14 of 14 ISO/IEC 27005 Jobs in the UK

as required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As an ISO27001 Consultant, you will support client engagements to design, implement, and maintain ISO frameworks, supporting clients through gap analysis, remediation, certification readiness, and continual improvement. You'll input and collaborate with senior stakeholders across industries to deliver strategic advisory and hands-on … in ISO27001 implementation and auditing Strong understanding of ISMS frameworks and private sector regulatory requirements Excellent communication and client-facing consultancy skills Relevant certifications such as ISO27001 Lead Auditor / Implementor, CISSP, CISM, CRISC, CISA Experience with additional standards (ISO / IEC27701, ISO / IEC29100, ISO / IEC42001, ISO / IEC22301) is a plus What's in it for You Flexible Working: Remote-first with travel as needed. Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable More ❯

Assess current maturity and deliver a transformation roadmap that unifies fragmented processes into a single, clear model aligned to Trainline's risk appetite. Maintain key standards such as ISO 27001, ISO 22301, and PCI DSS, while ensuring they add real business value. Manage and develop the Risk and Compliance team, setting clear goals and cultivating an … programs to build a strong, security-first culture across Trainline. Own the development, communication, and maintenance of information security policies, ensuring alignment with evolving threats and compliance needs. Qualifications / What we're looking for Experience transforming or scaling GRC or risk management functions within dynamic, high-growth or complex businesses. Proven ability to balance control and creativity - tailoring … business. A proven record of leading and developing high-performing teams, setting clear goals and cultivating accountability and continuous improvement. Deep understanding of enterprise and cyber risk frameworks (ISO 27005, ISO 31000, NIST CSF) and how to communicate risk appetite in business terms. Excellent communication skills, with the ability to present complex risk and More ❯

Cyber Security Consultant -AI, CISSP, Risk Up to £495 per day (Inside IR35) London / Hybrid (3 days per week onsite) 6 Months My client is a London-based Insurer who are looking to hire a Cyber Security Consultant with CISSP certification, working knowledge of AI (Artificial Intelligence) and Risk to work on a new AI solution being implemented. … Key Requirements: Proven experience in Cyber Security as a Cyber Security Analyst / Cyber Security Consultant Working knowledge of AI (Artificial Intelligence) within IT Security / Info Security / Cyber Security CISSP / CISM certification Previous experience of working in a Cloud related environment Experience of conducting Risk Assessments within a Technology environment Strong knowledge of … Risk Management frameworks (ISO 27005, EBIOS) Excellent communication skills with ability to translate technical jargon to non-technical audiences Strong Stakeholder Management skills Flexible approach towards hybrid working (must be able to commit to 3 days per week onsite each week) Nice to have: Familiarity of working within Agile frameworks (SAFe) Proven experience in the Insurance More ❯

Cyber Security Consultant -AI, CISSP, Risk Up to £495 per day (Inside IR35) London / Hybrid (3 days per week onsite) 6 Months My client is a London-based Insurer who are looking to hire a Cyber Security Consultant with CISSP certification, working knowledge of AI (Artificial Intelligence) and Risk to work on a new AI solution being implemented. … Key Requirements: Proven experience in Cyber Security as a Cyber Security Analyst / Cyber Security Consultant Working knowledge of AI (Artificial Intelligence) within IT Security / Info Security / Cyber Security CISSP / CISM certification Previous experience of working in a Cloud related environment Experience of conducting Risk Assessments within a Technology environment Strong knowledge of … Risk Management frameworks (ISO 27005, EBIOS) Excellent communication skills with ability to translate technical jargon to non-technical audiences Strong Stakeholder Management skills Flexible approach towards hybrid working (must be able to commit to 3 days per week onsite each week) Nice to have: Familiarity of working within Agile frameworks (SAFe) Proven experience in the Insurance More ❯

knowledge of Agile frameworks (SAFe), DevSecOps, and cloud security. Experience in AI-related security considerations is highly desirable. Hands-on experience with information security risk and governance frameworks (ISO 27005, EBIOS). Proven ability to communicate complex security risks in business language and influence diverse stakeholders. Experience within the insurance sector (including policy administration and claims More ❯

activities with security assessments and contract reviews. Skills & Experience - Essential Strong experience in Information Security across complex environments (e.g., outsourced, telecoms, energy). Solid grasp of risk management methodologies (ISO27005, ISO31000). Excellent communication skillsable to engage with technical and non-technical stakeholders. Ability to work independently and collaboratively in a fast-paced environment. Skills & Experience - Desirable Recognised certifications: CISSP … CISM, CISA, CEH. ISO27001 Lead Auditor / Implementer certification. Knowledge of NIST Cybersecurity Framework and PKI. Understanding of large public sector programmes. Eligible for HMG SC clearance. Personal Attributes Analytical and detail-oriented with a proactive mindset. Strong stakeholder engagement and influencing skills. Able to prioritise effectively and remain calm under pressure. Committed to continuous improvement and professional development. More ❯

