1 to 25 of 62 ISO/IEC 27001 Jobs in the Midlands

What youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO / IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance, review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. … the near term). Significant experience in cyber security consulting or assurance, ideally within the public sector. Deep knowledge of GRC frameworks and standards (e.g. CAF, ISO / IEC 27001, PCI DSS).Strong client-facing skills, able to communicate complex issues clearly to technical and non-technical audiences. Proven track record of delivering … on time and influencing decision-making. Excellent written and verbal communication, including the ability to produce polished consultancy reports. Desirable certifications: ISO 27001 Lead Auditor / Implementer, CISSP, CISM, CRISC, CCP (GRC), or equivalent. Driving license and willingness to travel to client sites across the UK as required. Why join 4C Strategies? Work with a More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external … audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across … both written and verbal * Ability to build effective working relationships and influence at all levels * Comfortable working independently and proactively across teams Desirable: * Experience in supplier risk management and / or tender processes * ISO 27001 Lead Auditor / Implementer, PCIP, CISM, CompTIA Security+, or CISMP certification What you get in return: * Up to More ❯

I and EU regulations. You will chair status review sessions, maintain accreditation tracking systems, and provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials / Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid … Nottingham-based role reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials / Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance … Partner with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001 / 2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows / More ❯

management, and people leadership. Key responsibilities of the role: Lead and manage support teams, driving a culture of accountability, collaboration, and innovation. Oversee ITIL-based service delivery, ensuring SLA / KPI targets are consistently met. Manage Jira Service Desk operations, incident resolution, and root cause analysis. Build insightful Power BI dashboards to track and report on service performance. Act … as the primary point of contact for service-related issues, managing client relationships and expectations. Ensure compliance with ISO 27001 standards and develop risk mitigation strategies. Drive continuous improvement initiatives to optimise processes and enhance customer satisfaction. Experience required: 5+ years’ experience in service delivery management in SaaS, cloud, or enterprise software environments. Strong expertise in … s on offer: A leadership role with real impact on client satisfaction and operational success. A collaborative and supportive culture where initiative and innovation are valued. Hybrid, (weekly office / home split), working model with regular opportunities to travel and engage with clients. If you are a strategic thinker with a hands-on approach to service delivery and team More ❯

understand technical requirements, present solutions and provide guidance. Produce and maintain technical documentation, including architecture diagrams, procedures, and operational controls. Assist with compliance activities and audits relating to ISO 9001, ISO 27001, and other regulatory frameworks. Support incident response, risk assessments and cybersecurity best practices (Cyber Essentials Plus desirable). Handling Active Directory and … stages of implementation projects to set up the infrastructure requirements. Essential Skills & Experience Proven experience with Microsoft Azure services (IaaS, PaaS, networking, security). Strong understanding of Windows and / or Linux server administration. Experience with Azure Active Directory, Azure Security Centre, and monitoring tools. Knowledge of IT security principles, risk management and compliance. Strong infrastructure background—networking, firewalls … backup and disaster recovery. Excellent communication skills with experience in client-facing roles. Ability to create and maintain clear documentation and operational controls. Desirable Qualifications & Knowledge Experience with ISO 9001 and ISO 27001 standards and audits. Understanding of Cyber Essentials Plus requirements. Familiarity with automation and Infrastructure as Code (e.g., ARM templates, Bicep, Terraform More ❯

working with a leading Systems Integration Consultancy based in Stone, Staffordshire. They're looking for an Operational Technology Cyber Security Engineer with a background in Industrial Control Systems (ICS / SCADA) This is a fantastic opportunity to join a high-performing engineering team working on critical national infrastructure projects across the energy, utilities, water, renewables, and manufacturing sectors. This … Security Clearance. Main Responsibilities: Lead the design and implementation of secure OT network architectures across critical infrastructure environments. Conduct attack path analysis, penetration testing and adversary simulations within ICS / OT environments. Perform cybersecurity risk assessments and technical security audits aligned to recognised industry frameworks. Develop technical design specifications and security documentation including functional and infrastructure specifications. Act as … a technical mentor, guiding and supporting junior engineers within the cyber and OT engineering teams. Required Skills: Proven experience securing ICS / SCADA, PLCs, RTUs and industrial communication protocols (MODBUS, OPC, DNP3, etc.). Strong background in designing and configuring secure networks including switching, routing, and firewalls. Solid knowledge of IT / OT segmentation and secure cross-domain More ❯

