1 to 25 of 26 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK

status of all mitigating controls to both Business and Technology risk committees as appropriate.The scope of this role covers all Technology Risks; IT Strategy and Architecture, Service Management / Stability, Capacity / Capability Management, Disaster Recovery and Crisis Management. This role will also integrate the output from the Information Security Risk and Transformation Risk teams into … the overall risk reporting for each Business Unit. You'll help us make health happen through: Interpreting and communicating to the Business Unit changes to Risk Polices, Business / IT Strategy, legislation that impact the existing Risk and Control Framework. Identifying and assessing Technology Management and Information Security issues so that control environments are properly defined and residual … in Information Technology audits or IT Assurance (e.g., CISSP, CISM, CISA, CRISC, CCAK) A sound understanding of British and International Security Standards (e.g., ISO / IEC 27001, ISO / IEC 27002, NIST, CIS-20, PCIDSS) and the UK More ❯

evaluate security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance, and … compliance and governance. Continuously assess and improve processes, controls, and reporting to enable informed, risk-based decisions. What you'll bring: Strong knowledge of networking, cloud security (AWS / Azure), and modern security concepts. Familiarity with vulnerability management, penetration testing, and security frameworks. Experience with security standards (ISO 27001 / 27002 … / 27017 / 27018). Minimum 5 years in cybersecurity, with certifications like CISSP, CISM, CCSP, or CRISC preferred. Eligible to work in the UK and have SC Security Clearance . Team-oriented, detail-focused, excellent communicator, self-motivated, and persuasive. Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯

Specification Qualifications Essential Education to a minimum of Masters Degree level or equivalent post graduate qualification or equivalent senior level experience Formal certification (CISSP, CISM or CRISC) and / or formal training in information security standards and best practice (e.g.: ISO 27001 / 2, COBIT, Cyber Essentials) Advanced level of IT literacy … experience of using a range of IT applications Significant evidence of continued professional development Desirable ITIL Qualification COBIT Knowledge and Experience Essential Proven and significant leadership experience and / or formal management qualification Demonstrated expertise in an IT Security environment Direct experience of strategic and budgetary planning and financial management and controls Previously worked within the NHS A … good practical knowledge of security technologies and wider business solutions including Firewalls, IDS / IPS, Identity and access management, SIEM, remote working and cloud technologies Proven experience of working at a senior level leading and delivering IT Security in a sensitive and complex environment which is undergoing significant change Experience of delivering presentations to large groups of stakeholders More ❯

Senior Control Assurance Assessor Location: Remote, UK Length: Asap – 31 / 03 / 2026 Rate: £450 per day (Inside IR35) Hours: 37.5 per week Role Overview: As a Senior Control Assurance Assessor, you will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premises and in the cloud … science, management information systems, relevant field, or equivalent demonstrable experience. 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology Professional certification such as as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills Ability to work both independently and collaboratively More ❯

Security Knowledge - You'll have a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these with technical and non-technical … that's why we have a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There's more! - 27 days annual … an equal opportunities employer which means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes credit and criminal record checks. More ❯

and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001 / 27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will … Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT / OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of … and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28 / 09 / More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure … science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure … science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure … science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure … science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively More ❯

s how you will contribute Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001 / 2, and NIST-2. Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives. Training & Awareness Develop and maintain SGN's Information Security training and awareness materials. Integrate … s Information Security Management System (ISMS) and policy exceptions. Compliance & Assurance Monitor and report on compliance across SGN and third-party partners. Lead assurance reviews and support internal / external audits for ISO27001, NIST, and NIS. Own NIS submissions to OFGEM and support regulatory consultations and audits. Risk Management Oversee risk assessments and reporting across Cyber, OT, and … on audit actions and outcomes. What you will need Required Qualifications The individual should be educated to degree level in a relevant discipline. Must be one of CISM / CISSP / CISA / TOGAF / CRISC. Must have 5 years' cyber security experience. Must have proven expertise in Compliance Management, Information Security More ❯

multiple stakeholders to support continuous improvement of the control testing programme. I am therefore keen to speak with candidates who have: A proven background in Security Controls Assesment / IT Audit for large corporate clients. Big 4 accounting experience preferred. Professional certifications in CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent would be … preferred Familiarity with frameworks such as NIST 800-53, ISO 27001 / 27002, CIS, COBIT Strong skills in security control tools like SailPoint, Wiz, or Rapid7 Comfortable using tools like RSA Archer, ServiceNow, Kanban Boards and Jira Adept at working in agile teams and communicating effectively across all levels Knowledge of Excel More ❯

bring Solid hands-on experience with SIEM tools like Splunk, Sentinel or QRadar. A good grip on security best practices and standards (ISO 27001 / 27002, PCI DSS). Familiarity with frameworks such as NIST, ISO and CIS. Comfortable scripting in Python, PowerShell and regex. The ability to More ❯

bring Solid hands-on experience with SIEM tools like Splunk, Sentinel or QRadar. A good grip on security best practices and standards (ISO 27001 / 27002, PCI DSS). Familiarity with frameworks such as NIST, ISO and CIS. Comfortable scripting in Python, PowerShell and regex. The ability to More ❯

P roficient in using SIEM technologies such as Splunk, Sentinel, and QRadar. Thorough grasp of security standard methodologies and protocols, for instance ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such as Python, PowerShell, and regex. More ❯

P roficient in using SIEM technologies such as Splunk, Sentinel, and QRadar. Thorough grasp of security standard methodologies and protocols, for instance ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such as Python, PowerShell, and regex. More ❯

Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10 Have a relevant industry certification such as CISSP, CISM, CRISC, BRMP or similarYou'll be More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards including ISO27002, CIS, NCSE CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get … in return Salary of between 40k- 43k Hybrid working 2 / 3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date More ❯