ISO/IEC 27001 Jobs in the UK

1 to 25 of 2,854 ISO/IEC 27001 Jobs in the UK

Security Engineer - 12 month FTC

London, England, United Kingdom
Walkers
Board, Architecture Review Board Attend IT and Security operational meetings. Required Experience Relevant Cyber Security Engineer experience. Hands-on technical support experience in IT and Network Security Engineering and / or Systems Engineering roles. Substantial experience in Security Technology Management and Incident Response, including proficiency in SOC, Malware, Ransomware, Threat Analytics, Server and Endpoint security. Must be proficient in … to work under pressure and respond quickly to security incidents or emerging threats. Proficiency with operating systems (e.g., Windows, Linux) and command-line interfaces. Must have proficiency in programming / scripting languages such as PowerShell (preferred), Python, Perl, etc. Strong understanding of network, cloud computing and application of security controls across such architectures. Experience with network security, incident management … and penetration testing. Strong up-to-date knowledge of Cyber Security. Experience with EDR and Anti-Virus / Malware management such as SentinelOne, CrowdStrike and Defender. Demonstrated ability working with IT System Administration of Azure, Defender (ATP), M365 and Windows. Experience with Identity Access and Management (IDAM) solutions. CyberArk and ENTRA ID Familiarity with conditional / remote access More ❯
Posted:

IT & InfoSec Manager

London, England, United Kingdom
Creditspring
Slack, Lastpass). Lead IT support for ~100 employees across two remote locations. We are mostly Mac users with a handful of Windows machines. Ensure a smooth onboarding / offboarding process and resolving technical issues efficiently. Implement and maintain identity and access management (IAM) systems, including SSO and MFA. Evaluate and recommend new technology solutions to support company growth … Microsoft 365, and endpoint management tools (e.g., Jumpcloud). Strong understanding of network infrastructure, including firewalls, VPNs, and cloud-based networking solutions. Experience with IAM systems (e.g., Azure AD / Microsoft Entra) and security tools (e.g., endpoint protection, DLP, SIEM). Hands-on expertise with troubleshooting hardware, software, and SaaS issues. Security Knowledge: Familiarity with security frameworks and standards … such as SOC 2, ISO 27001, GDPR, or NIST. Experience with incident response and risk management. Knowledge of Zero Trust architectures and security-first IT practices. Soft Skills: Excellent problem-solving and communication skills. Ability to collaborate effectively with external partners, such as an MSP. Strong organisational and project management skills. A proactive, growth-oriented mindset More ❯
Posted:

Information Security Analyst - Audit, Compliance & Cybersecurity

Southampton, Hampshire, United Kingdom
Hybrid / WFH Options
NICE
So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also … enhance IT controls, compliance with standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials … disability, veteran status, gender identity, sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling) that are currently employed by More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Information Security Analyst - Audit, Compliance & Cybersecurity

Hedge End, England, United Kingdom
Hybrid / WFH Options
NICE
So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also … enhance IT controls, compliance with standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials … ISO, and regulatory frameworks and ensure internal alignment. Control Documentation: Develop and maintain control narratives, walkthroughs, and documentation of compliance processes. Audit Findings: Identify control deficiencies and work with stakeholders to recommend cost-effective, value-added remediation actions. Compliance Reporting: Draft audit reports and present findings to management during status updates and closing meetings. External Audit Coordination: Collaborate More ❯
Posted:

Senior Security Engineer

London, England, United Kingdom
JR United Kingdom
Social network you want to login / join with: Address: Borough, London (UK), 2-3 days per week in the office Overview of role We are seeking a Senior Security Engineer to join our team. If you have a passion for cybersecurity, thrive on solving complex security challenges, and are experienced in advanced threat detection and response, we’d … at least 2 years as a Security Engineer In-depth knowledge of security protocols, encryption, authentication, and risk management Hands-on experience with security technologies such as SIEM, IDS / IPS, firewalls, and endpoint protection Strong understanding of cloud security (AWS, Azure, Google Cloud) and network security architecture Experience conducting vulnerability assessments, incident response, and forensics using tools such … as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like an attacker and find creative security solutions Experience of working in a hands-on role as part of a small team, as well as providing More ❯
Posted:

