17 of 17 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK excluding London

Incident Response (CSIRT) / SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … incident response and advanced threat hunting. A degree in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC / GCIA / GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS / IPS, NAC, DLP, and related security … technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO / IEC 27001 / 27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable More ❯

Incident Response (CSIRT) / SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond … incident response and advanced threat hunting. A degree in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC / GCIA / GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS / IPS, NAC, DLP, and related security … technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO / IEC 27001 / 27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯

bring: Proficient in using SIEM technologies such as Splunk, Sentinel, and QRadar. Thorough grasp of security standard methodologies and protocols, for instance ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such as Python, PowerShell, and regex. More ❯

You will chair status review sessions, maintain accreditation tracking systems, and provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials / Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid, Nottingham-based role … reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials / Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance-related trackers … with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001 / 2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows / More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication … system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

role is the effective operation, reporting and evidencing of their technology and information security control environment and the overall Information Security Management System (ISMS). Based in Reigate / hybrid - 2 days in the office 3 from home £40,000 - £45,000 Hybrid Eligibility for annual bonus, up to 15% 25 days holiday per annum, plus bank holidays … performing targeted information security risk assessments. Identify risks, incidents, and breaches, in accordance with company policies and department procedures. Person specification: Appropriate level of education or professional risk / compliance / Information Security related qualifications Experience within technology risk management and / or audit function would be beneficial Experience of … working in a regulated environment / awareness of requirements such as GDPR Experience in the maintenance of a certified IS027001 Information Security Management System and related controls (ISO27002) Understanding of technology and information security risk management frameworks Excellent verbal and communication skills Excellent team player who can establish strong working relationships Graduates can be considered if they have More ❯

enforce IT policies, procedures, and standards that meet operational, regulatory, and compliance requirements across all regions. Ensure full compliance with GDPR, ISO standards (27001, 27002, etc.), and global cyber regulations, including leading certification processes. Design and implement a comprehensive Information Security Management System (ISMS) and establish breach protocols, disaster recovery, and business continuity plans. … For Proven experience in senior IT roles (e.g., IT Manager, Infrastructure Lead). Strong technical knowledge in networking, cloud computing, cyber security, and Microsoft 365. Experience with ISO 27001 certification and ISMS leadership. Skilled in managing external IT vendors and service providers. Excellent communicator with the ability to explain technical concepts clearly. Project management experience in More ❯

Management and the evaluation of access models (inc. SSO, MFA, RBAC, ABAC, eIDV etc) Strong knowledge of and the ability to put into practice global Information Security Standards including ISO27002, CIS and NIST CSF What you'll get in return Salary of between £70k-£80k Fantastic training / development budget Hybrid working 2 / 3 days More ❯

CISM or CISSP desirable but not mandatory based on role holder experience Strong familiarity with technology and security frameworks such as NIST Cyber Security Framework (CSF), COBIT, ISO27001 / 2 and COSO Strong understanding of regulatory requirements relevant to financial services (e.g. FCA / PRA regulations, UK GDPR, DORA) Extensive experience in technology risk, governance or More ❯

of OT assets. Good understanding of incident response stages and handling. Knowledge of industry standards and regulatory requirements related to asset management, such as data protection and environmental compliance, ISO27002, CIS, NCSE CAF, NIST. Familiarity with tracking and managing lifecycle costs, working in partnership with finance and procurement teams. Ability to work independently and as part of a team. Excellent … communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return Salary of between £52k-£60k Hybrid working 2 / 3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! What you need to do now If you More ❯