21 of 21 Contract ISO/IEC 27001 Jobs in London

System Engineer Location: East London (Hybrid – office / home) Rate: £450–£500 per day (Inside IR35) Duration: Initial 3–4 month contract (backlog clearance) with strong potential for extension or permanent conversion Client Environment: Major London Rail customers (TfL, Network Rail – station systems) Overview We are seeking … assurance deliverables while providing technical oversight to junior engineers and supporting SIEM integration activities. This is a hybrid East London role with no trackside / site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber Security Management Plans (CSMP) Risk assessments and threat models Assurance and compliance ...

assurance input to ensure services, solutions, and supplier submissions meet required security, risk, and control expectations. Experience across telecoms , 5G , device security , or handheld / mobile delivery environments would be highly beneficial. Key Responsibilities Lead cyber assurance activity across relevant workstreams, suppliers, and technical deliveries Provide independent assurance over … role Strong background in architecture , with the ability to review, challenge, and assure complex technical designs Good working knowledge of ISO 27000 / ISO 27001 and their practical application in delivery and supplier environments Experience working with and assuring 3rd party suppliers ...

Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT / ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape the roadmap … with ServiceNow and enterprise architecture standards. Mentor and guide development and implementation teams, ensuring quality and alignment with strategic goals. Your Profile Essential skills / knowledge / experience: (Up to 10, Avoid repetition) Proven experience as a ServiceNow Architect with strong delivery experience across SecOps and / ...

Security Architect / AI Security Strategy Manager to play a key role in shaping and delivering the organisation s AI security agenda. This is a strategic leadership opportunity for a candidate with strong experience across AI governance, information security, target operating model design, and enterprise stakeholder engagement . … year planning Deep understanding of AI concepts, governance frameworks, enterprise adoption models, and associated risks Strong knowledge of information security frameworks and AI regulations / standards , including: ISO 27001 ISO 42001 NIST AI RMF EU AI Act Proven experience working with senior stakeholders ...

updated in line with changing jurisdictional regulations, establishing a consistent global standard to meet all legal and regulatory requirements. Oversee preparation for ISO 27001 certification review , including the development and execution of a robust remediation plan, ensuring continued accreditation. Key Requirements Proven experience in data risk … DPIAs and working with risk management platforms (e.g., SureCloud or similar). Demonstrated experience in policy development , particularly data retention frameworks. Familiarity with ISO 27001 standards and audit preparation. Excellent stakeholder engagement, communication, and training delivery skills. Ability to manage multiple global initiatives and meet fixed ...

Cyber Security Consultant / Security Assurance SME Summer-Browning Associates is currently supporting our central government client, who is seeking a Cyber Security Consultant for an initial 6 assignments with the option to extend. Location: London / Milton Keynes / Hybrid / Remote The ideal candidate … understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework, ISO 27001, NIST, COBIT, as well as SABSA and TOGAF. Experience in risk and threat modelling within high-threat government environments. Preferred Qualifications ...

/ day | Inside IR35 | SC Cleared | London / Manchester / Bristol (Hybrid) | 3 months We're supporting a government department seeking an experienced Head of Cyber Security / CISO-level leader for a short paternity cover assignment. You'll provide senior cyber leadership, risk oversight … continuity across several key initiatives. Key Responsibilities Provide senior leadership at Head of Cyber / CISO level . Oversee risk management , PAWS and PAM environments. Support security automation / orchestration and dependency management work. Assist with the department's transition. Essential Requirements Active SC clearance CCP , ISO ...

Resilience & Business Continuity, IT & Cyber Resilience and Third-Party Risk Management. Your responsibilities will cover: Updating the Bank’s Operational Resilience Framework (to PRA / FCA requirements) Conducting, documenting and maintaining Business Impact Assessments, Business Continuity Plans and Disaster Recovery strategies Coordinating resilience testing, including crisis simulations, system outage … backup, and failover Supporting IT Service Continuity Management testing Ensuring alignment with cybersecurity frameworks (NIST, ISO 27001) and PRA / FCA expectations Monitoring and challenging third-party / vendor resilience Overseeing Third Party Risk Management Your experience must include: Strong proven experience in Operational ...

escalation and ensuring their posture remains within our risk appetite. Knowledge / Skills / Experience: Solid understanding of frameworks such as NIST, ISO27001, OWASP, CVSS. Formal security certifications desirable: CompTIA Security+, CISM / CISSP / CRISC beneficial. Working knowledge of regulatory requirements including DORA, CBEST … detail. Experience in vulnerability management programmes and remediation delivery, including working knowledge of scan tools. Familiarity with risk management practices and basic coding / automation skills. Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven ...

Business Analyst - Cybersecurity, NIST, ISO £Market Rate - Inside IR35 London / Hybrid 6 months My client is an instantly recognisable Global Insurer who require a Business Analyst with extensive Cybersecurity knowledge to join a business-critical programme. Key Requirements: Proven commercial experience working as a Business Analyst … documentation throughout the project lifecycle. Is able to demonstrate strong analytical, facilitation, and stakeholder-management skills, with desirable exposure to cybersecurity frameworks (NIST, ISO 27001, CIS, COBIT) and cyber-related process improvements. Nice to have: Immediate availability. Hays Specialist Recruitment Limited acts as an employment agency ...

