5 of 5 ISO/IEC 27005 Jobs in the South East

Cyber Essentials Plus, ISO 27001, DSPT and GDPR. Responsibilities Conduct risk assessments for systems, projects and third parties; document findings and remediation. Review and respond to supplier / security questionnaires and tender submissions. Support vulnerability and patch management; interpret scans and prioritise fixes. Advise IT teams on alerts, incidents and security configuration (M365 / Azure / Defender / DLP / Conditional Access). Maintain risk register and track remediation actions from audits or incidents. Support compliance activities (ISO 27001, Cyber Essentials Plus, DSPT) and contribute to policy updates. Provide clear security advice to projects and senior stakeholders. What you'll need to succeed Proven experience in information security, with a blend … M365, Defender suite, DLP, Conditional Access). Skilled in evaluating supplier security through questionnaires, procurement documents, and assurance reviews. Knowledgeable in risk management practices and frameworks such as ISO 27005 and NIST RMF. Familiar with key compliance standards including ISO 27001, Cyber Essentials Plus, DSPT, and GDPR. Capable of interpreting vulnerability assessments and advising More ❯

and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFCs security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make sound judgements, and communicate clearly with both technical and non … track remediation actions arising from risk assessments, audits, or incidents. Assist with the maintenance and review of the Information Security Risk Register and associated controls. Support compliance with ISO 27001, Cyber Essentials Plus, and Data Security & Protection Toolkit (DSPT)requirements. Provide input to security policies, standards, and process improvements. Required Skills and Experience 5+ years experience in Information … network security (preferably Microsoft stack: M365, Azure, Defender, DLP, Conditional Access). Demonstrated experience reviewing security questionnaires, tenders, and supplier assurance evidence. Good knowledge of risk assessment methodologies (ISO 27005, NIST RMF, or equivalent). Working familiarity with ISO 27001, Cyber Essentials Plus, DSPT, and GDPR requirements. Experience interpreting vulnerability scan results and prioritising More ❯

and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner th click apply for full job details More ❯

by Design risk and security assurance function within MOD as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate security and risk workshops with … the various Authority departments, to align with wider customer transformational Security and risk management outcomes. Provide accurate and pragmatic remediation / risk management guidance / advice in balance with Business objectives and risk appetites. Have an understanding of risk assessment in an agile delivery environment. Exceptional team working ethic and interpersonal skills. Have a good understanding of modern … IT technologies and services, such as Cloud Computing, AI (ISO42001), Mobile Computing, IT Security, Infrastructure technologies, Zero Trust, Data at Rest / In Transit Cryptography, Cross Domain Solutions and demonstrate an understanding of security architecture both physical and cloud (be able to read and understand HLDs / LLDs). Strong working knowledge of : Security Assurance Coordinator or Delivery More ❯

and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk … risk treatment activity. Facilitate security and risk workshops with the various Authority departments, to align with wider customer transformational Security and risk management outcomes. Provide accurate and pragmatic remediation / risk management guidance / advice in balance with Business objectives and risk appetites. Have an understanding of risk assessment in an agile delivery environment. Exceptional team working ethic … sector. Have a good understanding of modern IT technologies and services, such as Cloud Computing, AI (ISO42001 desirable), Mobile Computing, IT Security, Infrastructure technologies, Zero Trust, Data at Rest / In Transit Cryptography, Cross Domain Solutions and demonstrate an understanding of security architecture both physical and cloud (be able to read and understand HLDs / LLDs). As More ❯