Information Security Analyst - Level 3

Belfast, Northern Ireland, United Kingdom
Telefonica Tech
time role for a Level 3 Information Security Analyst to join a mature managed services Cyber team who manage the security posture of critical infrastructure and services under an ISO27001 and Cyber Essentials + certified managed service environment. You will be responsible for conducting diverse cyber security tasks to make sure that our clients are secure and compliant to various … EU / UK security regulations. This is a technical, hands-on role, and the successful candidate will be responsible for (but not limited to) following: Conducting Cyber Threat Modelling (CTM) exercises NIS / NIS2 assessments and Remediation Security Gap assessments and Remediation Cyber Risk Management Third Party Risk Management Threat and Vulnerability Management Incident Response and Management Qualifications … on-prem as well cloud-hosted applications or environments. Experience with CTM frameworks like STRIDE, PASTA, MITRE ATT&CK etc. Experience in conducting assessments against common security standards like ISO27001, NIST CSF, NIST 800-53, CIS benchmarks etc. Experience in assessing, documenting and managing cyber risk, including third-party risk. Experience in driving remediation efforts and implementing technical controls to More ❯
Posted:

Head of Cyber Security

London, England, United Kingdom
Burman Recruitment
with evolving cybersecurity trends, regulations, and best practices. Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security More ❯
Posted:

Consultant- Cyber Security Consulting & Advisory

London, England, United Kingdom
Infosys
Consultant- Cyber Security Consulting & Advisory Role – Consultant (JL5) Technology – Cyber Security Consulting & Advisory Location – London (UK) Business Unit – Cyber Security, Cyber C&A, IOT / OT Team Compensation – Competitive (including bonus) Job Description Today, the corporate landscape is dynamic and the world ahead is full of possibilities! None of the amazing things we do at Infosys would be possible … an expert at contributing to different phases of the Cyber security consulting lifecycle. You will be intensely involved in; being a highly skilled Cybersecurity Engineer with expertise in OT / IoT security to join our team. The successful candidate will play a critical role in securing Operational Technology (OT) environments, including Industrial Control Systems (ICS), Supervisory Control and Data … NERC CIP, ISO 27001, and NIS2 frameworks. Vulnerability & Risk Management: Perform vulnerability analysis and penetration testing, and implement risk mitigation strategies tailored for ICS / SCADA and IoT environments. IT-OT Integration: Work closely with IT, engineering, and operational teams to integrate OT security solutions seamlessly with existing enterprise security architecture. Vendor & Third-Party Security More ❯
Posted:

Senior Consultant- Cyber Security Consulting & Advisory

London, England, United Kingdom
Infosys Limited Digital
Job details Work Location London State / Region / Province London Country United Kingdom Domain Consulting Interest Group Infosys Limited Skills Process|Cybersecurity Competency Management|Cyber Workforce Education & Training Catering Company ITL UK Requisition ID 132345BR Job description Role - Senior Consultant (JL5) Technology - Cyber Security Consulting & Advisory Location - United Kingdom (London) Business Unit - Cyber Security, Cyber C&A … will be intensely involved in; being a highly skilled Cybersecurity practitioner in a primary skills associated to GRC, as well as secondary skill -Technical e.g. IDAM, Engineer, Network, IOT / OT security to join our team. The successful candidate will play a critical role in the Practice in support to clients and their security roadmap, business G&OS and … that enable our clients to meet the changing needs of the global landscape. Required: Industry experience working in enterprise cyber security domain Security Practitioner, which includes execution of operational / tactical as well as strategy & program cyber security. Able to support the cyber security roadmap and management inclusive of security risk management, its development, lead a team and align More ❯
Posted:

