1 to 25 of 43 ISO/IEC 27001 Jobs in the Midlands

You can find out more about us at www.nettitude.com. If you want to review our research and tooling, then head on over to https: / / labs.nettitude.com The role We are looking for a QSA to join our GRC team in the UK. This role is home-based … and NIST CSF ISO 27001 gap analyses Helping our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification Conducting risk assessments Creating or supporting third-party risk management and audit programmes Essential skills and experience: Be a current QSA who has completed … Cyber Essentials Perform ISO 27001 gap analyses Help our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification PCI DSS consultancy and gap analyses Assistance in implementing PCI DSS requirements such as policy writing Complete on-site assessments and reports on compliance More ❯

investments. What you will do: Drive the company's information security strategy, ensuring alignment with GDPR, ISO 27001, DORA, PSD2 / 3, and other relevant regulations Identify and address local and entity-specific security requirements to maintain rigorous standards Conduct regular risk identification and develop … Develop and maintain security policies, standards, and incident response protocols Support business continuity and disaster recovery planning for seamless resilience Lead and oversee internal / external security audits to ensure transparency and accountability Partner with engineering and ICT teams to embed secure-by-design principles in products and infrastructure … with ISO 27001, NIST, and cybersecurity best practices Risk & Governance : Skilled in conducting risk assessments, defining mitigation strategies, and creating / enforcing security policies Good technical understanding of IT infrastructure, software development, hardware, data flows, change management, and BC / DR-and how they More ❯

and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. … diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / … With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

Experience performing IT Audit or Information Security control assessments, with specific experience testing cloud security controls. Professional certification such as CISA, CISM, CISSP, ISO … 27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on prem and in cloud environments. Important Skills More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline.Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent.Technical certifications or training aligned to OT security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms.Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations.Additional certifications or practical experience in Secure by Design, systems assurance, or control systems architecture are advantageous. Essential … infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures.Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes.Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to technical More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Familiarity with rail sector security and safety standards is highly desirable. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or practical experience in Secure by Design, systems assurance, or control systems … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or practical experience in Secure by Design, systems assurance, or control systems … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or practical experience in Secure by Design, systems assurance, or control systems … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

ISO Audit Specialist Posting Date: 1 May 2025 Function: Risk, Compliance and Assurance Unit: Business Location: UK Wide, United Kingdom About the role As our ISO Audit Specialist, you'll lead audits across multiple ISO Standards servicing BT group (Openreach, Digital, Business, Networks, Corporate … government contracts, ideally with experience in telecommunications or technology industries. You will maintain ISO standards linked to BT Group Risks, such as ISO27001 for Cyber & Information Security, ISO22301 for Service Interruption, and ISO14001 for Major Contracts. Your role involves identifying and implementing actions to mitigate risks from non … maintenance of the ISO Certificate database and audit universe. Required experience and qualifications Lead Auditor qualification to ISO standards, primarily ISO27001, plus another ISO standard (e.g., ISO9001, ISO14001, ISO22301). Experience designing, implementing, and maintaining management systems (ISO 27001 preferred More ❯

Work closely with IT, cloud, and network teams to ensure security is integrated at every level Manage security tools and technologies, including SIEM, IDS / IPS, firewalls, and endpoint security Ensure compliance with security frameworks (ISO 27001, NIST, CIS, GDPR, etc.) Ensure employee security awareness … analytical and problem-solving skills, with the ability to interpret security data and provide actionable insights Familiarity with compliance frameworks and security governance (ISO 27001, NIST, CIS, GDPR) SC Clearance highly preferred More ❯

technologies and taking a pragmatic approach to designing security solutions for the bank Can work effectively and efficiently with internal and external SME's / Partner organisations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills Has More ❯

