9 of 9 ISO 31000 Jobs in the UK

accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR. You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. … internal and external stakeholders/groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response … compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO More ❯

and maintenance of the EMEA information security management system, ensuring compliance with Global EIT strategy, EMEA business needs, and relevant legislation (e.g NIS 2, AI Act, GDPR). Maintain ISO 27001:2022 certification and ensure adherence to health, safety, financial, and privacy regulations. What are we looking for? Degree level qualified or equivalent - essential. CISM and/or CISSP … or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is highly desirable Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Experience of information security management and/or security awareness. Good knowledge of industry standard frameworks … and best practices – ISO 27001: 2022, NIS2, AI Act etc. and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience of developing, implementing, managing, and maintaining Information Security policies, guidance, & procedures. Experience of risk management and maintaining risk registers. More ❯

controls across infrastructure and platforms. You will also guide teams in applying secure-by-design principles and support both internal audit and external compliance efforts including Gov Assure, CAF, ISO 27001, and Cyber Essentials (CE and CE+) while supporting the secure operation of core services. The role requires strong stakeholder engagement, technical depth, and a sound understanding of UK … in designing and implementing secure infrastructure or cloud architectures. o Proven experience with risk assessment methodologies and maintaining enterprise risk registers. o Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating). o Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks. o Experience conducting or supporting security audits More ❯

disaster recovery, business continuity, data governance, privacy, change, and third party risk. At least five years’ experience in a risk focused role. Knowledge of risk management frameworks such as ISO31000, NIST, COBIT or COSO. Understanding of control frameworks and IT general controls. Experience in control assurance is desirable. Certifications such as ITIL Master or Expert, CISA or CRISC would be More ❯

start to finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or SABSA. Why QBE? At My Best? At QBE, we want our people to feel rewarded and inspired to perform More ❯

What you'll need to bring to the role & Experian Experience in risk, controls, or audit roles, including transformation delivery. Strong knowledge of risk and control frameworks (e.g., COSO, ISO 31000); RSA Archer experience is a plus. Proven ability to lead teams and influence senior stakeholders. Excellent communication, analytical, and problem-solving skills. Comfortable working across global teams More ❯

embedded from the ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. Collaborate with multi-disciplinary teams … architecture or security engineering roles within the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001/2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who can More ❯

embedded from the ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. Collaborate with multi-disciplinary teams … architecture or security engineering roles within the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001/2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities — able to assess complex data and provide actionable insights. A collaborative communicator who can More ❯

including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