Security & Compliance Senior Manager

Newbury, England, United Kingdom
Vodafone
security through the full product lifecycle of enterprise products and services Demonstrable technical security experience in IT & networks ideally in a consultancy or assurance role Strong knowledge of IOT / M2M ecosystems and frameworks including SIM security. Analytical Skills: Strong analytical and problem-solving skills to identify and address security risks Proactive approach to identifying and mitigating security risks … Excellent written and oral communication skills to effectively convey security concepts to technical and non-technical stakeholders Customer interfacing skills / experience desirable Knowledge and understanding of relevant legal and regulatory requirements, such as GDPR, Sarbanes-Oxley Act (SOX), TISAX, Payment Card Industry / Data Security Standard Knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, and COBIT Proficiency in security technologies and tools such as firewalls, IDS / IPS, SIEM, WAF, Vulnerability Management, certificates and encryption . Strong knowledge of security frameworks and standards (e.g., ISO 27001, NIST) Pentesting experience would be an advantage Knowledge of CI / More ❯
Posted:

Cyber Security Engineer

London, England, United Kingdom
Hybrid / WFH Options
In Technology Group
infrastructure against emerging threats. Key Responsibilities: Monitor, detect, and respond to security incidents and threats in real–time. Design and implement security solutions and controls, including firewalls, intrusion detection / prevention systems (IDS / IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture … document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security … CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem–solving, and communication skills. Desirable: Experience in the finance or fintech sector. Knowledge of DevSecOps practices and secure CI / CD pipelines. Exposure to security automation and scripting (Python, PowerShell, etc.). In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. #J More ❯
Posted:

Cyber Security Engineer

Milton Keynes, Buckinghamshire, South East, United Kingdom
Hybrid / WFH Options
In Technology Group Limited
infrastructure against emerging threats. Key Responsibilities: Monitor, detect, and respond to security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection / prevention systems (IDS / IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture … document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security … CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech sector. Knowledge of DevSecOps practices and secure CI / CD pipelines. Exposure to security automation and scripting (Python, PowerShell, etc.). In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. More ❯
Employment Type: Permanent
Salary: £50,000
Posted:

Consulting Director, Proactive Services, vCISO (Unit 42)

London, England, United Kingdom
Palo Alto Networks
regulatory changes to provide cutting-edge guidance to clients. Share relevant industry insights and best practices with the client's security team to foster continuous improvement. Support executive engagement / peer relationships across the UK Public Sector and international peers. Security Risk Management & Remediation Conduct cybersecurity risk assessments, vulnerability analyses, and maturity assessments for clients. Develop and implement client … Demonstrated ability to engage with C-level executives and deliver impactful presentations. UK public sector experience, preferably within Emergency Services. Deep understanding of UK public sector security policies, compliance / assurance requirements, and audit practices. Understanding of industry-recognised cybersecurity frameworks (NIST, ISO 27001, CIS), global privacy regulations, and emerging threats. Current holder of (or … working in multi-provider, multi-year programmes. Proven track record of building and implementing account growth strategies, both in terms of security maturity and business development. Exceptional communication (written / verbal), presentation, and interpersonal skills, including the ability to communicate technical concepts to diverse audiences. Highly Desired Advanced degree in Cybersecurity, Business Administration, or a related field. Professional certifications More ❯
Posted:

Information Security Manager

London, England, United Kingdom
Hybrid / WFH Options
JN Bank UK
infrastructure and digital assets from potential threats across all the Bank’s attack surface. The successful candidate will take a hands-on approach, actively monitoring the infrastructure and addressing / remediating security issues and vulnerabilities. You will work closely with the other members of the IT Operations team, the IT Development team, and the wider company to support security … incident detection, investigation, and response. · Manage security tools, including endpoint protection software, patch and update management systems, vulnerability management systems, cloud security posture management (CSPM) systems, firewalls, intrusion detection / prevention systems, SIEM platforms, and encryption technologies. · Coordinate with IT Operations, IT Development, compliance and other departments to ensure secure systems design and regulatory compliance. · Oversee third-party vendor … Technology, Cybersecurity, or a related field. ·3 –6 years of experience in information security. · Strong knowledge of financial industry regulations and compliance requirements. · Hands-on experience with firewalls, IDS / IPS, SIEM, EDR / XDR, and cloud security tools. · Professional certifications such as CISSP, CISM, CISA, or CEH. · Strong knowledge of security architecture, risk management, incident response, and More ❯
Posted:

