1 to 25 of 48 Contract ISO/IEC 27001 Jobs in England

a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.) . Demonstratable experience of working within Cyber / Information Security. . Cyber Risk Management experience. . Experience of working in highly secure environments. . Secure by Design knowledge. . Cloud experience (Azure, AWS). . CISSP qualification … of UK Government cybersecurity frameworks and standards (NCSC CAF, Government Functional Standard GovS 007, Cyber Security Standard) and international standards (ISO 27001, ISO / IEC 27005, NIST, COBIT) Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the … candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and / or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

Outside IR35, Dev / Sec Ops Engineer, Azure, AWS, Technical Blueprint, Best practice, Regulatory Environment background. West Midlands, London We are seeking a Senior DevSecOps Engineer to lead governance, architecture guidance, and assurance for cloud and infrastructure security across Microsoft Azure, AWS, and key SaaS platforms. This role is pivotal in defining technical blueprints, setting security standards, and ensuring … best practices, validate implementations, and support audit readiness across IaaS, PaaS, and SaaS environments. Key Responsibilities Define and maintain multi-cloud security standards and reference blueprints (e.g. Azure Policy / Initiatives, AWS Control Tower / SCPs) Own security architecture patterns and contribute to HLD / LLD, threat models, and risk assessments Set assurance criteria and control evidence … standards (Entra ID Conditional Access, MFA, PIM; AWS IAM federation) Govern SaaS security onboarding (SSO, OAuth governance, DLP controls, vendor assessments) Specify telemetry and logging requirements for Microsoft Sentinel / SOC and review analytics / reporting Lead compliance mapping for ISO 27001 and curate audit-ready evidence packs Chair Cloud & Platform Security design reviews More ❯

isn't the Trusts normal practice, adverts may close early, so you are encouraged to submit an application as soon as possible. A video about the Royal Surrey - https: / / www.youtube.com / watch?v=R96pMboIYdo Job description Job responsibilities The Clinical Informatics Programme Manager is responsible for the delivery of all aspects of the Clinical Informatics … roadmaps Strong interpersonal skills & able to develop and maintain effective and credible relationships with business leaders and supplier management Knowledge of Service and Security Management standards (such as ISO20000, ISO27001) Knowledge of IT concepts and systems Knowledge of contracting trends, licensing models, and traditional and emerging contract and vendor performance models Deep market knowledge of IT and Healthcare Technologies Strong … responsibilities - Previously responsible for a budget, involved in budget setting and working knowledge of financial processes Desirable Excellent working knowledge and experience of implementing standards and controls e.g. ISO20000, ISO27001 Management experience of ITIL disciplines Experience of working in an IT service provider Where applicable, understanding of government and industry regulations that will influence contracting approach and vendor behaviour Disclosure More ❯

in the days that you work, and the opportunity to work across diverse industries. Our client works with a range of standards including the main international standards (e.g., ISO 9001, ISO 14001, ISO 27001, ISO 45001). They are seeking someone to focus on mainly information security so experience or … sessions to staff on system awareness, compliance, and continual improvement. Advise on integration of multiple standards into a unified management system. Requirements Essential Skills & Attributes Strong understanding of ISO standards and management system principles. Excellent analytical and problem-solving abilities. Exceptional written and verbal communication skills. Ability to work independently and manage multiple client projects. High level of … not essential. Training & Development Training will be provided where required to support specific standards, tools, or client needs. Opportunities for ongoing professional development and certification support. Engagement Terms Freelance / Contract basis with flexible working arrangements. Project-based or retainer agreements depending on client scope. Competitive day rates based on experience and project complexity. More ❯

