17 of 17 Remote ISO/IEC 27005 Jobs

the Security Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience … endpoint, and cloud security. - Ability to assess and communicate technical vulnerabilities in business terms. - Experience working with or within a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory … You will always however hear from us by phone if we are able to take your CV forward to the next stage. You can also follow us at Twitter / Facebook / LinkedIn or via our website . More ❯

code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … . Conduct penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138 / 139). Proficiency in security testing More ❯

Senior Cybersecurity Risk Analyst (Interim) Fully Remote | 3-Month Contract | £260 / day (Inside IR35 via umbrella) We’re working with a leading UK charity who are looking to bring in a Senior Cybersecurity Risk Analyst to support during a critical period. This is a hands-on, technically focused interim contract — ideal for someone with strong experience in risk … cloud security principles. Comfortable working alongside or within a Security Operations Centre (SOC) . Able to communicate technical risks in plain business terms. Familiar with frameworks such as ISO 27005, NIST RMF , or similar. Available to start immediately or within short notice . Bonus Points For: Certifications: CISSP, CISM, CRISC, CEH or equivalent. Experience using GRC More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to change based on the specific requirements of the role. Quick call More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to change based on the specific requirements of the role. Quick call More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process ️ Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process ️ Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯

strategy, translating them into reusable templates and guardrails. Lead architecture reviews for high risk projects, providing actionable recommendations and tracking remediation through to closure. Perform and interpret threat modelling / pen test results, converting findings into road mapped improvements and measurable risk reductions. Advise on security controls for hybrid and cloud platforms (AWS, Azure, Kubernetes, serverless), balancing usability, cost … or mitigation strategies. Oversee vendor and SaaS evaluations, ensuring contracts include appropriate security clauses and ongoing assurance. Essential skills: Risk based decision making: expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost effective controls. Technical depth: hands on knowledge of cloud security, IAM, container & API security … ability to engage C suite and delivery squads alike, adapting style to gain agreement and drive secure by design culture. Mentoring & governance: experience line managing or coaching security architects / engineers and running architecture assurance or design review boards. At the Home Office, your work has real-world impact, shaping the safety and security of millions. We offer: Meaningful More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Check compliance with … applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this role? Ideally you'll be familiar with the main risk analysis methods (EBIOS … a leading Engineering Group In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Check compliance with … applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this role? Ideally you’ll be familiar with the main risk analysis methods (EBIOS … Engineering Group #LI-SW1 In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this … role? Ideally you'll be familiar with the main risk analysis methods (EBIOS, ISO 27005), regulatory constraints (LPM, NIS, RGPD, II 901, IGI 1300) and security standards (ISO 27000, NIST, ANSSI, etc). You are able to identify, analyse and evaluate cybersecurity and information risks. Have knowledge of Authentication and Identity management solutions. Experienced … a leading Engineering Group In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this … role? Ideally you'll be familiar with the main risk analysis methods (EBIOS, ISO 27005), regulatory constraints (LPM, NIS, RGPD, II 901, IGI 1300) and security standards (ISO 27000, NIST, ANSSI, etc). You are able to identify, analyse and evaluate cybersecurity and information risks. Have knowledge of Authentication and Identity management solutions. Experienced … a leading Engineering Group In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯

risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001 / 2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138 / 139). Familiarity with HMG security and assurance frameworks is More ❯

security protocols. Reporting & Documentation: Create and maintain clear, concise reports, metrics, and documentation related to security incidents, risks, and controls. What we need from you; Practical experience of ISO27001 / 27004 / 27005 and NIST Risk Management Framework (RMF) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Good understanding and … benefits: Access to private healthcare, dental schemes, Workplace ISA, Go Green Car Scheme, technology and lifestyle options (£500 annual allowance) Holidays: 25 days plus bank holidays, option to buy / sell leave and to accrue up to 12 additional flexi leave days per year Pension: Award winning pension scheme (up to 15% employer contribution) Wellbeing: Employee Assistance Programme with More ❯

What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO / IEC 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def … Stan 05-138 / 139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches challenges with innovation and critical thinking. More ❯

modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security … . Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or … application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK More ❯