in revenue, and supports more than 60,000 clients across a diverse range of sectors and markets. Role Purpose: An Information Security Officer (ISO) is required to support LRQA's global operations, to develop, improve and maintain the organisation's Information Security capability. Working closely with the Global … opportunities for improvement and facilitate development of pragmatic solutions. Work with the DPO to ensure appropriate security is applied to data and provide reports / subject access requests. Design and deliver continual education and training to our colleagues to support them in identifying risks in their day-to-day … environment is a plus. Technical / Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of Three Lines of Defence Model and its application. Knowledge of More ❯

the Microsoft cloud. Your responsibilities will include: Evaluate and enhance existing IT systems, management procedures, and security protocols to ensure robust protection. Oversee ISO 27001 and other key accreditations by collaborating with internal teams and external auditors. Manage information security requests and compliance reports, ensuring adherence … your existing skills while developing new ones, contributing to the strategic security objectives of the Company and ensuring adherence to critical accreditations, including ISO 27001, GDPR, Cyber Essentials, and PCI DSS. The successful candidate will demonstrate: Strong analytical skills with a meticulous approach to identifying and … expertise in information security. Happy to travel occasionally to other sites as required. Desirable Experience: Demonstrable expertise in external audit, compliance, and security processes (ISO27001, GDPR, Cyber Essentials and PCI DSS). Microsoft accreditation or other recognised certifications (e.g. Microsoft Learning, CISA, CISM, CRISC, CCSP) would be very beneficial. Benefits More ❯

Complete small projects, including researching and testing new products and technologies. 6.Compliance and Values: Ensure adherence to Axians' Management System Manual for Quality (ISO 9001), InfoSec (ISO 27001), and ESG (ISO 14001). Consistently embody and demonstrate Axians' UK core values- Trust More ❯

and both organising and managing the plant internal audit system and the corrective action reporting system Conducting Quality Systems audits and assisting in training / providing guidance to other auditors as required as well as hosting external Quality System audits Providing training on Quality issues and business processes and … industry related professional body, demonstrating essential knowledge of quality and business systems and strong knowledge of APQP, PPAP and FMEA, along with Lean Manufacturing / Six sigma and ITAF 16949, ISO 13485, ISO 9000, gained within a high volume manufacturing environment. You will demonstrate a … good understanding of engineering drawings and manufacturing processes, measurement and quality assurance, with knowledge of both ISO 27001 and ISO14001 and Health and Safety Practices gained in an automotive environment proving distinctly advantageous. Contact the Quality Team at Premier Technical Recruitment on 01827 68400 or email More ❯

threats, industry trends, and regulatory changes affecting the financial sector. About you: Security Tools Expertise: Strong understanding of security tools (SIEM, EDR, firewalls, IDS / IPS) and vulnerability management processes. Technical Knowledge: Solid grasp of networking, system administration, and secure configurations. Standards Familiarity: Familiarity with standards and frameworks such … as ISO 27001, NIST CSF, and Cyber Essentials. Communication Skills: Clear and confident communicator with excellent analytical and documentation skills. Experience: 3-5 years of experience in cybersecurity or information security, ideally within financial services. People Skills: Personable with excellent people skills to motivate, engage, and … role and to support your future career aspirations. For all full-time roles we work a 35-hour working week to promote a work / life balance, we want you to be at your best inside and outside of work. A friendly and inclusive culture where teams genuinely strive More ❯

will be acting as the primary leader within this program of work. Responsibilities will include: Assess existing the Microsoft security suite and identify weaknesses / strengths for the existing products (CrowdStrike, Endpoint, Defender) Perform capability assessments of a range of MS Security products Produce and update end-to-end … solutions to technical risks Present and advise stakeholders as the cybersecurity SME. Required Skills E5 Security-Up Compliance Microsoft Security Architect Expert (SC1000 CISSP / CISM Certification BizzDesign / Archi, or UML Visualisation Experience ISO 27001 Apply Now! If you are a Security Architect More ❯

closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24 / 7 on-call support on a rotational basis for security platform-related issues. * Emerging Technologies & Innovation: Stay ahead of cloud security advancements, evolving SIEM … ATT&CK framework, Zero Trust, and cloud security best practices. * Knowledge of Azure, AWS, M365, hybrid environments, and cloud security frameworks (CIS, NIST, ISO 27001, etc.). * Experience with scripting and automation (PowerShell, Python, KQL, or similar languages) to enhance security operations. * Excellent problem-solving, analytical More ❯

closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24 / 7 on-call support on a rotational basis for security platform-related issues. * Emerging Technologies & Innovation: Stay ahead of cloud security advancements, evolving SIEM … ATT&CK framework, Zero Trust, and cloud security best practices. * Knowledge of Azure, AWS, M365, hybrid environments, and cloud security frameworks (CIS, NIST, ISO 27001, etc.). * Experience with scripting and automation (PowerShell, Python, KQL, or similar languages) to enhance security operations. * Excellent problem-solving, analytical More ❯

enforce security protocols. Manage and mentor a team of DevOps engineers, ensuring their professional growth and operational effectiveness. Oversee the continuous improvement of CI / CD pipelines, ensuring robust automation and deployment practices. Provide strategic guidance on infrastructure and system reliability. Ensure security practices within the DevOps lifecycle are … technical support across the organization. Implement and manage IT support workflows and ticketing systems. Oversee employee device and account provisioning and decommissioning. Ensure hardware / software setup, maintenance, and upgrades are completed timely. Develop and maintain a knowledge base for common IT support issues. What you'll bring: Bachelor … least 2 years in a leadership role. Strong understanding of operating systems (Windows, macOS), productivity tools (Google Workspace, Microsoft 365), security frameworks (NIST, ISO 27001, SOC 2, GDPR, PCI DSS), and DevOps practices. Proficiency with monitoring platforms like Datadog, New Relic, or similar. Familiarity with ITSM More ❯

IT Internal Controls Manager Permanent Based in Solihull (Hybrid with 2 / 3 days in the office and the rest at home). Will also consider London based. We are looking for an experienced IT Internal Controls Manager to join our friendly and dynamic team here at Waterstones and … and requirements. In-depth knowledge of the ICFR Standards (US SOX, UK Corporate Governance Code) Strong awareness of IT control frameworks (e.g. COBIT, ISO 27001, NIST) and regulatory requirements (e.g. GDPR, ISO, ITIL). Experience with Systems transformation projects and an ability to embed More ❯

CISSP, CISM). Experience managing operational security activities, including governance and compliance. Strong understanding of regulatory and compliance frameworks such as NIST CSF, ISO 27001, and GDPR. Demonstrated ability to advise on secure software development practices. Demonstrable experience with security technologies and architectures. Hands-on experience More ❯

OT Systems Architect Contract: 4 Months (Rolling) Day Rate: £700 p / d (Outside IR35) My client is an industry-leading organisation and are seeking an OT Systems Architect to support a digital transformation of their operational technology. This role will be crucial in defining and communicating a shared … and Experience: Strong understanding of Linux-based control systems, preferably with hands-on experience. Exposure to industrial network protocols (Industrial Ethernet, DNP3, Modbus TCP / RTU). Multi-layer architectures for Telemetry SCADA systems, PLC, RTU, and other OT / IIoT components. RTUs, PLC's and related HMI … software Experience in architecting OT and SCADA solutions in line with NCSC Cyber Assessment Framework (CAF), Security of Network & Information Systems Regulations (NIS), IEC 62443, NIST SP800, ISO 27001, etc If this is something you'd like to like to be considered for, please More ❯

or equivalent. Recognised qualification in information security, data protection, or risk (e.g. CISM, CISSP, CRISC, BCS DPO, etc.). In-depth understanding of ISO 27001, NIST, or other relevant security frameworks. Up-to-date knowledge of data protection legislation and associated best practices. Understanding of cross More ❯