1 to 25 of 39 ISO/IEC 27001 Jobs in the West Midlands

You can find out more about us at www.nettitude.com. If you want to review our research and tooling, then head on over to https: / / labs.nettitude.com The role We are looking for a QSA to join our GRC team in the UK. This role is home-based … and NIST CSF ISO 27001 gap analyses Helping our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification Conducting risk assessments Creating or supporting third-party risk management and audit programmes Essential skills and experience: Be a current QSA who has completed … Cyber Essentials Perform ISO 27001 gap analyses Help our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification PCI DSS consultancy and gap analyses Assistance in implementing PCI DSS requirements such as policy writing Complete on-site assessments and reports on compliance More ❯

investments. What you will do: Drive the company's information security strategy, ensuring alignment with GDPR, ISO 27001, DORA, PSD2 / 3, and other relevant regulations Identify and address local and entity-specific security requirements to maintain rigorous standards Conduct regular risk identification and develop … Develop and maintain security policies, standards, and incident response protocols Support business continuity and disaster recovery planning for seamless resilience Lead and oversee internal / external security audits to ensure transparency and accountability Partner with engineering and ICT teams to embed secure-by-design principles in products and infrastructure … with ISO 27001, NIST, and cybersecurity best practices Risk & Governance : Skilled in conducting risk assessments, defining mitigation strategies, and creating / enforcing security policies Good technical understanding of IT infrastructure, software development, hardware, data flows, change management, and BC / DR-and how they More ❯

Cyber Security Engineer will be responsible for safeguarding the Azure environment and custom web applications, managing end-user security, and ensuring compliance with ISO 27001, GDPR, and SOC2. Key responsibilities of the Cyber Security Engineer: Design, deploy, and manage security measures for the Azure Infrastructure and … including Defender, Azure Security Centre, and Active Directory security policies. Monitorc and investigate security incidents, ensuring swift resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in-depth vulnerability assessments, penetration testing, and … and Active Directory, with a strong understanding of endpoint protection solutions, including Microsoft Defender. Familiarity with regulatory frameworks and security standards such as ISO 27001, SOC2, and GDPR. Possess relevant industry certifications e.g. CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles More ❯

Cyber Security Engineer will be responsible for safeguarding the Azure environment and custom web applications, managing end-user security, and ensuring compliance with ISO 27001, GDPR, and SOC2. Key responsibilities of the Cyber Security Engineer: Design, deploy, and manage security measures for the Azure Infrastructure and … including Defender, Azure Security Centre, and Active Directory security policies. Monitorc and investigate security incidents, ensuring swift resolution to incidents. Maintain compliance with ISO 27001, GDPR and SOC2 by developing security policies, conducting audits, and managing risk assessments. Conduct in-depth vulnerability assessments, penetration testing, and … and Active Directory, with a strong understanding of endpoint protection solutions, including Microsoft Defender. Familiarity with regulatory frameworks and security standards such as ISO 27001, SOC2, and GDPR. Possess relevant industry certifications e.g. CISSP, CEH and Azure Security Engineer (desired). Deep knowledge of cybersecurity principles More ❯

Work closely with IT, cloud, and network teams to ensure security is integrated at every level Manage security tools and technologies, including SIEM, IDS / IPS, firewalls, and endpoint security Ensure compliance with security frameworks (ISO 27001, NIST, CIS, GDPR, etc.) Ensure employee security awareness … analytical and problem-solving skills, with the ability to interpret security data and provide actionable insights Familiarity with compliance frameworks and security governance (ISO 27001, NIST, CIS, GDPR) SC Clearance highly preferred More ❯

technologies and taking a pragmatic approach to designing security solutions for the bank Can work effectively and efficiently with internal and external SME's / Partner organisations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills Has More ❯

in revenue, and supports more than 60,000 clients across a diverse range of sectors and markets. Role Purpose: An Information Security Officer (ISO) is required to support LRQA's global operations, to develop, improve and maintain the organisation's Information Security capability. Working closely with the Global … opportunities for improvement and facilitating development of pragmatic solutions. Working with the DPO to ensure appropriate security is applied to data and provide reports / subject access requests. Designing and delivering continual education and training to our colleagues to support them in identifying risks in their day-to-day … environment is a plus. Technical / Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of Three Lines of Defence Model and its application. Knowledge of More ❯

in revenue, and supports more than 60,000 clients across a diverse range of sectors and markets. Role Purpose: An Information Security Officer (ISO) is required to support LRQA's global operations, to develop, improve and maintain the organisation's Information Security capability. Working closely with the Global … opportunities for improvement and facilitate development of pragmatic solutions. Work with the DPO to ensure appropriate security is applied to data and provide reports / subject access requests. Design and deliver continual education and training to our colleagues to support them in identifying risks in their day-to-day … environment is a plus. Technical / Professional Qualification requirements: Proven experience in Information Security Management and IT risk management. In-depth knowledge of ISO27001 to Lead Auditor standard. Knowledge of relevant regulations (Data Protection, DORA, NIS2). Knowledge of Three Lines of Defence Model and its application. Knowledge of More ❯