Position: IAM Delivery Lead (Identity & Access Management) Location: Reading 2 days p / week; remote 3 days Type: Contract, 6 months, Inside IR35 Rate: £700 p / day Assignment Rate We are seeking an IAM Delivery Lead to join a major cyber security transformation programme. You will lead … vendors Ensure governance, risk management, and compliance with security standards Drive change and transition services into BAU Skills & Experience: Proven experience delivering IAM / identity security programmes Strong background in RFPs and vendor management Knowledge of IGA, PAM, JML, MFA, and SSO Experience in complex, federated or global environments ...

including identity management, device security, workstation protection, cloud hosting, collaboration tools, networking, cryptography, operations, and data governance. Strong understanding of secure DevOps practices, CI / CD controls, and Infrastructure as Code (IaC) hardening. Experience applying security controls to AI and machine learning components, Demonstrable knowledge of cybersecurity frameworks … standards, including the NCSC Cyber Assessment Framework, ISO 27001, NIST, COBIT, as well as SABSA and TOGAF. - Preferred Qualifications: Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review. ...

modelling experience Risk assessment experience Strong understanding of security frameworks such as NIST and ISO 27001 Cloud experience Operational background / experience This is an exciting opportunity for an experienced Security Design Consultant to join a truly world-class business, which will give you access ...

Position: Tech Assurance Delivery Lead Location: Reading 2 days p / week; 3 days remote Type: Contract, Inside IR35, 6 Months Rate: £620 p / day (umbrella rate) We are seeking a Tech Assurance Delivery Lead to join a major cyber security transformation programme. This person will deliver … Tech Assurance projects, defining scope, plans, milestones, and success criteria Implement second-line assurance initiatives, including control testing, continuous control monitoring, and vulnerability / patch management improvements Develop and track assurance metrics to provide insight into control performance, risk posture, and regulatory compliance Coordinate cross-functional teams, stakeholders ...

threats and vulnerabilities • Supporting DevOps and engineering teams to embed security controls into cloud platforms • Implementing security frameworks aligned with NIST, CIS or ISO 27001 Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below Cloud Security Engineer, AWS Security ...

possess proven skills working with the following: • Designing secure cloud architectures across AWS and Azure environments • Implementing cloud security controls aligned with NIST, ISO 27001 or CIS frameworks • Supporting large cloud transformation or migration programmes • Defining identity, access and network security models within cloud platforms • Working ...

will provide technical leadership to the team & work closely with client enterprise architecture team and client ServiceNow Teams. We are seeking a ServiceNow IRM / GRC Architect with strong exposure to GenAI and Agentic AI capabilities to design and deliver intelligent risk, compliance, and governance solutions on the ServiceNow … ensuring best practices are followed and customizations are minimized. Integration and Automation: Design and manage integrations with third-party tools (e.g., Splunk, Workday, REST / SOAP endpoints) and leverage automation via Flow Designer, Business Rules, and Script Includes. Stakeholder Engagement: Collaborate with business and technical stakeholders to gather requirements ...

security documentation, including policies, standards, processes, procedures, and patterns. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework, ISO 27001, NIST, COBIT, as well as SABSA and TOGAF. To apply, please submit your latest CV for review. ...

existing third-party suppliers Perform initial risk tiering based on services, data access, and system access Review supplier security documentation (e.g., ISO 27001, SOC reports) Liaise with suppliers and internal stakeholders to gather assurance evidence Provide risk recommendations and track remediation actions Ensure security requirements ...

Purpose of this role As a SOX IT Consultant / Tester, you will play a key role in assessing, testing, gathering attestation information, monitoring process and ensuring that our IT controls meet the requirements for SOX compliance. You will collaborate closely with cross-functional teams to provide advisory services … with implementing corrective actions. Improve IT Controls and Process documentation (i.e., work with process owners to refine risk control matrix, improve process flows, refine / develop test procedures, propose control language and associated risks etc.) Maintain up-to-date knowledge of regulatory requirements and best practices in IT controls ...

stakeholders. Support remediation tracking across technology teams, ensuring alignment with the bank's risk appetite. Contribute to regulatory readiness under frameworks such as NIST, ISO27001, DORA, and operational resilience requirements. Engage with cross-functional teams (Security Engineering, Operations, Risk, Technology) to support strategic initiatives. Participate in governance forums , providing clear … services or a regulated environment. Hands-on knowledge of tools such as Tenable, Nessus, Qualys , or similar scanning technologies. Solid understanding of security frameworks: ISO27001, NIST, OWASP, CVSS . Experience producing executive-level reporting , dashboards, or risk summaries. Ability to interpret technical vulnerability outputs and translate them into meaningful business ...