Security Operations Center Analyst

Reading, England, United Kingdom
Hybrid / WFH Options
Infoplus Technologies UK Limited
Job title: SOC Tier 3 Analyst Will the role be 100% remote, hybrid or 100% office? Hybrid 3 days / week If the role is hybrid / office based specify location: Reading, UK Duration of assignment: 6 months contract InsideIR35 Role description: Seeking a highly experienced SOC L3 Analyst to strengthen our Security Operations Center. As a Tier … ISO 27001, GDPR, HIPAA). Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key skills / knowledge / experience: Bachelor's degree in computer science, Information Technology, Systems Engineering, or a related field. Experience: Minimum of [6-8] years of experience in cybersecurity, with … or threat hunting. Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection / response (EDR) tools. Technical Skills: Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. Expertise in analyzing and responding to threats More ❯
Posted:

Information Security Analyst

Nottingham, England, United Kingdom
Boots
or countermeasures. Contribute to the development and continuous improvement of security policies, standards, and guidelines along with internal processes Implement and document new or enhanced security controls and system / process changes. Advise on and support penetration testing and vulnerability assessments across applications, systems, and networks. Conduct in-depth reviews of legacy systems to identify and remediate security gaps. … with regulatory and compliance frameworks (e.g., ISO 27001, NIST, GDPR). Our benefits Boots Retirement Savings Plan Discretionary annual bonus Generous employee discounts Enhanced maternity / paternity / adoption leave pay and gift card for anyone expecting or adopting a child Flexible benefits scheme including option to buy additional holiday, discounted gym membership, life … assurance, activity passes and much more. Access to free, 24 / 7 counselling and support through TELUS Health, our Employee Assistance Programme. We have a great range of benefits in addition to the above that offer flexibility to suit you - find out more at boots.jobs / rewards. Exclusions may apply, eligible roles only. Please note, any salary estimates More ❯
Posted:

Incident Response Lead Analyst - Cyber Security

City of London, England, United Kingdom
The Boston Consulting Group GmbH
for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS / IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative … static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident … matters. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in More ❯
Posted:

Head of IT

London, England, United Kingdom
Hybrid / WFH Options
VML
Role type: Perm, FT / PT Location: London Preferred start date: ASAP LIFE AS A SATALIAN As an organisation, we push the boundaries of data science, optimisation and artificial intelligence to solve the most complex problems in industry. Satalia, a Wunderman Thompson Company, is a community of individuals devoted to working on diverse and challenging projects, allowing you to … multiple groups of users with differing requirements, e.g. Business IT users, Cloud Developers, Data Scientists. Support the sales teams by providing content to RFP and RFI processes. MINIMUM QUALIFICATIONS / SKILLS Education & Experience: 7+ years of progressive experience in IT / IS management, with at least 3 years in a leadership role. Proven experience in managing IT infrastructure … Ability to work independently and as part of a team in a fast-paced environment. Have run small teams. Excellent organisational and time management skills. NICE TO HAVE QUALIFICATIONS / SKILLS Bachelor's degree in Computer Science, Information Technology, or a related field. Experience running both Microsoft O365 and Google Workspace solutions. Understanding of AI solutions. Interest in modern More ❯
Posted:

Incident Response Lead Analyst - Cyber Security

London, England, United Kingdom
Boston Consulting Group (BCG)
for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS / IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative … static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident … matters. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in More ❯
Posted:

