1 to 25 of 44 ISO/IEC 27005 Jobs in the UK

Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for data protection compliance) Experience Requirements: 3–5+ years of experience … in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) – EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for third-party compliance. … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills—ability to brief executives and More ❯

the Security Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience … endpoint, and cloud security. - Ability to assess and communicate technical vulnerabilities in business terms. - Experience working with or within a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory … You will always however hear from us by phone if we are able to take your CV forward to the next stage. You can also follow us at Twitter / Facebook / LinkedIn or via our website . More ❯

in the short, medium or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity / Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR … Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients. Able to always deliver projects within time and in budget and to a high level of customer satisfaction - exercising customer care. Demonstrate … of the below: Excellent attention to detail and documentation. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS. Customer facing experience at senior levels. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage Outputs Ability to successfully compile accurate reports within defined timescales. More ❯

in the short, medium or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity / Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR … Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients. Able to always deliver projects within time and in budget and to a high level of customer satisfaction – exercising customer care. Demonstrate … of the below: Excellent attention to detail and documentation. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS. Customer facing experience at senior levels. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage Outputs Ability to successfully compile accurate reports within defined timescales. More ❯

in the short, medium or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity / Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR … in Azure Resource Manager template, Git, KQL, PowerShell Ability to work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients. Able to deliver projects within time and budget and to a high level of customer satisfaction – exercising customer care. Strong ability to … of the below: Excellent attention to detail and documentation. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS. Customer-facing experience at senior levels. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage Outputs Ability to successfully compile accurate reports within defined timescales. More ❯

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information Security, IT More ❯

and provide expert guidance on remediation. Collaborate with cross-functional teams to embed security within agile project delivery. Keep up to date with emerging threats, technologies, and security frameworks (ISO27005, NIST). Provide training and advisory services to clients on cyber security best practices. What We're Looking For Strong knowledge of cyber risk management and frameworks (ISO27005, NIST). … risks into business terms . Ability to work independently and collaboratively in a client-facing environment. Desirable Skills & Qualifications CIISEC Membership or UK Cyber Security Council professional registration (Chartered / Principal Level). Hands-on experience reviewing and implementing network and cloud security solutions . Familiarity with Zero Trust architectures and modern security frameworks. What We Offer Competitive salary … and benefits package 25 days annual leave + birthday off (option to buy / sell additional 5 days) Private medical cover, pension scheme, and life assurance Ongoing professional development and career growth opportunities #J-18808-Ljbffr More ❯

Cybersecurity Consultant - CISSP, OWASP, Azure Up to £495 per day (Inside IR35) London / Hybrid (3 days per week in London) 12 months initially My client is a London-based firm who urgently require a Cybersecurity Consultant with proficiency in Azure, with CISSP and ideally OWASP (for Application Security) certification to play a key role in a small project … providing expertise for Information Security Risk and Governance Frameworks, performing Info Security Technical Risk Assessments as well as analysis and reporting. Key Requirements: Proven commercial expertise as a Cyber / Info Security Consultant Previous experience within a large, complex enterprise-scale organisation Information Security certifications (CISSP, OWASP) Demonstrable experience of working in Application Security Expertise within Azure (Cloud platform … Ability to communicate highly technical problems / solutions to non-technical audiences across multiple geographical regions / sites Capability to unpick High Level Designs (HLD) with ease Proven experience of working closely with TDA Strong knowledge of conducting Information Security technical Risk Assessments Exceptional communication skills and stakeholder management skills (at all levels) Strong knowledge of working within More ❯

code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security … Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138 / 139). Proficiency in security testing More ❯

code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security … Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138 / 139). Proficiency in security testing More ❯

to the development of a long-term security roadmap that supports the organisation's strategic goals. Ensure ongoing compliance with frameworks and certifications such as Cyber Essentials Plus, ISO 27001, and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk assessments and … language for diverse audiences. Hands-on experience operating in or collaborating with a Security Operations Centre (SOC). Well-versed in applying recognised risk management methodologies such as ISO 27005 and NIST Risk Management Framework. Strong written and verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such … risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in return Guaranteed 3-Month contract £28.49 p / h PAYE or £36.98 p / h UMB Fully remote working - if travel is needed it will be expensed Part-time work whereby you work 3 days a More ❯

to the development of a long-term security roadmap that supports the organisation's strategic goals. Ensure ongoing compliance with frameworks and certifications such as Cyber Essentials Plus, ISO 27001, and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk assessments and … language for diverse audiences. Hands-on experience operating in or collaborating with a Security Operations Centre (SOC). Well-versed in applying recognised risk management methodologies such as ISO 27005 and NIST Risk Management Framework. Strong written and verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such … risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in return Guaranteed 3-Month contract £28.49 p / h PAYE or £36.98 p / h UMB Fully remote working - if travel is needed it will be expensed Part-time work whereby you work 3 days a More ❯