backend systems at the core of cutting-edge AI, with a strong focus on performance, reliability, and security. Key Responsibilities Architect and evolve scalable backend services in Python (FastAPI / Django / Flask). Design and operate RESTful APIs aligned with OpenAPI / Swagger. Implement authentication and authorization (OAuth2 / OIDC, permissions, session management). Optimise … caching, rate limiting, and queuing to meet performance goals. Integrate with AI pipelines and model-serving endpoints (async inference, streaming). Containerise services with Docker; maintain IaC with Terraform / CloudFormation. Operate services on AWS with CI / CD pipelines (GitHub Actions / Argo CD). Lead security hardening, monitoring, and compliance readiness. Own backup, disaster recovery … REST APIs. Deep expertise in relational database design, performance tuning, and migrations (PostgreSQL). Strong knowledge of Docker, Git workflows, and AWS core services (EC2, VPC, IAM, S3, ALB / ELB, ECR / ECS). Familiarity with API versioning, testing strategies, and documentation best practices. Eligible for SC clearance (or ability to obtain; DV clearance required later). More ❯

opportunity for a security leader with extensive experience designing and implementing enterprise-grade security architectures across complex, highly regulated environments. The role will focus heavily on cloud security, AI / ML security, regulatory compliance, and secure-by-design frameworks for critical systems. Why This Role? Shape and deliver the security architecture strategy for enterprise cloud and AI / … MLOps with security guardrails. Act as a trusted advisor to senior leadership , influencing both business and technology direction. Key Responsibilities Define and evolve security architecture strategies for cloud, AI / ML, and MLOps environments . Act as a senior security advisor to leadership, engineering, and business stakeholders. Develop security architecture standards, patterns, and guidelines for enterprise solutions, with specific … coverage for AI / ML workloads. Conduct security architecture reviews, threat modelling, and risk assessments for AI / ML systems and pipelines . Ensure solutions comply with European financial services regulations (GDPR, PSD2, DORA, NIS2) as well as emerging AI governance frameworks (e.g., EU AI Act, NIST AI RMF). Integrate security into DevSecOps and MLOps pipelines , including More ❯

experts and multidisciplinary teams , while driving standards in one of the most rapidly evolving technology landscapes. The Role As an AI Security Architect , you will: Define and implement AI / ML security strategies, standards, and guidelines . Design and own enterprise security architecture for AI / ML systems, CI / CD, and data pipelines. Conduct security risk … assessments and threat modelling for AI / ML workloads. Support testing of AI / ML models, including trustworthiness, fairness, bias, and adversarial attack detection. Collaborate with data scientists, engineers, and stakeholders to embed security controls in AI / ML pipelines. Enforce robust access control, authentication, and encryption standards . Stay ahead of emerging AI security threats, regulations … and frameworks . Provide advisory guidance to cross-functional teams during AI / ML system design and deployment. Contribute to regulatory compliance efforts (EU AI Act, GDPR, ISO 27001, NIST AI RMF, etc.). Support incident response teams in handling AI / ML-related security events. Your Profile Wed love to hear from you More ❯

Azure Infrastructure Engineer Duration: 13th October 2025 - March 2026 Location: Role can be fully remote Day rate: £400.00 to £450.00 Per Day - Outside IR35 An experienced, UK based Azure / Networking Engineer is urgently required to play a key role in supporting our client to implement solutions that provide benefits to users and clients, whilst ensuring all the existing … solutions are well maintained and supported. The Contract Azure Infrastructure Engineer will support the infrastructure setup for an upcoming member calculations programme of work. The role requires strong Azure / DevOps / resource setup experience (onboarding new suppliers and resources), and the successful candidate MUST be able to start by the 13th October. Skills & Experience: Experience of Windows … Server administration - IIS, Update Management, Performance troubleshooting through methods such as log analysis Experience with O365 Suite Administration, Intune & Defender for Endpoint Strong Networking experience - LAN / WAN / SDWAN / Azure networking such as routing, firewalls, network peering etc. Experience of using tools to automate regular activities (e.g. Tines, N8N, Zapier, Power Automate, Powershell) Familiarity with More ❯

