13 of 13 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK

on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs More ❯

on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs More ❯

Job Title: IT Security Manager Location: Hybrid in Buckinghamshire (2 days on-site) Job Type: Full-time, Permanent Salary: £60,000 - £67,000 + benefits Industry: Media / Broadcasting A leading Media / Broadcasting company based in Buckinghamshire are seeking an experienced IT Security Manager to join the Cyber Security team where you’ll mature the … Security solutions, including Defender, Sentinel, Entra ID, and Microsoft Purview. Deep knowledge and practical application of security frameworks and standards including CIS, ISO 27001 / 27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing … risk-based security metrics. Ability to bridge security and IT operations teams, with effective stakeholder communication and collaboration. Security certifications such as CISSP, CISM, Microsoft Security (SC-100 / SC-200 / SC-300), or equivalent are highly desirable. Apply directly to learn more about this exciting opportunity or connect with me on LinkedIn to stay More ❯

Job Description Role – Cybersecurity Delivery Manager Location: Milton Keynes / London / United Kingdom Job Responsibilities - Functional Domain Responsibility:  Previous work experience managing below three or more Cybersecurity delivery engagements o Audit principles and associated compensating controls o Enterprise Security architecture o Cloud Security o Vulnerability Management o E-Mail security o Web Application Firewall o … Cyber Incident Management (CERT) Delivery Operations & Excellence:  Manage & maintain steady state global delivery operations (Green)  Manage Operational / delivery issues & escalations  Ensure continuous communication & coordination with client in the event of issue / escalation  Ensure SLA / SLO attainment & process compliance along with high customer satisfaction  Act as first point of escalation for the … delivery team, account team & Client stakeholders.  Review the outcomes of the transition projects to capture learnings & disseminate across organization Technical Skills –  Basic Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5  Experience on Security tools & Technologies  Integration of testing mechanisms with industry best practices such as OWASP & NIST  Good Understanding of IT security policy, procedure, design More ❯

SP800-37, ISO27001) Practical experience of risk assessment processes (NIST SP800-30 and ISO 27005) Practical experience of applying security controls (NIST SP800-53 and ISO27002) Practical experience of Secure by Design requirements (ISN 2023 / 09) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Ability to interpret More ❯

outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels when necessary. When required, work … with the Director of Cyber Advisory and Head Consultant to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills / Must have: 5 years in a client-facing information / cyber security / GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience … in auditing and implementing security standards such as ISO 27001 / 2, NIST CSF, and others. Exceptional verbal, written communication, and presentation skills. Ability to articulate technical requirements to non-technical audiences. Proven self-management skills and ability to work on multiple assignments concurrently. Ability to travel to meet business needs. Benefits: Opportunity to More ❯

Active Directory, and Azure AD Ability to understand and articulate interoperability between technologies and design pragmatic security solutions for the bank Effective collaboration with internal and external SMEs / partner organizations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills Recognized leading security qualification or More ❯

metrics across IS teams, prepare regulatory submissions, and track compliance. ISMS Support: Maintain the Information Security Management System (ISMS) in line with ISO 27001 / 27002. Manage governance forums, minutes, and documentation. Policies & Standards: Develop GRC policies, standards, and procedures. Track exceptions, monitor risk, and report on performance and compliance. Controls Framework: Strengthen the … identifying threats and making smart, independent decisions. A working knowledge of ISO 27001 and aligning businesses to compliance frameworks. Confidence presenting to senior internal / external stakeholders. Excellent communication skills and a collaborative mindset. Culture fit really matters here. What’s In It For You? Freedom to shape the role. Real autonomy to define … the GRC roadmap alongside the manager. Ongoing investment in you. The team is already completing certs like CISM, CRISC, OT & Cloud, ISO Lead Implementer, and more. Award-winning employer. Recognised for diversity, digital transformation, and consistently ranked among the UK’s top employers. Real cyber focus. Not just ticking compliance boxes. Cyber is a business priority. More ❯

design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security … Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product … or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on experience with security testing tools and techniques (SAST More ❯

Your new company An exciting opportunity has arisen with a high-profile client based in the Reading / Oxford region. They are continually at the forefront of security standards and are seeking a seasoned, confident and reliable Interim Chief Information Security Officer (CISO) to support their teams during a period of change in leadership. Your new role You … mitigation strategy Seasoned exposure to developing and delivering security strategies for critical infrastructure CISSP, CISP, CISM or equivalent qualifications Experience with CtberEssential, ISO 27001 / 2 Security Clearance (either SC or DV) is highly desirable. What you'll get in return A rewarding contract alongside a pioneering organisation for an initial 3-month initial More ❯

Your new company An exciting opportunity has arisen with a high-profile client based in the Reading / Oxford region. They are continually at the forefront of security standards and are seeking a seasoned, confident and reliable Interim Chief Information Security Officer (CISO) to support their teams during a period of change in leadership. Your new role You … mitigation strategy Seasoned exposure to developing and delivering security strategies for critical infrastructure CISSP, CISP, CISM or equivalent qualifications Experience with CtberEssential, ISO 27001 / 2 Security Clearance (either SC or DV) is highly desirable. What you'll get in return A rewarding contract alongside a pioneering organisation for an initial 3-month initial More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