1 to 25 of 108 ISO/IEC 27001 Jobs in the North West

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About … the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant … audit readiness, evidence gathering, and control implementation. Excellent attention to detail, analytical thinking, and confident stakeholder communication. Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP / E, GDPR Practitioner, CISM, or CISA. Why Apply? Join a modern, compliance-driven business where security and governance are at the heart of operations. Visible More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

the organisation’s GRC framework. Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations. Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements. Assist with internal and external audits, including evidence gathering and control testing. Prepare and deliver compliance and risk reports for management … with stakeholders across all levels of the organisation. Essential Skills and Experience: Previous experience in a GRC, Risk, or Compliance Analyst position. Good knowledge of frameworks such as ISO 27001, NIST, or COBIT. Understanding of data protection and … privacy regulations (e.g., GDPR). Excellent written, verbal, and interpersonal communication skills. Strong analytical and organisational abilities. Relevant professional certifications (e.g., ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP) are desirable but not essential. More ❯

the organisation’s GRC framework. Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations. Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements. Assist with internal and external audits, including evidence gathering and control testing. Prepare and deliver compliance and risk reports for management … with stakeholders across all levels of the organisation. Essential Skills and Experience: Previous experience in a GRC, Risk, or Compliance Analyst position. Good knowledge of frameworks such as ISO 27001, NIST, or COBIT. Understanding of data protection and … privacy regulations (e.g., GDPR). Excellent written, verbal, and interpersonal communication skills. Strong analytical and organisational abilities. Relevant professional certifications (e.g., ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP) are desirable but not essential. More ❯

the business. You’ll lead audits, influence policy, and strengthen the organisation’s security and compliance posture. Key Responsibilities Lead and enhance governance, risk, and compliance frameworks. Manage internal / external audits and risk assessments. Ensure compliance with PCI DSS, ISO 27001, GDPR, and NIST. Develop and improve policies, procedures, and vendor risk management. Support … incident response and promote a culture of security awareness. Experience & Skills Proven leadership in GRC or Information Security. Strong knowledge of ISO 27001, PCI DSS, GDPR, NIST. Experience managing audits and compliance programmes. Excellent communication and … stakeholder management. Hands-on technical understanding of security controls. Desirable: Certifications: CISM, CRISC, ISO 27001 Lead Auditor (or equivalent). Experience with cloud security (AWS / Azure) and enterprise-scale environments. Benefits Salary up to £75,000+ (DOE) Private healthcare, pension & income protection Life assurance & wellbeing support Cycle-to-work & EV schemes Career growth in More ❯

the business. You’ll lead audits, influence policy, and strengthen the organisation’s security and compliance posture. Key Responsibilities Lead and enhance governance, risk, and compliance frameworks. Manage internal / external audits and risk assessments. Ensure compliance with PCI DSS, ISO 27001, GDPR, and NIST. Develop and improve policies, procedures, and vendor risk management. Support … incident response and promote a culture of security awareness. Experience & Skills Proven leadership in GRC or Information Security. Strong knowledge of ISO 27001, PCI DSS, GDPR, NIST. Experience managing audits and compliance programmes. Excellent communication and … stakeholder management. Hands-on technical understanding of security controls. Desirable: Certifications: CISM, CRISC, ISO 27001 Lead Auditor (or equivalent). Experience with cloud security (AWS / Azure) and enterprise-scale environments. Benefits Salary up to £75,000+ (DOE) Private healthcare, pension & income protection Life assurance & wellbeing support Cycle-to-work & EV schemes Career growth in More ❯

the business. You’ll lead audits, influence policy, and strengthen the organisation’s security and compliance posture. Key Responsibilities Lead and enhance governance, risk, and compliance frameworks. Manage internal / external audits and risk assessments. Ensure compliance with PCI DSS, ISO 27001, GDPR, and NIST. Develop and improve policies, procedures, and vendor risk management. Support … incident response and promote a culture of security awareness. Experience & Skills Proven leadership in GRC or Information Security. Strong knowledge of ISO 27001, PCI DSS, GDPR, NIST. Experience managing audits and compliance programmes. Excellent communication and … stakeholder management. Hands-on technical understanding of security controls. Desirable: Certifications: CISM, CRISC, ISO 27001 Lead Auditor (or equivalent). Experience with cloud security (AWS / Azure) and enterprise-scale environments. Benefits Salary up to £75,000+ (DOE) Private healthcare, pension & income protection Life assurance & wellbeing support Cycle-to-work & EV schemes Career growth in More ❯

that is needed. Experience Required: At least 5 years in a Cyber security & GRC role, at Senior, lead or manager level. Be a PCI-DSS expert around payments ISO 27001and GDPR Knowledge of Risk Management, including risk identification, assessment, and mitigation techniques Good experience around Audits and compliance Any penetration testing experience would be a bonus You'll … work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This … collaborative and forward-thinking environment, we'd love to hear from you. Press 'Apply Now', or send your CV directly to matthew. leach @ circlerecruitment . com Keywords: Cyber Security / GRC / PCI DSS / Governance Risk Compliance / Manchester Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a More ❯

and compliance experience and familiarity with other standards. Experience Required: At least 2-3 years in a Cyber security & GRC role Be a PCI-DSS expert around payments ISO 27001and GDPR Knowledge of Risk Management, including risk identification, assessment, and mitigation techniques Good experience around Audits and compliance Any penetration testing experience would be a bonus You'll … work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This … and forward-thinking environment we'd love to hear from you. Press 'Apply Now', or send your CV directly to faye . landells @ circlerecruitment . com Keywords: Cyber Security / GRC / PCI DSS / Governance Risk Compliance / Manchester Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a More ❯

the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide … expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards • Mentor junior … analysts and support SOC process development Key Skills & Experience: • Strong technical background in cyber security • Experience with application, cloud (AWS) , and infrastructure security • Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike • Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP • Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide … expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards • Mentor junior … analysts and support SOC process development Key Skills & Experience: • Strong technical background in cyber security • Experience with application, cloud (AWS) , and infrastructure security • Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike • Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP • Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide … expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior … analysts and support SOC process development Key Skills & Experience: * Strong technical background in cyber security * Experience with application, cloud (AWS) , and infrastructure security * Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike * Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP * Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes (e.g., ISO 27001, Cyber Essentials, ISO22301, etc.), acting as the primary point of contact. We'd love you to have Minimum 5 years of experience in second-line risk management or internal audit, with a strong focus on IT or Information Security. Experience in consultancy or professional services, with a proven ability to support complex transformation or change … preferred. Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes. Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CIS Controls, and regulatory requirements like GDPR. Proven ability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at More ❯

e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes (e.g., ISO 27001, Cyber Essentials, ISO22301, etc.), acting as the primary point of contact. We'd love you to have Minimum 5 years of experience in second-line risk management or internal audit, with a strong focus on IT or Information Security. Experience in consultancy or professional services, with a proven ability to support complex transformation or change … preferred. Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes. Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CIS Controls, and regulatory requirements like GDPR. Proven ability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at More ❯