15 of 15 Contract ISO/IEC 27001 Jobs in the Thames Valley

Plus, ISO 27001, DSPT and GDPR. Responsibilities Conduct risk assessments for systems, projects and third parties; document findings and remediation. Review and respond to supplier / security questionnaires and tender submissions. Support vulnerability and patch management; interpret scans and prioritise fixes. Advise IT teams on alerts, incidents and security configuration (M365 / Azure / Defender / DLP / Conditional Access). Maintain risk register and track remediation actions from audits or incidents. Support compliance activities (ISO 27001, Cyber Essentials Plus, DSPT) and contribute to policy updates. Provide clear security advice to projects and senior stakeholders. What you'll need to succeed Proven experience in information security, with … M365, Defender suite, DLP, Conditional Access). Skilled in evaluating supplier security through questionnaires, procurement documents, and assurance reviews. Knowledgeable in risk management practices and frameworks such as ISO 27005 and NIST RMF. Familiar with key compliance standards including ISO 27001, Cyber Essentials Plus, DSPT, and GDPR. Capable of interpreting vulnerability assessments and advising More ❯

Division, the Enterprise Infrastructure Solutions unit is responsible for the design, delivery, and management of centrally supported IT infrastructure and applications. This includes enterprise compute platforms, data networks, UNIX / Linux / Windows environments, cloud services, data centres, commercial software solutions, and end-user support across all UKAEA sites. Role Overview : The Cyber Security Specialist plays a pivotal … o Experience conducting or supporting security audits and implementing remediation plans. o Proficiency in assessing and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS / PaaS, Windows / Linux / Unix. o Strong knowledge of security tooling such as SIEM, endpoint detection (EDR / XDR), and vulnerability management platforms. o Hands … Experience working in a regulated or government environment, particularly within research, energy, or national infrastructure. o Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems. o Knowledge of OT / ICS / SCADA security principles and industrial control environments. o Experience designing or reviewing secure software supply chain and CI / CD security. o Practical experience in More ❯

IIAM / PAM Specialist Rate: £475-£500 Location: Hybrid (mainly remote, occasional travel to Oxfordshire HQ) Start: ASAP | IR35: Outside | Clearance: SC required The Role We're seeking an experienced IAM / PAM Specialist to lead the design and delivery of greenfield Identity and Access Management and Privileged Access Management solutions. You'll provide hands-on technical leadership … ensure secure-by-design implementation, and contribute to the development of SIEM / SOC capabilities. Key Responsibilities Lead end-to-end IAM / PAM design and delivery. Integrate IAM / PAM telemetry into SIEM tooling. Provide technical oversight for MSPs and vendors. Develop and manage Conditional Access, MFA, and RBAC policies. Mentor junior team members and build … internal capability. Maintain IAM / PAM architecture and standards aligned to ISO 27001 & NIST. Skills & Experience Proven IAM / PAM implementation experience (e.g. Entra ID, CyberArk, BeyondTrust). Hands-on with Azure AD / Entra ID , Conditional Access & Identity Protection. Understanding of OAuth2.0, SAML, OpenID Connect . Familiarity with ISO 27001 More ❯

Security Architect (Network Security) Location -Warwick / Wokingham / Hybrid About the Role We are seeking an experienced Security Architect (Network Security) to design, implement, and maintain enterprise-grade network security solutions. This role will play a critical part in safeguarding infrastructure, ensuring compliance with global standards, and driving a proactive security posture across the organization. You will … risks. Apply industry frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls . Oversee and enhance security technologies: SIEM, vulnerability management, cloud security (OCI / Azure / AWS), PKI, cryptography, web / email security, logging and monitoring . Monitor network traffic for anomalies and potential breaches. Collaborate with IT teams (network engineers … lifecycles (SDLC), Agile frameworks, and security tools . Strong communication skills with the ability to simplify technical concepts for executives. Qualifications & Certifications Relevant certifications such as Palo Alto PCNSA / PCNSE, F5, CompTIA, Zscaler, Azure, AWS, CISSP, CCSP, ISSAP, ITIL (preferred). Performance Expectations Customer Centricity : Deliver timely solutions to security incidents, enhance customer experience, and recommend effective controls. More ❯

Title: HCM Cloud - Functional Lead Location: Reading / Havant / Thatcham / Perth Duration: Untill march 2026 Key Accountabilities Support the successful delivery of the Oracle Fusion HCM Project through liaison with SI Partners, OCS, Business SMEs and IT colleagues through the build, test and cut over phases. Take particular ownership for the functional delivery of reporting … Identify risks, issues, and dependencies of the Integrations and Data Migration Workstream, mitigate, and manage these as required. Support the upcoming test phases with expertise in Parallel Payroll Runs / Payroll Comparison testing a particular focus Produce a range of project documentation, including but not limited to specs, strategies, project plans, RAID items. Translate technical concepts or terminology for … non-technical audiences. A strong customer / client focus, with the ability to manage expectations appropriately and provide a superior customer / client experience. Ability to interact with staff at all levels up to senior and across all business units and organisations, and to understand business imperatives Strong organisation and communication skills. Ability to work well under minimal More ❯

CyberArk, BeyondTrust, or Delinea Strong understanding of Active Directory, LDAP, and authentication protocols Scripting experience (PowerShell or Python) for automation and reporting Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR Excellent communication and problem-solving skills To Be Considered: Please either apply through this advert or email me directly at . For further … skills) your application to our client in conjunction with this vacancy only. Key Skills: PAM Engineer, CyberArk, BeyondTrust, Delinea, Privileged Access, Active Directory, PowerShell, Python, Access Management, Cybersecurity, ISO 27001, NIST, GDPR, NSD More ❯