support project management and business development activities. The position requires travel to the office and customer sites across the UK. Essential Experience: Education & Experience : Bachelor's degree in computer / system science and 5+ years in cybersecurity, with 2+ years in critical infrastructure / ICS environments (e.g., SCADA, PLCs, RTUs). Industry Knowledge : Ability to work across sectors … such as chemical, water, oil & gas, and energy. Technical Skills : Securing ICS communications protocols (e.g., MODBUS, OPC, DNP3). Designing / configuring secure networks (switching, routing, firewalls). Securing IT / OT communications and real-time / performance-sensitive systems. Documentation : Experience creating Functional Design and Cyber Security Specifications. Security Standards : Familiarity with frameworks such as NIST … / 800-82, ISO 27001, IEC 62433, NIS-R, etc. Stakeholder Management : Proven ability to manage relationships at all levels. Customer Focus : Commitment to customer service and performance culture. Clearance : Must be eligible for SC (Security Check) clearance. Desirable Experience: Experience in both engineering and non-engineering environments. Familiarity with customer satisfaction and More ❯

junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT / ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team … relationships. Key Requirements of the Senior ICS OT Cyber Security Engineer: Degree in Computer Science, Systems Engineering, or similar with 5+ years' relevant experience. 2+ years' experience in ICS / critical infrastructure cybersecurity. Knowledge of SCADA, PLCs, RTUs, OT protocols (MODBUS, OPC, DNP3). Experience with secure network design (switching, routing, firewalls). Experience conducting audits, risk assessments, and … implementing technical security frameworks (e.g., NIST 800-53 / 82, ISO 27001, IEC 62433). Strong stakeholder management and communication skills. Willingness to travel to client sites across UK. Eligible for SC clearance. To discuss this opportunity in more detail, please APPLY NOW . Alternatively, you can contact Katie Dark directly at . More ❯

junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT / ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team … relationships. Key Requirements of the Senior ICS OT Cyber Security Engineer: Degree in Computer Science, Systems Engineering, or similar with 5+ years' relevant experience. 2+ years' experience in ICS / critical infrastructure cybersecurity. Knowledge of SCADA, PLCs, RTUs, OT protocols (MODBUS, OPC, DNP3). Experience with secure network design (switching, routing, firewalls). Experience conducting audits, risk assessments, and … implementing technical security frameworks (e.g., NIST 800-53 / 82, ISO 27001, IEC 62433). Strong stakeholder management and communication skills. Willingness to travel to client sites across UK. Eligible for SC clearance. To discuss this opportunity in more detail, please APPLY NOW . Alternatively, you can contact Katie Dark directly at . More ❯

members. Experience required Degree in Software Engineering or related discipline. Minimum of 5+ years in a software leadership or management role. Proven experience leading software teams of 20+ developers / testers. Strong software engineering background with an understanding of modern coding standards, patterns, and tools. Demonstrated success delivering complex software projects on time and within budget. Hands-on experience … with Agile / Scrum, sprint planning, backlog grooming, and release management. Proficiency in risk management, resource allocation, and stakeholder communication. Knowledge of secure software development practices essential with any experience of the cybersecurity industry desirable. Understanding of ISO 9001 / ISO 27001 quality standards. This is just a short o v er More ❯

mapping adversary tactics and techniques to industrial environments and developing tailored mitigation strategies. You'll lead and execute advanced penetration testing, red teaming, and adversary simulation exercises within OT / ICS environments, leveraging frameworks such as MITRE ATT&CK for ICS and modelling using Bow-Tie Analysis to proactively identify and exploit vulnerabilities. You'll conduct vulnerability assessments and … including Chemical, Water, Oil and Gas, Energy. What you'll need: You'll have 5+ years' experience with cyber security technologies with at least 2 years serving critical infrastructure / industrial control systems, including SCADA, PLCs, RTUs, etc. Experience with securing systems running ICS-related communications protocols (e.g., MODBUS, OPC, DNP3, etc.). Experience securing cross-domain IT / OT communications and interfaces. Experience designing & configuring secure networks (Switching, Routing, Firewalls). Experience engineering security solutions for real-time and / or performance-sensitive systems. Experience creating Functional Design Specifications and Detailed Infrastructure, Network and Cyber Security Specifications. Demonstrated experience conducting system assessments and security audits in alignment with technical security frameworks, including NIST 800-53 / More ❯

and mature the entire IT strategy, operations and cyber posture. What You'll Do: Lead and develop a small internal IT team (initially 2 direct reports) while managing offshore / outsourced partners Own IT strategy, service delivery and infrastructure for 150 users across office and shop floor environments Maintain and enhance Cyber Essentials and ISO 27001 … budgets whilst ensuring value and performance Work closely with senior leadership to drive efficiency, resilience and innovation through technology What You'll Bring: Proven experience as Head of IT / IT Manager / IT Director within a manufacturing or industrial setting Strong knowledge of Cyber Essentials, ISO 27001, ITIL and supplier governance Experience working … level Why Join Us? Genuine ownership of IT across a growing, financially stable £80m business Direct impact on operations, performance and resilience Supportive leadership team and room to modernise / shape future roadmap Competitive salary + benefits + future progression opportunity RSG Plc is acting as an Employment Agency in relation to this vacancy. More ❯