Key Responsibilities Define and implement security capabilities and governance across the platform. Ensure compliance with the National Law Enforcement Data Portfolio Integrated Management System (IMS) (ISO27001 / 2 ISO27005 BS10008). Ensure compatibility with the Cross-Government Secure by Design (SbD) Strategy throughout the lifecycle of the cloud systems. Embed security requirements and stage gates within the Programme Governance More ❯

. Define and implement security capabilities and governance across the platform. . Ensure compliance with the National Law Enforcement Data Portfolio Integrated Management System (IMS) (ISO27001 / 2 ISO27005 BS10008). Ensure compatibility with the Cross-Government Secure by Design (SbD) Strategy throughout the lifecycle of the cloud systems. . Embed security requirements and stage gates within the Programme More ❯

credibility, and the ability to influence are as critical as technical expertise. Key responsibilities - Cyber Assurance and GRC Leadership: Lead assurance activities and programmes, aligning security controls to ISO 27001, NIST CSF, ONR, and UK Gov standards Gap Analysis and Compliance: Produce audit-ready evidence, manage ONR requirements, and ensure ongoing alignment with NCSC and NPSA guidance Cloud … evidence, and certification programmes (e.g. ISO 27001, NIST CSF, Cyber Essentials+) Strong technical background in Microsoft Security Stack and cloud security architecture Familiarity with risk assessment methodologies (ISO27005, NIST) Excellent communication, presentation, and stakeholder management skills Confident operating within regulated environments and engaging with regulators Eligible for SC clearance (active or recently lapsed preferred) Desirable - Experience in the More ❯

credibility, and the ability to influence are as critical as technical expertise. Key responsibilities - Cyber Assurance and GRC Leadership: Lead assurance activities and programmes, aligning security controls to ISO 27001, NIST CSF, ONR, and UK Gov standards Gap Analysis and Compliance: Produce audit-ready evidence, manage ONR requirements, and ensure ongoing alignment with NCSC and NPSA guidance Cloud … evidence, and certification programmes (e.g. ISO 27001, NIST CSF, Cyber Essentials+) Strong technical background in Microsoft Security Stack and cloud security architecture Familiarity with risk assessment methodologies (ISO27005, NIST) Excellent communication, presentation, and stakeholder management skills Confident operating within regulated environments and engaging with regulators Eligible for SC clearance (active or recently lapsed preferred) Desirable - Experience in the More ❯

environment. • Good knowledge of control frameworks such as ISO27001, ITIL (Information Technology Infrastructure Library), NIST, IEC 62443 and SABSA. • Good knowledge of Risk Management Methodologies such as ISO27005, IRAM2 and IEC 62443 3-2. • Strong technical skills across IT. • Ability to interpret regulations and laws and communicate effectively to all levels of the organisation. • Excellent … presentation, project management, problem-solving, training / coaching, and conflict resolution skills. • Ability to track and manage numerous parallel projects and activities. • Ability to work successfully in a cross-functional team environment. • Excellent stakeholder management. There's been significant investment and growth throughout the Cyber and Information Security function, you'll be joining a high-calibre team in an More ❯

occasional meetings in Westminster and active SC Clearance is essential. The key skills required for this AWS Security Product Owner role are: Compliance with (IMS) (ISO27001 / 2 ISO27005 BS10008) Technical Security Lead for Product Team Define and implement security capabilities and governance across the platform If you do have the relevant experience for this AWS Security Product Owner More ❯

occasional meetings in Westminster and active SC Clearance is essential. The key skills required for this AWS Security Product Owner role are: Compliance with (IMS) (ISO27001 / 2 ISO27005 BS10008) Technical Security Lead for Product Team Define and implement security capabilities and governance across the platform If you do have the relevant experience for this AWS Security Product Owner More ❯

on experience Dynamic (hybrid) working : 2 days per week on-site due to workload classification Security Clearance : British Citizen or a Dual UK national with British citizenship. Restrictions and / or limitations relating to nationality and / or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG … practices is desirable. Whilst not essential, one of the following qualifications is highly desirable: CISMP – Certificate In Information Security Management Principles CISM – Certified Information Security Manager ISO27001 Lead Auditor ISO27005 Certificated Security Risk Manager CSMP – Certified Security Management Professional Whilst not essential, understanding / experience of UK MoD Defence Conditions would be beneficial. Our company: Peace is not a More ❯