Microsoft Defender (Cloud, Endpoint, Office 365) Microsoft Entra ID (Azure AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection / Prevention Systems (IDS / IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning Data Loss Prevention (DLP … cyber security and technical delivery Deep understanding of Microsoft Azure security architecture and tooling Experience managing third-party vendors and consultancies Familiarity with NIST CSF, CIS Controls, and ISO 27001 Excellent stakeholder engagement and communication skills Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer More ❯

support the organisation's security objectives. You'll oversee the implementation of security controls across both cloud and on-prem environments, ensuring alignment with compliance frameworks such as ISO 27001 and GDPR. Key Responsibilities: Lead and manage cyber and information security programmes across cloud and on-prem environments Evaluate and select third-party vendors and consultancies … Microsoft Defender (Cloud, Endpoint, Office 365) Microsoft Entra ID (Azure AD) Microsoft Purview Microsoft Intune Azure Security Center Information Security (On-Premise): Firewalls (e.g. Palo Alto, Fortinet) Intrusion Detection / Prevention Systems (IDS / IPS) Endpoint Protection Platforms (EPP) SIEM tools (on-prem or hybrid) Identity & Access Management (IAM) Patch management and vulnerability scanning tools Data Loss Prevention … vendor selection and consultancy engagement Proven track record of delivering security programmes end to end Excellent stakeholder management and communication skills Relevant certifications (e.g. SC-100, CISSP, CISM, ISO 27001 Lead Implementer More ❯

assessments, and security design reviews for OT environments. Work closely with engineering and project teams to embed security into delivery. Produce and review security documentation in line with MOD / Defence standards. Provide SME input on OT security to stakeholders across projects. Essential Skills & Experience Active UK DV Clearance (mandatory). Security Practitioner Strong background in Operational Technology. Demonstrable … experience applying MOD / Nuclear Secure by Design (SbD) principles. Proven experience in security architecture and engineering within Defence or Critical National Infrastructure. Knowledge of risk management methodologies and security assurance. Desirable Skills Experience with IEC / ISA 62443 standards. Familiarity with NIST 800-82, ISO 27001, and Defence Security standards (e.g. … JSPs). Previous MOD / Defence and or Nuclear experience. Due to the nature and urgency of the role, candidates are required to hold current Developed Vetting (DV) clearance, if you do not hold this, unfortunately we cannot sponsor. Please familiarise yourself with the security vetting process before applying. More ❯

remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor … Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat … ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management More ❯

Outside IR35 | 3 Months | Fully Remote We’re hiring a Cybersecurity Engineer to support a client on a 3-month contract focused on achieving SOC 2 and ISO 27001 compliance. This role is Outside IR35, fully remote, and offers a daily rate of £500–£600.The successful candidate will deliver the integration of CrowdStrike Falcon with Vanta … help implement the security controls, monitoring, and documentation required for audit readiness. Key Requirements Proven experience in cybersecurity engineering and compliance delivery Deep understanding of SOC 2 and ISO 27001 frameworks and audit processes Hands-on experience with integrating cybersecurity tools and platforms Experience integrating CrowdStrike Falcon and Vanta is a plus Strong adherence to Azure More ❯

Outside IR35 | 3 months | Fully Remote We're hiring a Cybersecurity Engineer to support a client on a 3-month contract focused on achieving SOC 2 and ISO 27001 compliance. This role is Outside IR35, fully remote, and offers a daily rate of £500-£600. The successful candidate will deliver the integration of CrowdStrike Falcon with … help implement the security controls, monitoring, and documentation required for audit readiness. Key Requirements Proven experience in cybersecurity engineering and compliance delivery Deep understanding of SOC 2 and ISO 27001 frameworks and audit processes Hands-on experience with integrating cybersecurity tools and platforms Experience integrating CrowdStrike Falcon and Vanta is a plus Strong adherence to Azure More ❯

