11 of 11 ISO/IEC 27005 Jobs in the UK

required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Senior ISO27001 Consultant, you will lead client engagements to design, implement, and maintain ISO frameworks, supporting clients through gap analysis, remediation, certification readiness, and continual improvement. You'll collaborate with senior stakeholders across industries to deliver strategic advisory and hands-on implementation of … in ISO27001 implementation and auditing Strong understanding of ISMS frameworks and private sector regulatory requirements Excellent communication and client-facing consultancy skills Relevant certifications such as ISO27001 Lead Auditor / Implementor, CISSP, CISM, CRISC, CISA Experience with additional standards (ISO / IEC27701, ISO / IEC29100, ISO / IEC42001, ISO / IEC22301) is a plus What's in it for You Flexible Working: Remote-first with travel as needed. Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable More ❯

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO … / IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO … / IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

tools for access governance, identity lifecycle, and privileged access management in alignment with defence-grade standards Security Assurance & Compliance Ensure commission controls comply with MOD policies (e.g. JSP 440 / JSP 604) and security frameworks such as NIST, ISO 27005, STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement … DV Clearance : Must hold active Developed Vetting (DV) clearance (or immediate transfer eligibility) Access Control Expertise : Deep experience in identity & access management, particularly designing and enforcing commission controls, RBAC / ABAC models, access provisioning, and entitlement workflows. Tools & Technologies : Hands-on with identity platforms (e.g. Active Directory, Azure AD, Okta), PAM / IGA systems, SSO / SAML … / OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440 / 604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication Skills : Strong ability to engage with both technical teams and More ❯

for access governance, identity life cycle, and privileged access management in alignment with defence-grade standards Security Assurance & Compliance Ensure commission controls comply with MOD policies (eg JSP 440 / JSP 604) and security frameworks such as NIST, ISO 27005, STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement … DV Clearance : Must hold active Developed Vetting (DV) clearance (or immediate transfer eligibility) Access Control Expertise : Deep experience in identity & access management, particularly designing and enforcing commission controls, RBAC / ABAC models, access provisioning, and entitlement workflows. Tools & Technologies : Hands-on with identity platforms (eg Active Directory, Azure AD, Okta), PAM / IGA systems, SSO / SAML … / OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440 / 604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication Skills : Strong ability to engage with both technical teams and More ❯

Here's how you will contribute Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001 / 2, and NIST-2. Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives. Training & Awareness Develop and maintain SGN's Information Security training and awareness materials. Integrate … SGN's Information Security Management System (ISMS) and policy exceptions. Compliance & Assurance Monitor and report on compliance across SGN and third-party partners. Lead assurance reviews and support internal / external audits for ISO27001, NIST, and NIS. Own NIS submissions to OFGEM and support regulatory consultations and audits. Risk Management Oversee risk assessments and reporting across Cyber, OT, and … Regulations and the NCSC Cyber Assessment Framework. Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc. Excellent command of written English. Strong interpersonal and relationship building skills. The role will require Security Clearance. Not sure you meet every requirement? Research shows some people - particularly More ❯

clear career growth pathways. Act as a senior subject matter expert and escalation point within the Cyber GRC function Key Skills & Experience Proven experience in cyber risk management and / or third-party risk management, ideally within financial services, technology, or a regulated industry. Strong understanding of risk management frameworks (e.g., ISO 31000, NIST CSF, FAIR, ISO 27005). Experience in third-party / vendor risk management practices, frameworks, and tools. Excellent leadership, team management, and stakeholder engagement skills. Strong analytical, problem-solving, and decision-making abilities. Ability to produce clear, concise, and executive-ready risk reporting. Professional certifications desirable (e.g., CRISC, CISM, CISSP, CISA). Who we are At Pearson, our More ❯

environment. • Good knowledge of control frameworks such as ISO27001, ITIL (Information Technology Infrastructure Library), NIST, IEC 62443 and SABSA. • Good knowledge of Risk Management Methodologies such as ISO27005, IRAM2 and IEC 62443 3-2. • Strong technical skills across IT. • Ability to interpret regulations and laws and communicate effectively to all levels of the organisation. • Excellent … presentation, project management, problem-solving, training / coaching, and conflict resolution skills. • Ability to track and manage numerous parallel projects and activities. • Ability to work successfully in a cross-functional team environment. • Excellent stakeholder management. There's been significant investment and growth throughout the Cyber and Information Security function, you'll be joining a high-calibre team in an More ❯

environment. • Good knowledge of control frameworks such as ISO27001, ITIL (Information Technology Infrastructure Library), NIST, IEC 62443 and SABSA. • Good knowledge of Risk Management Methodologies such as ISO27005, IRAM2 and IEC (phone number removed)-2. • Strong technical skills across IT. • Ability to interpret regulations and laws and communicate effectively to all levels of the organisation. … Excellent presentation, project management, problem-solving, training / coaching, and conflict resolution skills. • Ability to track and manage numerous parallel projects and activities. • Ability to work successfully in a cross-functional team environment. • Excellent stakeholder management. There's been significant investment and growth throughout the Cyber and Information Security function, you'll be joining a high-calibre team in More ❯

Knowledge of information security standards including ISO 27001, PCI-DSS, GDPR. Strong grasp of IT domains including Linux, Windows, networking, containers, IAM, and monitoring. Understanding of ISO27001, ISO27005, NIST security controls, WAF, and network segmentation. Desirable Extras: Experience leading peer reviews and collaborating with cloud solution architects. Ability to positively incorporate feedback into architectural patterns. Certifications Required: Essential … Earn £1000 when you refer a friend to join us Endless Learning Access to Linked In Learning with 16,000+ expert-led tutorials Healthcare Cash Plan Online GP, 24 / 7 counselling, cashback on healthcare services Casual Dress Policy Come as you are Company Pension Scheme Plan for the future Social Events Team outings and company-wide celebrations More ❯

on experience Dynamic (hybrid) working : 2 days per week on-site due to workload classification Security Clearance : British Citizen or a Dual UK national with British citizenship. Restrictions and / or limitations relating to nationality and / or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG … practices is desirable. Whilst not essential, one of the following qualifications is highly desirable: CISMP – Certificate In Information Security Management Principles CISM – Certified Information Security Manager ISO27001 Lead Auditor ISO27005 Certificated Security Risk Manager CSMP – Certified Security Management Professional Whilst not essential, understanding / experience of UK MoD Defence Conditions would be beneficial. Our company: Peace is not a More ❯