1 to 25 of 38 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK excluding London

experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets More ❯

experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets More ❯

security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy / standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to the design of secure client … threats. The subsequent analysis to quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy … that documentation relating to process and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation More ❯

role is offering a base of £75,000 (with flexibility) plus an attractive benefits package. The client has offices in London and on the South Coast, and hybrid / remote working is available. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to safeguard the organisation against cyber, information, physical, and … with security standards and regulations. From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services : Proven background working within the financial services sector … cybersecurity principles, risk management methodologies, and best practices to protect sensitive data and systems. Regulatory Framework Proficiency : Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud security principles (experience with Azure More ❯

a permanent basis. The role offers a base salary of £75,000 (with flexibility) plus an attractive benefits package. The client has offices across the UK and hybrid / remote working is available, with occasional travel. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to safeguard the organisation against cyber … with security standards and regulations. From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services: Proven background working within the financial services sector … cybersecurity principles, risk management methodologies, and best practices to protect sensitive data and systems. Regulatory Framework Proficiency: Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud security principles (experience with Azure More ❯

protocols and technologies (e.g. VPN, TLS, DMZ). Practical knowledge of cloud security across AWS, Azure, or GCP (e.g. CloudTrail, Sentinel). Experience with endpoint protection, DLP, IDS / IPS, MFA, and content filtering. Familiarity with SIEM platforms and vulnerability management tools. Exposure to SOAR platforms and scripting or development skills (e.g. Python, Bash). Understanding of frameworks … such as ISO 27001 / 2, NIST, SOC, or COBIT. Excellent communication skills, both verbal and written. Location & Workplace Type: This role will be based in Newry, Belfast or Dublin with a Hybrid working model Why Choose KX? Data Driven: We lead with instinct and follow fact. Naturally Curious: We lean in, listen and More ❯

security posture to defend against the increasing threat landscape. You will support pre-sales engagements through gaining an understanding of client technical requirements and ensure the solution and / or service meets expectations. Job Role Responsibilities Deliver strategic whiteboarding sessions to develop and implement security strategies. Ensure a natural focus sits in protecting an organization's technology infrastructure … ingredients. Ability to build strong rapport with delivery partners. Ability to work as part of a team and display teamwork. What we offer Hybrid Working (3 days in / 2 days out) after successful probation period which is 3 months. Competitive starting salary. Location - Chippenham HQ preferred but flexible to other locations (Manchester, Northampton and London). Culture … response stages and handling preferred. Knowledge and / or experience using endpoint detection and threat management products. Good knowledge and awareness of global Information Security Standards including ISO27002, CIS, NCSE CAF, NIST CSF. A strong understanding of SOC processes and procedures. Good understanding of the Microsoft stack. Advisor in advanced cybersecurity services including SSE, SASE, SIEM, MDR / More ❯

system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including … include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an More ❯

Social network you want to login / join with: Senior Cyber Security Engineer, Farnborough col-narrow-left Client: Location: Farnborough, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: 165b5b9ae5ca Job Views: 6 Posted: 02.06.2025 Expiry Date: 17.07.2025 col-wide Job Description: Description At Leidos, we deliver innovative solutions through the efforts … Responsibilities Plan, implement, manage, and monitor cybersecurity measures for the protection of the programmes data, systems and networks. Troubleshoot security and network problems. Respond to all system and / or network security breaches. Ensure that the data and infrastructure are protected by enabling the appropriate security controls. Participate in the change management process. Test and identify network and … relevant Stakeholders. British - non-dual national – Most of our projects have nationality restrictions. SC cleared (Eligible to undergo SC Vetting) – many of our projects have nationality restrictions. Education / Experience 2- 4 years’ experience in 3rd line technical support role. 1 – 2 years in a security related technical support role. Relevant Security engineering certifications e.g. Microsoft Certified: Azure More ❯

CISSP, ISO 27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on Perm and in cloud environments. Capable of communicating complex information … to apply security governance, risk, and control principles. Proficiency in automation and data analytics tools (e.g., Excel, Tableau, Alteryx, and Power-BI). Ability to apply critical reading / thinking skills to identify systemic issues from analysing testing data. Ability to facilitate small to medium sized group meetings and communicate complex ideas. Agile working methodology experience. GCS is More ❯

organizations. Experience evaluating and recommending security technologies, including IAM, network security, cloud security, and endpoint protection solutions. Knowledge of NIST Cybersecurity Framework (CSF), ISO / IEC 27001 / 27002, or CIS Controls. Experience in securing cloud platforms (e.g., Azure, AWS, Google Cloud) and hybrid cloud environments. More ❯

organisations. Experience evaluating and recommending security technologies, including IAM, network security, cloud security, and endpoint protection solutions. Knowledge of NIST Cybersecurity Framework (CSF), ISO / IEC 27001 / 27002, or CIS Controls. Experience in securing cloud platforms (e.g. Azure, AWS, Google Cloud) and hybrid cloud environments. More ❯

Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security training programs. Excellent stakeholder management, communication, and analytical skills. This is an … reach out directly with your CV and a good time to speak at oloveland@planet-pharma.co.uk . About Planet Pharma: Planet Pharma is an American parented Employment Business / Agency that provides global staffing services with its head-quarters in Chicago and our EMEA regional office located in Central London. We have invested significantly in creating a robust … international platform that enables us to work compliantly in 30+ countries with a current network of 2500+ active contractors globally as well as a very strong permanent / direct hire recruitment offering. Our specialist knowledge and close relationships with our clients and the wider industry really makes us unique in our field. Just recently we were recognised by More ❯

reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138 / 139). Proficiency in security testing tools, technologies More ❯

reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138 / 139). Proficiency in security testing tools, technologies More ❯

outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels when necessary. When required, work … with the Director of Cyber Advisory and Head Consultant to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills / Must have: 5 years in a client-facing information / cyber security / GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience … in auditing and implementing security standards such as ISO 27001 / 2, NIST CSF, and others. Exceptional verbal, written communication, and presentation skills. Ability to articulate technical requirements to non-technical audiences. Proven self-management skills and ability to work on multiple assignments concurrently. Ability to travel to meet business needs. Benefits: Opportunity to More ❯

outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels when necessary. When required, work … with the Director of Cyber Advisory and Head Consultant to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills / Must have: 5 years in a client-facing information / cyber security / GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience … in auditing and implementing security standards such as ISO 27001 / 2, NIST CSF, and others. Exceptional verbal, written communication, and presentation skills. Ability to articulate technical requirements to non-technical audiences. Proven self-management skills and ability to work on multiple assignments concurrently. Ability to travel to meet business needs. Benefits: Opportunity to More ❯

years of experience in information security, risk management, or compliance. Basic understanding of IT risk management concepts. Familiarity with standards like ISO 27002, NIST Cybersecurity Framework is a plus. Strong communication and organizational skills. Proficiency in Microsoft Office Suite. Experience in financial services is a plus. Compensation & Benefits Competitive salary and bonus plan. Location More ❯

services in line with design and security policies. Monitoring and administering the installation and integration of corporate network communications, including routers, switches, firewalls, DMZ, servers, telephony and LAN / WAN communication services. Managing the IP space across the organisation ensuring VLANs, IP Subnet, DNS, DHCP, VPNs, and VoIP traffic is well designed, secure and optimised. Ensuring best practices … Planning lifecycle renewals, "hotswap" procedures and emergency hardware failure protocols. Providing regular service status updates to line management and agree and monitor service availability targets. Ensuring the active / active WAN bandwidth and connectivity services are sufficient, balanced and perform efficiently. Planning and testing failover of critical operational services. Researching latest networking developments and recommend any actions that … is preferred. Experience in a Technical IT role maintaining secure networks in a MS Windows environment in a multi-disciplined organisation. Expert knowledge of and experience in LAN / WAN / VLAN communications, VPN configuration and enterprise wireless networking. Experience of Dell switches with fibre is preferable. CCNA / CCNP accreditation is a bonus More ❯

services in line with design and security policies. Monitoring and administering the installation and integration of corporate network communications, including routers, switches, firewalls, DMZ, servers, telephony and LAN / WAN communication services. Managing the IP space across the organisation ensuring VLANs, IP Subnet, DNS, DHCP, VPNs, and VoIP traffic is well designed, secure and optimised. Ensuring best practices … Planning lifecycle renewals, 'hotswap' procedures and emergency hardware failure protocols. Providing regular service status updates to line management and agree and monitor service availability targets. Ensuring the active / active WAN bandwidth and connectivity services are sufficient, balanced and perform efficiently. Planning and testing failover of critical operational services. Researching latest networking developments and recommend any actions that … is preferred. Experience in a Technical IT role maintaining secure networks in a MS Windows environment in a multi-disciplined organisation. Expert knowledge of and experience in LAN / WAN / VLAN communications, VPN configuration and enterprise wireless networking. Experience of Dell switches with fibre is preferable. CCNA / CCNP accreditation is a bonus More ❯

network services in line with design and security policies.Monitoring and administering the installation and integration of corporate network communications, including routers, switches, firewalls, DMZ, servers, telephony and LAN / WAN communication services.Managing the IP space across the organisation ensuring VLANs, IP Subnet, DNS, DHCP, VPNs, and VoIP traffic is well designed, secure and optimised.Ensuring best practices are used … protecting network security.Planning lifecycle renewals, "hotswap" procedures and emergency hardware failure protocols.Providing regular service status updates to line management and agree and monitor service availability targets.Ensuring the active / active WAN bandwidth and connectivity services are sufficient, balanced and perform efficiently. Planning and testing failover of critical operational services.Researching latest networking developments and recommend any actions that will … and accreditation is preferred.Experience in a Technical IT role maintaining secure networks in a MS Windows environment in a multi-disciplined organisation.Expert knowledge of and experience in LAN / WAN / VLAN communications, VPN configuration and enterprise wireless networking. Experience of Dell switches with fibre is preferable.CCNA / CCNP accreditation is a bonus but More ❯

s IT security framework, including: Security Architecture policies, principles, and standards for application across the organisation. Alignment to industry standards and regulation e.g. ISO / IEC 27001 / 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be security More ❯

s IT security framework, including: Security Architecture policies, principles, and standards for application across the organization. Alignment to industry standards and regulation e.g. ISO / IEC 27001 / 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be security More ❯

of all mitigating controls to both Business and Technology risk committees as appropriate. The scope of this role covers all Technology Risks; IT Strategy and Architecture, Service Management / Stability, Capacity / Capability Management, Disaster Recovery and Crisis Management. This role will also integrate the output from the Information Security Risk and Transformation Risk teams into … the overall risk reporting for each Business Unit. You’ll Help Us Make Health Happen Through Interpreting and communicating to the Business Unit changes to Risk Polices, Business / IT Strategy, legislation that impact the existing Risk and Control Framework. Identifying and assessing Technology Management and Information Security issues so that control environments are properly defined and residual … in Information Technology audits or IT Assurance (e.g., CISSP, CISM, CISA, CRISC, CCAK) A sound understanding of British and International Security Standards (e.g., ISO / IEC 27001, ISO / IEC 27002, NIST, CIS-20, PCIDSS) and the UK More ❯

improvement and knowledge sharing across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO / IEC 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks … including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138 / 139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information More ❯