Management, Compliance, Business Continuity / DR, Cloud Security gained in a previous delivery capacity. Experience in delivering assignments using well known security frameworks, standards and methodologies such as ISO27001, NIST CSF, CIS Top 18 and COBIT. Industry certifications such as CISSP / CISA / CRISC / CISM / CISMP. More ❯

Management, Compliance, Business Continuity / DR, Cloud Security gained in a previous delivery capacity. Experience in delivering assignments using well known security frameworks, standards and methodologies such as ISO27001, NIST CSF, CIS Top 18 and COBIT. Industry certifications such as CISSP / CISA / CRISC / CISM / CISMP. More ❯

the clients across EMEA, APAC, US and Canada. We have an excellent job opportunity for you. Role Title: Penetration Tester (CTM level) Location: Wokingham RG41 5BN | Hybrid - 3 office / 2 home Duration: 30 / 06 / 2026 Rate: 492£ / day on umbrella Description CONTRACTOR MUST HOLD ACTIVE SC CLEARANCE AND BE A SOLE UK … locations. Strong knowledge of penetration testing tools including (Burpsuite, Metasploit, Nmap) etc Good knowledge of multiple Operating Systems (OS) including Windows &.NIX Ability to configure network devices, Firewalls, IDS / IPS devices and wireless technologies … Document findings in detailed reports, providing clear recommendations for remediation using client in-house developed reporting tool. Good understanding of common security standards and regulatory compliance such as GDPR, ISO27001 and PCI DSS An ability to work effectively and positively within a team and willing to collaborate and readily share knowledge and skills MUST: Relevant degree / postgraduate degree More ❯

engage diverse stakeholders. Proficiency in requirements management tools and techniques. Excellent communication skills, both written and verbal. Strong analytical and problem-solving abilities. Familiarity with regulatory frameworks (e.g., ISO 27001, NIST) is a plus. SC clearance is desirable. Apply Now! Don't miss out on the chance to join a vibrant team and contribute to our More ❯

Role Title: PEN Tester Location: Bearwood Rd, Sindlesham, Wokingham RG41 5BN | Hybrid - 3 office / 2 home Duration: 30 / 06 / 2026 Rate: 500p / d via Umbrella Clearance: Contractor must hold active SC Clearance and be a sole UK National Role Description: A penetration tester plays a vital role within the UK's cybersecurity … Powerpoint Strong knowledge of penetration testing tools including (Burpsuite, Metasploit, Nmap) etc Good knowledge of multiple Operating Systems (OS) including Windows &.NIX Ability to configure network devices, Firewalls, IDS / IPS devices and wireless … technologies Document findings in detailed reports, providing clear recommendations for remediation using in-house developed reporting tool. Good understanding of common security standards and regulatory compliance such as GDPR, ISO27001 and PCI DSS An ability to work effectively and positively within a team and willing to collaborate and readily share knowledge and skills More ❯

landscape. What We're Looking For To be successful in this Governance & Risk Specialist role, you should possess the following: Policy experience with NIST and 800-53 Control Set, ISO27001 Proven experience in cyber risk management, with a strong understanding of risk assessment and mitigation strategies Excellent communication and stakeholder management skills to effectively collaborate with cross-functional teams Ability More ❯

colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness of common Information Security management frameworks such as ISO 27001, COBIT, Information Security Forum and NIST. The successful applicant should be able to commit to starting ASAP. The role will hybrid, with up to two days More ❯

locations. Strong knowledge of penetration testing tools including (Burpsuite, Metasploit, Nmap) etc Good knowledge of multiple Operating Systems (OS) including Windows &.NIX Ability to configure network devices, Firewalls, IDS / IPS devices and wireless technologies Document … findings in detailed reports, providing clear recommendations for remediation using Capgemini's in-house developed reporting tool. Good understanding of common security standards and regulatory compliance such as GDPR, ISO27001 and PCI DSS An ability to work effectively and positively within a team and willing to collaborate and readily share knowledge and skills MUST: Relevant degree / postgraduate degree … CHECK Team Member qualification (Crest / CyberScheme) Experience in Cloud Security (AWS / Azure) Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take More ❯

Excellence.This is a hands-on consulting position delivering Governance, Risk and Compliance (GRC) projects for major enterprise clients — including risk management, cloud security governance, and compliance frameworks such as ISO27001, NIST CSF, CIS Top 18 and COBIT .You’ll play a key role in engaging with senior stakeholders, assessing cyber maturity, and driving best-practice improvements across a range of … management levels. Skills & Experience Required 4+ years’ experience in a professional consulting role, ideally within enterprise IT security, governance, or risk management. Proven delivery experience using frameworks such as ISO27001, NIST CSF, CIS, COBIT , or equivalent. Strong client-facing skills, with the ability to communicate technical concepts to non-technical audiences. Relevant industry certifications such as CISSP, CISA, CRISC, CISM … Degree in a related discipline (e.g. Information Security, IT, Risk Management). Exposure across multiple industry sectors. Additional certifications such as CCSP, CCSE, or CCAK , or knowledge of DORA / NIS2 . Fluency in another European language (French, German, etc.) would be advantageous. This is a fantastic opportunity to work with a leading global organisation on large-scale, complex More ❯