using GRC solutions as part of a risk More ❯