Job title: Network Solution Architect Will the role be 100% remote, hybrid or 100% office? Hybrid If the role is hybrid / office based specify location: Coventry Duration of assignment: 6 Months Start date: 01-Nov-2025 Number of persons required: 1 Special working conditions: (travel, weekend, overtime, on call etc.) NA Role description: ( Please include a brief outline … Centre Design Knowledge F5 LTM and WAF Design Knowledge F5 Distributed cloud Knowledge Cisco ISE Palo Alto Firewalls Palo Alto SASE Prisma Access LAN, WAN, WLAN design. Key skills / knowledge / experience: (Up to 10, Avoid repetition) More general skills / experience: 1.Core Responsibilities Design and document enterprise network architectures (LAN, WAN, WLAN, cloud networking). … ensure end-to-end solution integrity. Prepare network capacity and resilience plans. Document network topology, standards, and procedures. 2. Technical Requirements Networking Technologies Expert knowledge of IP networking (IPv4 / IPv6, routing, switching, subnetting, VLANs, NAT, QoS). Deep understanding of protocols such as BGP, OSPF, EIGRP, MPLS, STP, VXLAN, and DNS / DHCP. Familiarity with SDN and More ❯

organisation. To be considered for the the role you will require the following: Essential Criteria; EDUCATION QUALIFICATIONS & TRAINING Understanding of all Microsoft applications, especially SharePoint & Purview Undergone training in ISO27001 EXPERIENCE Good level of proven experience within an IT governance role NHS DPS Toolkit Administering SharePoint sites ISO 27001 audits Conducting supplier audits KNOWLEDGE & SKILLS A … good understanding of ISO 27001, DPA and GDPR Knowledge of NHS & Private healthcare regulations and practices OTHER JOB-RELATED REQUIREMENTS Ability to create technical documentation, policies and manuals Desirable; EDUCATION & TRAINING Educated to degree level or equivalent Any Microsoft based qualifications OTHER Healthcare environment experience Experience in IT … security training Experience using Microsoft Purview Within this position, you will mainly be; Supplier Audits & Assurance Conduct regular audits of IT suppliers and managed service providers (SLAs, data handling, ISO27001 alignment, etc.) Maintain a supplier assurance register and follow up on non-conformances. Support procurement and due diligence processes for new IT vendors. Ensure software & hardware asset registers are maintained More ❯

internal and customer-facing IT projects. Maintaining infrastructure through patching, upgrades, testing, and proactive monitoring. Implementing IT security policies and VPN solutions in line with compliance standards. Supporting ISO 27001 compliance, risk management, and audit readiness. Assisting with disaster recovery planning and business continuity measures. Overseeing IT asset management, procurement, and vendor relationships. Producing and maintaining … VMware environments. Strong knowledge of Windows and Linux system administration. Familiarity with networking concepts (routing, switching, firewalls, VPNs). Exposure to automation tools such as PowerShell, Ansible, or CI / CD workflows. A solid understanding of IT security best practices and compliance standards. Experience supporting or maintaining ISO 27001 or similar frameworks. Strong communication and More ❯

to-end solution integrity. Prepare network capacity and resilience plans. Document network topology, standards, and procedures. Skills, Experience, and Abilities Required: Technical Requirements: Expert knowledge of IP networking (IPv4 / IPv6, routing, switching, subnetting, VLANs, NAT, QoS). Deep understanding of protocols (BGP, OSPF, EIGRP, MPLS, STP, VXLAN, DNS / DHCP). Familiarity with SDN and SD-WAN … Security integration: Zero Trust, segmentation, NAC; familiarity with ISO 27001, NIST, PCI-DSS, GDPR. Cloud & Virtualisation: AWS, Azure, or GCP networking services; understanding of hybrid / multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco DNA Center); performance monitoring, logging, incident response. Experience Requirements: 7 10+ years in network … engineering, with 3 5 years in architecture / design roles. Proven experience in large-scale or complex enterprise environments. Architectural artefact production (HLDs, LLDs, diagrams, standards). Leading technical design workshops and influencing senior stakeholders. Vendor selection and cost optimisation experience. Educational & Certification Requirements: Bachelor's degree (or higher) in Computer Science, Information Technology, or related field. Preferred certifications More ❯