Cyber Security Analyst

London, England, United Kingdom
The Economist
Familiarity with cloud platforms (AWS, Azure, GCP). Knowledge of security standards (ISO 27001, NIST, SOC2). Experience with security tools like vulnerability scanners, IDS / IPS, SIEM. Strong analytical, problem-solving, and communication skills. Ability to work independently and collaboratively. Desirable skills include security certifications (CISSP, CISM, CEH, OSCP), cloud certifications, international experience, and More ❯
Posted:

Security Engineer - 12-Month Fixed-Term Contract

London, England, United Kingdom
Precise Placements
Firewall & Network Security : Cisco, Palo Alto, NAC DLP tools: Microsoft Purview, Tessian Strong scripting abilities (PowerShell, Python, Perl) Familiarity with vulnerability management , penetration testing, and security frameworks (NIST, ISO 27001, OWASP, GDPR) Proficient in managing compliance and infrastructure hardening against CIS benchmarks Qualifications: Degree in Computer Science, Information Security or related field Certifications such as CISSP More ❯
Posted:

Security Engineer

United Kingdom
Hybrid / WFH Options
Smart Communications group
and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … to simplify and automate complex processes and deliver highly secure, frictionless experiences across the customer lifecycle. To learn more, visit The responsibilities of the role include: Advocating for infrastructure / application Security and providing support for security projects. Competence in reviewing new technologies, methodologies and integration opportunities. Support in enhancing security detection and incident response efforts / playbooks. More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Engineer

London, England, United Kingdom
Hybrid / WFH Options
Smart Communications, Inc
and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … simplify and automate complex processes and deliver highly secure, frictionless experiences across the customer lifecycle. To learn more, visit smartcommunications.com. The responsibilities of the role include: Advocating for infrastructure / application Security and providing support for security projects. Competence in reviewing new technologies, methodologies and integration opportunities. Support in enhancing security detection and incident response efforts / playbooks. … initiative, and think creatively, while also being collaborative and team-oriented with good communication skills. Capable of taking responsibility and supporting management of projects through to completion. Advantageous skills / experience: Bachelor / master's degree in computer science, Information Security, or related Security certification: CISSP, CISM etc. Experience with security tools such as SecureWorks, Qualys, M365 Security More ❯
Posted:

Cybersecurity (Infrastructure) Engineer

London, England, United Kingdom
Expleo
sector, working with clients to protect critical infrastructure and improve their security posture in line with industry and regulatory expectations. This delivery-focused role centres on infrastructure security, OT / IT boundary protection, and implementation of technical controls across regulated environments. You will contribute to assurance activities, support security design reviews, and assist in deploying cybersecurity measures that enable … and system hardening activities across cloud, on-premises, and hybrid infrastructure, including servers, endpoints, and network layers. Support the design, implementation, and validation of security controls at the OT / IT boundary, addressing segmentation, access control, logging, and monitoring. Contribute to security architecture and design reviews, providing input to ensure compliance with relevant regulations. Assisted in identifying risks and … discipline. Recognised industry certifications in cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent). Certifications in security governance and frameworks: ISO / IEC 27001, NIST CSF, CAF, or CIS Controls. Additional vendor or platform-specific certifications (AWS, Azure, Microsoft, GCP, Palo Alto, CrowdStrike, Tenable) are advantageous. OT More ❯
Posted:

GRC Consultant

London, England, United Kingdom
NTT DATA
Social network you want to login / join with: The GRC Consultant (Cyber Assurance / Security Operations Manager)is primarily responsible for ensuring the security controls (people, process, technology) are in place and operating as designed. The primary aim is the design, development, test and evaluation of information security throughout its lifecycle. This is to ensure the business … and threats. The subsequent analysis to quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy … and effective management and control of information assets. Facilitates the implementation of these controls. Performs focused information risk assessments of existing or new services and technologies, alongside the Operational / Service Management team and technology subject matter experts. As required, will extend the assessment of existing and proposed services to third party suppliers, including the facilitation of IT Security More ❯
Posted:
ISO/IEC 27001
10th Percentile
£39,825
25th Percentile
£51,813
Median
£65,000
75th Percentile
£81,250
90th Percentile
£100,000