1 to 25 of 40 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK excluding London

of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC. < / iframe> < / p> Visit our YouTube channel< / a> to watch the full series and come and discover your potential. … / p> Are you passionate about Cyber Security and Enterprise Architecture?< / p> Do you have senior-level experience as a Cyber Security Professional?< / p> Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. … Enjoy a healthy work / life balance while making a significant impact. < / p> HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five years modernising our IT Landscape across Multi-Hybrid Cloud Platform. More ❯

and security policies. Monitoring and administering the installation and integration of corporate network communications, including routers, switches, firewalls, DMZ, servers, telephony and LAN / WAN communication services. Managing the IP space across the organisation ensuring VLANs, IP Subnet, DNS, DHCP, VPNs, and VoIP traffic is well designed, secure … and emergency hardware failure protocols. Providing regular service status updates to line management and agree and monitor service availability targets. Ensuring the active / active WAN bandwidth and connectivity services are sufficient, balanced and perform efficiently. Planning and testing failover of critical operational services. Researching latest networking developments … Technical IT role maintaining secure networks in a MS Windows environment in a multi-disciplined organisation. Expert knowledge of and experience in LAN / WAN / VLAN communications, VPN configuration and enterprise wireless networking. Experience of Dell switches with fibre is preferable. CCNA / More ❯

experience leading Cyber Security Defense and Operations teams. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Hold an industry recognised information security qualification such as GIAC / GCIA / GCIH, CISSP or CompTIA Advanced … Security Practitioner (CASP+) and / or SIEM-specific training and certification. An understanding and knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs More ❯

EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is More ❯

to strengthen operational resilience, evaluate third-party technology providers, and support incident response and investigations. Experience: Cyber Security Knowledge – Solid understanding of cyber / information security frameworks such as NIST and ISO / IEC 27002 More ❯

to strengthen operational resilience, evaluate third-party technology providers, and support incident response and investigations. Experience: Cyber Security Knowledge – Solid understanding of cyber / information security frameworks such as NIST and ISO / IEC 27002 More ❯

Experience Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan ). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights … alongside good salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05 139). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights … alongside good salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance … penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven … product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / More ❯

reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance … penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven … product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / More ❯

a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these … a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There … means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy / standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to … quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information … and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions More ❯

exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30 / 37 / 53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan More ❯

exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30 / 37 / 53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan More ❯

exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30 / 37 / 53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan More ❯

exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30 / 37 / 53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan More ❯

Culture: Join a team that values innovation, client success, and your professional development. Key Responsibilities: Conducting comprehensive security assessments, including PCI DSS, ISO27001 / 27002, SWIFT Security, and Cloud compliance. Preparing executive and technical reports detailing findings, security gaps, and actionable recommendations. Leading PCI DSS Gap … with technologies such as Cloud, Virtualization, Network Firewalls, Web Application Firewalls, and encryption. Bonus Skills (Desirable): Experience delivering training on PCI DSS and / or ISO27001. Knowledge of multiple information security frameworks with the expertise to conduct gap analysis and assessments (ISO 27001, SOC2 More ❯

gaps and lessons learnt and work with the business to drive continual development and enhancement The Requirements Hands-on experience of security and / or infrastructure within an enterprise environment Exposure to enterprise information security standards including Cyber Essentials, ISO 27001, 27002 … and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and / or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website. More ❯

Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing … be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. … Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in More ❯