level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise More ❯

level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise More ❯

level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise More ❯

is a remote work opportunity within the following geographic regions, work hours will have to heavily overlap with the US East and US West time zones: Netherlands, Great Britain / United Kingdom The impact you will have: Drive Security Risk Management program maturity to enable risk-informed decision making by the business leadership about risk tolerance and resource allocation … learning Designing, implementing, and managing a security risk management program Managing escalations and effectively interacting with leadership and cross-functional teams Building and documenting risk management and risk acceptance / security exception processes specific to a company’s environment Completing projects with multiple dependencies / constraints and build relationships with / manage diverse stakeholders remotely Tracking and … we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visithttps: / / www.mybenefitsnow.com / databricks . Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. More ❯

offering that is fully integrated into the SDLC, providing our customers the ability to build faster and stay secure by automating the control assurance activities revolving around the CI / CD workflows and providing evidence as a service. According to Gartner, by 2026, 70% of enterprises will have integrated compliance as code into their DevOps toolchains, reducing risk management … specific customer requirements into extensible and reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001 / 27004 / 27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA / NIST SP800 … e.g. Certified Information System Security Professional (CISSP), Cloud Certified Security Professional (CCSP) What you will do Own the “why” for your product. Understand and synthesize the corporate objectives, customer / user pains, industry trends, current customer / user behavior, and anything else that can provide context to drive the product team’s decision-making. Partner with design, engineering More ❯

offering that is fully integrated into the SDLC, providing our customers the ability to build faster and stay secure by automating the control assurance activities revolving around the CI / CD workflows and providing evidence as a service. According to Gartner, by 2026, 70% of enterprises will have integrated compliance as code into their DevOps toolchains, reducing risk management … specific customer requirements into extensible and reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001 / 27004 / 27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA / NIST SP800 … e.g. Certified Information System Security Professional (CISSP), Cloud Certified Security Professional (CCSP) What You Will Do Own the “why” for your product. Understand and synthesize the corporate objectives, customer / user pains, industry trends, current customer / user behavior, and anything else that can provide context to drive the product team’s decision-making. Partner with design, engineering More ❯

Social network you want to login / join with: Information Security Compliance Analyst, Hertfordshire Client: Cpl Life Sciences Location: Hertfordshire, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 28.04.2025 Expiry Date: 12.06.2025 Job Description: We are seeking an Information Security Compliance Analyst for a 12-month fixed-term contract in a hybrid setting … maintaining security policies, managing security awareness training, advising on security matters, and supporting audits. Qualifications and Experience: Degree level qualification or equivalent (highly desirable) Relevant certifications like CISM and / or CRISC (highly desirable) Experience in information security, IT governance, risk, and compliance, especially with ISO 27001 Knowledge of industry frameworks such as ISO … development, and third-party due diligence Proven ability to lead audits and establish data classification standards Project management experience in security, data protection, and compliance initiatives Knowledge of UK / EMEA data protection laws like DPA and GDPR Stakeholder management skills at technical and executive levels #J-18808-Ljbffr More ❯

the Security Operations Centre (SOC). Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. Perform additional security-related tasks as directed by the Head of Information Security Essential Skills & Experience Proven experience in … and cloud security. Ability to assess and communicate technical vulnerabilities in business terms. Experience working with or within a SOC environment . Familiarity with risk management frameworks (e.g. ISO 27005, NIST RMF). Excellent communication and reporting skills. Due to the volume of applications received for positions, it will not be possible to respond to all … personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http: / / proactive.it / privacy-notice / More ❯

Senior Cybersecurity Risk Analyst (Interim) Fully Remote | 3-Month Contract | £260 / day (Inside IR35 via umbrella) We’re working with a leading UK charity who are looking to bring in a Senior Cybersecurity Risk Analyst to support during a critical period. This is a hands-on, technically focused interim contract — ideal for someone with strong experience in risk … cloud security principles. Comfortable working alongside or within a Security Operations Centre (SOC) . Able to communicate technical risks in plain business terms. Familiar with frameworks such as ISO 27005, NIST RMF , or similar. Available to start immediately or within short notice . Bonus Points For: Certifications: CISSP, CISM, CRISC, CEH or equivalent. Experience using GRC … be provided when applying for a job. Eurojobs.com is not responsible for any external website content. All applications should be made via the 'Apply now' button. Created on 26 / 06 / 2025 by JR United Kingdom #J-18808-Ljbffr More ❯

the Security Operations Centre (SOC). Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. Perform additional security-related tasks as directed by the Head of Information Security Essential Skills & Experience Proven experience in … and cloud security. Ability to assess and communicate technical vulnerabilities in business terms. Experience working with or within a SOC environment . Familiarity with risk management frameworks (e.g. ISO 27005, NIST RMF). Excellent communication and reporting skills. Due to the volume of applications received for positions, it will not be possible to respond to all More ❯

rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs, across More ❯

rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs, across More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