fully functional internal IT team. Develop and enforce IT policies, procedures, and standards that meet operational, regulatory, and compliance requirements across all regions. Ensure full compliance with GDPR, ISO standards (27001, 27002, etc.), and global cyber regulations, including leading certification processes. Design and implement a comprehensive Information Security Management System (ISMS) and establish breach protocols, disaster … Looking For Proven experience in senior IT roles (e.g., IT Manager, Infrastructure Lead). Strong technical knowledge in networking, cloud computing, cyber security, and Microsoft 365. Experience with ISO 27001 certification and ISMS leadership. Skilled in managing external IT vendors and service providers. Excellent communicator with the ability to explain technical concepts clearly. Project management experience More ❯

segmentation project in AWS, separating production and non-production environments. Key Responsibilities: Design, implement, and support enterprise network infrastructure across Cisco and Palo Alto on-premises environments, and Azure / AWS cloud platforms. Lead deployment and optimisation of SD-WAN and SASE / SSE technologies (e.g., Netskope, Zscaler, Cisco Umbrella). Manage and maintain secure network architectures including … root cause analysis, and ongoing improvements. Required Skills & Experience: Extensive experience executing network refresh projects. Strong expertise with Cisco, Palo Alto, HAProxy, and Azure networking. Solid understanding of TCP / IP, DNS, DHCP, VPNs, VLANs, firewall policies, and routing protocols (BGP, OSPF). Proven track record with SD-WAN deployments. Practical knowledge of SSE / SASE platforms (e.g. … Netskope, Zscaler, Prisma Access). Experience with AWS and / or Azure networking (VPC / VNet, transit gateways, peering, VPNs). Proficiency with monitoring and troubleshooting tools (NetFlow, Wireshark, CloudWatch, Grafana). Strong communication, documentation, and collaboration skills. Preferred Certifications: Cisco: CCNP, CCIE AWS: Advanced Networking, Solutions Architect Microsoft: Azure Network Engineer Associate, Azure Solutions Architect Expert Palo More ❯

with the ability to influence technical and non-technical stakeholders. Strong leadership, motivational, and problem-solving abilities. Useful additional expertise (advantageous): Experience with SAN servers, SQL, Microsoft Teams, SCCM / SCOM, RMM / MDM tools. Cybersecurity certifications and knowledge (CE+, ISO 27001, etc.). Advanced networking expertise (QoS, VLANs, MPLS, wireless AP configuration). More ❯

skills with the ability to influence technical and non-technical stakeholders. Strong leadership, motivational, and problem-solving abilities.Useful additional expertise (advantageous): Experience with SAN servers, SQL, Microsoft Teams, SCCM / SCOM, RMM / MDM tools. Cybersecurity certifications and knowledge (CE+, ISO 27001, etc.). Advanced networking expertise (QoS, VLANs, MPLS, wireless AP configuration). More ❯

board Drive security awareness and training programmes for all employees Manage relationships with external auditors, regulators, and security vendors Mentor, hire, and retain high-performing information security talent Experience / Skills Required Managing security for cloud-first environments specifically Microsoft Azure Implementing Security Operations Centres (SOC) and automated security monitoring Collaborate with the third-party risk management and vendor … leadership experience in information security within financial services Deep understanding of regulatory and compliance requirements for banking and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills More ❯

Proficient in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of More ❯

people across the UK. They are passionate about creating safe, nurturing environments that transform lives. As part of their digital evolution, they are seeking a skilled Information Security Engineer / Analyst to help strengthen their cyber security posture and safeguard our systems and data. Reporting directly to the Head of IT this is a hands-on technical role focused … Support secure software development lifecycle (SDLC) processes and promote secure coding standards Identify and remediate vulnerabilities using industry-standard tools Administer and configure security technologies (e.g., firewalls, SIEM, IDS / IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root … NIST, ISO 27001, Cyber Essentials+ Hands-on experience with tools like Nessus, Qualys, SIEM, EDR, DLP, VPNs, and firewalls Strong understanding of network protocols (TCP / IP, DNS, HTTP, SSH) and segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in More ❯

Proficient in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of More ❯

IT, and Fleet. Every person in every team is contributing the lasting impact our Team makes. Help build and keep the nation's critical infrastructure connected and protected 24 / 7. Reporting into the Network Services Business Unit Security Manager, the Senior Information Security officer will ensure security is embedded into all areas of the business and appropriate technical … and compliance technical assessments of all applicable standards, policies, regulation, and legislation compliance Creation of security standards and requirements documents for projects and activities to be based on ISO 27001, NIST 800-53 and ISO 22301. Review risks, propose mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process More ❯