the Microsoft cloud. Your responsibilities will include: Evaluate and enhance existing IT systems, management procedures, and security protocols to ensure robust protection. Oversee ISO 27001 and other key accreditations by collaborating with internal teams and external auditors. Manage information security requests and compliance reports, ensuring adherence … your existing skills while developing new ones, contributing to the strategic security objectives of the Company and ensuring adherence to critical accreditations, including ISO 27001, GDPR, Cyber Essentials, and PCI DSS. The successful candidate will demonstrate: Strong analytical skills with a meticulous approach to identifying and … expertise in information security. Happy to travel occasionally to other sites as required. Desirable Experience: Demonstrable expertise in external audit, compliance, and security processes (ISO27001, GDPR, Cyber Essentials and PCI DSS). Microsoft accreditation or other recognised certifications (e.g. Microsoft Learning, CISA, CISM, CRISC, CCSP) would be very beneficial. Benefits More ❯

and both organising and managing the plant internal audit system and the corrective action reporting system Conducting Quality Systems audits and assisting in training / providing guidance to other auditors as required as well as hosting external Quality System audits Providing training on Quality issues and business processes and … industry related professional body, demonstrating essential knowledge of quality and business systems and strong knowledge of APQP, PPAP and FMEA, along with Lean Manufacturing / Six sigma and ITAF 16949, ISO 13485, ISO 9000, gained within a high volume manufacturing environment. You will demonstrate a … good understanding of engineering drawings and manufacturing processes, measurement and quality assurance, with knowledge of both ISO 27001 and ISO14001 and Health and Safety Practices gained in an automotive environment proving distinctly advantageous. Contact the Quality Team at Premier Technical Recruitment on 01827 68400 or email More ❯

will be acting as the primary leader within this program of work. Responsibilities will include: Assess existing the Microsoft security suite and identify weaknesses / strengths for the existing products (CrowdStrike, Endpoint, Defender) Perform capability assessments of a range of MS Security products Produce and update end-to-end … solutions to technical risks Present and advise stakeholders as the cybersecurity SME. Required Skills E5 Security-Up Compliance Microsoft Security Architect Expert (SC1000 CISSP / CISM Certification BizzDesign / Archi, or UML Visualisation Experience ISO 27001 Apply Now! If you are a Security Architect More ❯

closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24 / 7 on-call support on a rotational basis for security platform-related issues. * Emerging Technologies & Innovation: Stay ahead of cloud security advancements, evolving SIEM … ATT&CK framework, Zero Trust, and cloud security best practices. * Knowledge of Azure, AWS, M365, hybrid environments, and cloud security frameworks (CIS, NIST, ISO 27001, etc.). * Experience with scripting and automation (PowerShell, Python, KQL, or similar languages) to enhance security operations. * Excellent problem-solving, analytical More ❯

closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24 / 7 on-call support on a rotational basis for security platform-related issues. * Emerging Technologies & Innovation: Stay ahead of cloud security advancements, evolving SIEM … ATT&CK framework, Zero Trust, and cloud security best practices. * Knowledge of Azure, AWS, M365, hybrid environments, and cloud security frameworks (CIS, NIST, ISO 27001, etc.). * Experience with scripting and automation (PowerShell, Python, KQL, or similar languages) to enhance security operations. * Excellent problem-solving, analytical More ❯

our app and exchanges. Your work will focus on solving complex engineering challenges that bridge traditional and crypto financial services, driving cost-effective, 24 / 7 access to digital finance. Join us remotely, you can be located anywhere around the CET time zone, as our work is 100% online. … focus on risk assessment and decision-making. Proficiency in at least one programming language: Python, GoLang, C++, or Java. Strong Linux administration skills (Debian / Ubuntu). Solid grasp of LAN / WAN networking, firewalls, proxy servers, load balancers, and protocols (HTTP(s), DNS, SSH, TCP / IP, REST). Hands-on experience with Docker containerization. Familiarity with CI / CD systems and version control. Expertise in Kubernetes and Helm. Experience with public cloud platforms (GCP, AWS, or Azure). Proven ability to implement redundancy and disaster recovery scenarios. Track record in scaling high-efficiency More ❯

Select how often (in days) to receive an alert: Product Owner - Managed Desktop Services Hybrid - Solihull (3 days per week) / occasional travel to other company sites . Full Time, Permanent Here at Serco, we are seeking a Product Owner for Managed Desktop Services to join Serco's UK … of complex technical incidents and problems, ensuring timely and effective solutions. What You Will Need: Technical Expertise: Strong expertise in Windows OS (Windows 10 / 11) and basic knowledge of macOS Experience with OS imaging and deployment (e.g., MDT, WDS, Autopilot) Group Policy (GPOs) - configuring and enforcing security policies … security solutions (Defender, CrowdStrike, Symantec, etc.). Understanding of compliance frameworks (ISO 27001, GDPR, Cyber Essentials) Basic understanding of TCP / IP, DNS, DHCP, and VPN Proficient in ITIL best practices for incident, problem, and change management. Experience in product management, preferably in an IT More ❯

