1 to 25 of 44 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK

This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote. Close Date: 25 / 03 / 2025 We also provide the following additional benefits: Reservist Leave - Additional 18 days full pay and 22 unpaid. Personal Pension … Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO 27001 / 27002 including the governance forum agenda and minutes. Policies and Standards: Establish GRC policies, standards and procedures to monitor UKPN information security … We are looking for a detailed knowledge and practical expertise in at least 3 of the following specialist areas: Specific Industry Standards. IS / IT Operational Controls and Governance. Business Continuity Planning and Disaster Recovery. Supply Chain and 3rd Party Risk Management. Problem Solving: The role must have More ❯

3+ years of information security experience in cloud environments. In depth experience secure coding practices, threat modeling, secure architecture design, and secure SDLC / CICD pipelines In-depth technical experience with identifying and advising on the remediation of application security vulnerabilities on application platforms, including cloud and web … security executives and in influencing stakeholders to achieve strategic objectives Experience in working with industry frameworks and standards such as OWASP, PCIDSS, ISO27001 / 27002, CIS and NIST Information Security (CISSP, CISA, Security +) and cloud certification (preferably GCP / AWS) What’s In … can get involved in causes close to your heart TransUnion – a place to grow: If there’s something on the list of essential / desirable skills that you can’t quite tick off, don’t let that put you off applying. We are open to exploring training and More ❯

experience leading Cyber Security Defense and Operations teams. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Hold an industry recognised information security qualification such as GIAC / GCIA / GCIH, CISSP or CompTIA Advanced … Security Practitioner (CASP+) and / or SIEM-specific training and certification. An understanding and knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs More ❯

experience leading Cyber Security Defense and Operations teams. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Hold an industry recognised information security qualification such as GIAC / GCIA / GCIH, CISSP or CompTIA Advanced … Security Practitioner (CASP+) and / or SIEM-specific training and certification. An understanding and knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs More ❯

Security, Networking, and Systems teams to ensure secure and efficient connectivity across the organization. Maintain and troubleshoot core security systems including firewalls, IDS / IPS, VPN gateways, vulnerability scanners, SIEM platforms, and security monitoring tools. Diagnose and resolve system and network issues, working across teams to remediate security … with a focus on enterprise-scale infrastructure. In-depth expertise with Microsoft security platforms including Azure AD Conditional Access, Microsoft Defender for Endpoint / Cloud, Microsoft Sentinel, and Microsoft Purview. Strong understanding of Zero Trust principles and cloud security best practices across hybrid environments. Hands-on experience designing … years of experience with secure deployment, management, and migration of cloud and on-prem platforms in a hybrid network model. Proficient in LAN / WAN routing, switching, VLANs, and core protocols such as DNS, DHCP, HTTP / S, SNMP, NetFlow, and TACACS. Hands-on experience with More ❯

EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is More ❯

EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is More ❯

include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication - You'll be able to discuss these … a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs. There … team is here to provide the support you need to ensure a fair and accessible experience for all. Job posting end date: 04 / 05 / 2025 About Us Hastings Direct is a fast-growing, agile, digitally focused general insurance provider of products and services to More ❯

not limited to: Technical & organizational security controls Cyber and digital transformation activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits / CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing … of security tooling BC / DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as well as currency in these fundamental skill sets. Consultants will work with industry … reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels More ❯

not limited to: Technical & organizational security controls Cyber and digital transformation activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits / CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing … of security tooling BC / DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as well as currency in these fundamental skill sets. Consultants will work with industry … reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels More ❯

a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these … a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There … means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes More ❯

a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these … a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There … means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes More ❯

a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these … a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There … means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes More ❯

essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security training programs. Excellent stakeholder management, communication, and … CV and a good time to speak at oloveland@planet-pharma.co.uk . About Planet Pharma: Planet Pharma is an American parented Employment Business / Agency that provides global staffing services with its head-quarters in Chicago and our EMEA regional office located in Central London. We have invested … us to work compliantly in 30+ countries with a current network of 2500+ active contractors globally as well as a very strong permanent / direct hire recruitment offering. Our specialist knowledge and close relationships with our clients and the wider industry really makes us unique in our field. More ❯

essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security training programs. Excellent stakeholder management, communication, and … CV and a good time to speak at oloveland@planet-pharma.co.uk . About Planet Pharma: Planet Pharma is an American parented Employment Business / Agency that provides global staffing services with its head-quarters in Chicago and our EMEA regional office located in Central London. We have invested … us to work compliantly in 30+ countries with a current network of 2500+ active contractors globally as well as a very strong permanent / direct hire recruitment offering. Our specialist knowledge and close relationships with our clients and the wider industry really makes us unique in our field. More ❯

27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on prem and in cloud environments. More ❯

SIEM systems, such as Splunk, Sentinel, QRadar. Strong understanding of security standard methodologies and protocols, such as ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such More ❯

who is driven to succeed. Please do not waste anytime and apply right now! Skillset: ** Cyber Essentials ** ISO 27001 / 27002 ** Networking Security ** O365 Security Solutions ** Security Testing Principles ** Threat Intelligence Analysis Desirable: ** Disaster Recovery ** Security Incident Response ** O365 Environments In Technology More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information … 27001) within relevant geographic boundaries. Performs focused information risk assessments of existing or new services and technologies, alongside the Operational / Service Management team and technology subject matter experts. As required, will extend the assessment of existing and proposed services to third party suppliers, including … risk management Maintains strong working relationships with individuals and groups involved in managing information risk across the in-scope services and aligned suppliers / 3rd parties Chairs and co-ordinates Security Working Groups (SWG) and actively participates in supporting / governing forums What experience you'll More ❯

developers, and technical teams on options to mitigate risk. The candidate must have excellent verbal, written, analytical and interpersonal communication skills. Essential Functions / Major Duties and Responsibilities Strategic Provide strategic direction specific to data security management. Build and maintain a robust data security program while aligning closely … strategy in its annual iterations. Provide strong knowledge of building security into business expectations for the utilization and hosting of critical CLS data / information assets. Work with the Security Architects to build security into infrastructure and architecture designs and guide the implementation with the Operations team. Provide … the overall controls around data security. Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook. Keep informed of new and emerging More ❯

threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy / standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to … quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information … and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions More ❯

Role Title: Security Consultant Duration: contract to run until 02 / 10 / 2025 Location: London / Knutsford. Hybrid 2-3 days a week onsite Rate: up to £378 p / d Umbrellainside IR35 Role purpose / summary This is … role of the Senior Security Consultant is to take a primary role in the delivery of the Security Solutions Consultancy services. Key Skills / requirements Essential Skills / Basic Qualifications: Demonstrable understanding of security solutions and designs from a people, process and technology perspective; including security … technologies, controls and assessment methodologies. Strong relationship, communication and stakeholder management skills. Knowledge of information security frameworks and standards such as ISO27001 / 2, NIST, PCI DSS and their application into diverse environments. Security qualification. Desirable skills / Preferred Qualifications: Experience with a Consultancy practice. Good More ❯