12 of 12 Permanent ISO/IEC 27001 Jobs in Avon

build and operate the Azure-based Internal Developer Platform as a product, enabling self-service environment provisioning and repeatable golden paths. Develop and maintain Infrastructure as Code (Terraform and / or Bicep) modules and reusable templates for AKS, networking, storage, databases, and app runtimes. Implement and evolve CI / CD pipelines (HL version control set) with quality gates … testing, security scanning, and progressive delivery. Introduce and run GitOps for Kubernetes (AKS preferred), patterns and multi-environment promotions. Own platform observability: metrics, logs and traces using Azure Monitor / Log Analytics / Application Insights, plus Datadog / Grafana where appropriate. Embed security by design: Azure Policy, Defender for Cloud, secrets management with Key Vault, SBOM and … image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs / SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform enhancements. Implement cost visibility and optimisation (FinOps More ❯

principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication and … space system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

architecture and secure design Strong knowledge of security frameworks (ISO 27001, NIST, GDPR, OWASP, PCI) Experience in application, infrastructure, or enterprise architecture Familiarity with CI / CD and Continuous Security practices Solid understanding of network, web app, and cryptographic security Proven ability to coach and develop others Excellent communication and stakeholder engagement skills Eligibility Requirement … right next step for you, we'd love to hear from you. Please reach out to discuss the role in more detail or to express your interest. Reference: AMC / CLI / SARC #coli More ❯

authority and governance for the effective use of technical security controls across the firm Act as an escalation point for threat hunting and security incidents Investigate alerts from Azure / Defender, IT monitoring systems, and 3rd-party SOC, helping to ensure critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365 / Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS, SaaS More ❯

including firewalls, segmentation and secure remote access Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers More ❯

within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport More ❯

Senior Cyber Security Engineer / Threat Intelligence Specialist Bristol (Hybrid) | Up to £81,000 + Excellent Benefits Join a leading UK law firm shaping the future of cyber resilience. About the Role My client are seekinga Senior Cyber Security Engineer / Threat Intelligence Specialist to strengthen and mature our firms cyber defence and incident response capabilities. Youll be … business assets. Contribute to the development of new cyber technologies, strategies, and roadmaps aligned to firm-wide IT goals. Manage vendor relationships and support supplier selection. Ensure compliance with ISO27001, GDPR, Cyber Essentials Plus, and other regulatory frameworks. What Were Looking For Proven experience in Cyber Security, Threat Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft … A genuine passion for cyber security and a drive to stay ahead in this constantly evolving space. Qualifications Degree in Cyber Security or a related discipline (desirable) Relevant certifications (ISO27001, Cyber Essentials Plus, GDPR) are advantageous. More ❯

with strong technical knowledge across on-prem and cloud environments, and ideally experience in areas such as: Network security, IAM, SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience in Operational Technology would be an added bonus Due to the nature of the More ❯

with strong technical knowledge across on-prem and cloud environments, and ideally experience in areas such as: Network security, IAM, SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience in Operational Technology would be an added bonus Due to the nature of the More ❯

and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus – Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯

Excellent communication and problem-solving skills Nice to Have Coding / scripting (Python, Bash, C#) Web / mobile app testing, reverse engineering, or malware analysis Audit experience (ISO27001, CTAS, CAS(T)) Mentoring or leadership capability Why Apply? Join a highly skilled team tackling complex cybersecurity challenges. This role offers real technical variety, professional growth, and the chance to More ❯

ready for operational handover. Manage risks associated with installation or decommissioning, communicating with project managers and other stakeholders, and adopting measures to reduce risks. Plan, estimate, and schedule installation / decommissioning work, minimizing disruption and seeking necessary approvals for changes. Maintain high levels of IT security by implementing security baselines and configuration hardening in collaboration with cyber security engineers. … relevant infrastructure experience in an IT Engineer role. Strong experience with Microsoft environments and implementing security best practices. Knowledge of network security principles, IAM, and compliance frameworks like ISO 27001. Proficiency in virtualisation technologies, public cloud platforms, and hybrid environments. Excellent communication skills, able to act as a bridge between technical and non-technical stakeholders. If you are More ❯