Select how often (in days) to receive an alert: Product Owner - Managed Desktop Services Hybrid - Solihull (3 days per week) / occasional travel to other company sites . Full Time, Permanent Here at Serco, we are seeking a Product Owner for Managed Desktop Services to join Serco's UK … of complex technical incidents and problems, ensuring timely and effective solutions. What You Will Need: Technical Expertise: Strong expertise in Windows OS (Windows 10 / 11) and basic knowledge of macOS Experience with OS imaging and deployment (e.g., MDT, WDS, Autopilot) Group Policy (GPOs) - configuring and enforcing security policies … security solutions (Defender, CrowdStrike, Symantec, etc.). Understanding of compliance frameworks (ISO 27001, GDPR, Cyber Essentials) Basic understanding of TCP / IP, DNS, DHCP, and VPN Proficient in ITIL best practices for incident, problem, and change management. Experience in product management, preferably in an IT More ❯

IT Internal Controls Manager Permanent Based in Solihull (Hybrid with 2 / 3 days in the office and the rest at home). Will also consider London based. We are looking for an experienced IT Internal Controls Manager to join our friendly and dynamic team here at Waterstones and … and requirements. In-depth knowledge of the ICFR Standards (US SOX, UK Corporate Governance Code) Strong awareness of IT control frameworks (e.g. COBIT, ISO 27001, NIST) and regulatory requirements (e.g. GDPR, ISO, ITIL). Experience with Systems transformation projects and an ability to embed More ❯

IAM, cloud security (AWS, Azure), and endpoint protection. Experience managing BAU security operations. Good understanding of security frameworks and regulations (e.g., NIST CSF, ISO 27001, GDPR, CIS controls). Familiarity with security technologies such as SIEM, endpoint security, intrusion detection, and secure coding practices. Excellent problem More ❯

Senior Cyber Security Analyst Permanent Based in Solihull (hybrid working 2 / 3 days in the office with the rest of the week at home) We would also consider candidates who could be based from our London office on Piccadilly with regular travel to our Solihull office. We are … Conduct risk & vulnerability assessments and co-ordinate remediation activities. What we need from you Understanding and practical implementation of security frameworks (e.g. NIST, ISO 27001, CIS etc). Experience working with PCI DSS control requirements & QSA’s. Experience of creating (and maintaining) guidelines, standards & controls for … Person Profile Certifications are desirable but not required; a demonstrated knowledge, understanding & practical application of cyber security counts! Minimum 6 years working in Information / Cyber Security roles. Practical understanding, knowledge & experience of cyber security controls. Practical understanding, knowledge & experience of multiple security products. High level of knowledge on More ❯

CISSP, CISM). Experience managing operational security activities, including governance and compliance. Strong understanding of regulatory and compliance frameworks such as NIST CSF, ISO 27001, and GDPR. Demonstrated ability to advise on secure software development practices. Demonstrable experience with security technologies and architectures. Hands-on experience More ❯

OT Systems Architect Contract: 4 Months (Rolling) Day Rate: £700 p / d (Outside IR35) My client is an industry-leading organisation and are seeking an OT Systems Architect to support a digital transformation of their operational technology. This role will be crucial in defining and communicating a shared … and Experience: Strong understanding of Linux-based control systems, preferably with hands-on experience. Exposure to industrial network protocols (Industrial Ethernet, DNP3, Modbus TCP / RTU). Multi-layer architectures for Telemetry SCADA systems, PLC, RTU, and other OT / IIoT components. RTUs, PLC's and related HMI … software Experience in architecting OT and SCADA solutions in line with NCSC Cyber Assessment Framework (CAF), Security of Network & Information Systems Regulations (NIS), IEC 62443, NIST SP800, ISO 27001, etc If this is something you'd like to like to be considered for, please More ❯

or equivalent. Recognised qualification in information security, data protection, or risk (e.g. CISM, CISSP, CRISC, BCS DPO, etc.). In-depth understanding of ISO 27001, NIST, or other relevant security frameworks. Up-to-date knowledge of data protection legislation and associated best practices. Understanding of cross More ❯

Provide high-quality, responsive resolutions to IT incidents, ensuring rapid diagnosis and corrective actions. Security Compliance: Apply updates and security patches, ensuring compliance with ISO27001 and PCI standards. User Satisfaction: Co-operate with the IT Helpdesk to maintain excellent levels of user satisfaction. Continuous Improvement: Identify opportunities to enhance the More ❯

architecture and tool implementation. Understanding of network security, firewalls, IAM, cloud platforms (AWS, Azure), and endpoint protection. Familiarity with standards including NIST CSF & ISO 27001. Knowledge of SIEM, intrusion detection, endpoint security, and secure coding. This role is onsite 2 days per week No sponsorship is available This More ❯

and business transformation projects. Monitoring system performance, capacity, and availability - and planning smart enhancements. Supporting compliance with SOx, audit and security standards such as ISO27001 and Cyber Essentials. Investigating and resolving incidents, supporting users, and ensuring root cause analysis is actioned. Mentoring junior colleagues and shaping the multi-year IT More ❯