We are looking for an eDV / UK*C Product Manager to work 4 days a week on site for an exciting client, job spec below so please feel free to call me on 07887 575829. About the Role We are seeking a highly motivated and experienced Product Manager with active UK*C / eDV to lead and … continuous improvement. Define product vision, roadmap, and success metrics aligned to customer needs, business goals, and regulatory requirements. Work closely with cross-functional teams (engineering, data science, DevOps, UX / UI, compliance, etc.) to ensure timely delivery of high-quality solutions. Act as the voice of the customer and advocate for data-driven decision making. Manage product backlogs, define … adhere to data governance, information assurance, and cybersecurity policies. Support business development teams in identifying new opportunities for data product development and enhancement. Required Qualifications & Experience Active UK*C / eDV security clearance (essential). Proven experience as a Product Manager delivering successful data projects - such as data platforms, analytics tools, data warehouses, or ML / AI initiatives. More ❯

Base Location: Reading / Havant Salary: 800 - 999 per day Working Pattern: 40 hours per week / Full time Embark on a transformative career journey with SSE energy company, where innovation meets impact in the heart of the IT sector. As a pivotal player in our forward-thinking team, you'll harness cutting-edge technology to drive change … security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443. Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT More ❯

Base Location: Reading / Havant Salary: £800 - £999 per day Working Pattern: 40 hours per week / Full time Embark on a transformative career journey with SSE energy company, where innovation meets impact in the heart of the IT sector. As a pivotal player in our forward-thinking team, you'll harness cutting-edge technology to drive change … security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443. * Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT More ❯

Sentinel - essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell … scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500 / SC-400 / SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. Senior Security engineer, M365 Consultant, M365 Engineer, Senior Cloud Security Engineer, Infrastructure More ❯

Sentinel - essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell … scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500 / SC-400 / SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. Senior Security engineer, M365 Consultant, M365 Engineer, Senior Cloud Security Engineer, Infrastructure More ❯

management is also essential. The ability to work closely with business, technical and vendor stakeholders. Engagement via Umbrella Company Only; all taxes & NI deducted at source. General responsibilities: - Define / maintain IT disaster recovery framework ensuring alignment with business continuity objectives. Conduct risk assessments of existing infrastructure services enabling identification of mitigation strategies. Develop and document disaster recovery plans … large-scale enterprise environments. Infrastructure resilience and failover strategies. Ability to engage with senior stakeholders ITIL v4 certification Knowledge of regulatory requirements for IT risk and resilience e.g. ISO 22301, ISO 27001 Experience working in highly regulated environments. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse More ❯

management is also essential. The ability to work closely with business, technical and vendor stakeholders. Engagement via Umbrella Company Only; all taxes & NI deducted at source. General responsibilities: - Define / maintain IT disaster recovery framework ensuring alignment with business continuity objectives. Conduct risk assessments of existing infrastructure services enabling identification of mitigation strategies. Develop and document disaster recovery plans … large-scale enterprise environments. Infrastructure resilience and failover strategies. Ability to engage with senior stakeholders ITIL v4 certification Knowledge of regulatory requirements for IT risk and resilience e.g. ISO 22301, ISO 27001 Experience working in highly regulated environments. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse More ❯

so that it can be interpreted by Information Technology and business individuals Skills: Recognised qualifications include CISSP, CISM, CISA or equivalent ISO 27001 Lead Auditor / Lead Implementor or similar qualification Familiarity with the NIST Cybersecurity Framework is beneficial. Formal qualification in Information Security domain or equivalent experience desirable Cloud Security Controls Location – Manchester or More ❯

Business Analyst - Threat Intelligence London / Hertfordshire £500-570 / day Inside IR35 6-12 Months initial duration Full-Time | Permanent Are you passionate about making sense of cyber threat data and turning it into strategic intelligence that matters? Join as a Business Analyst - Threat Intelligence , and help shape the future of our cyber defence capabilities. In this … experience producing high-quality intelligence products. Clear, persuasive communication skills, with experience delivering detailed briefings to a range of stakeholders. Knowledge of information assurance standards (e.g., NIST , CIS , ISO 27001 , GDPR , Cyber Essentials Plus ). Ability to work cross-functionally with technical and business teams to embed intelligence into operational security. People Source Consulting Ltd is More ❯

GRC Analyst – 6-month contract – London / Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will … able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the … improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party / vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic More ❯