13 of 13 Permanent ISO/IEC 27001 Jobs in Avon

build and operate the Azure-based Internal Developer Platform as a product, enabling self-service environment provisioning and repeatable golden paths. Develop and maintain Infrastructure as Code (Terraform and / or Bicep) modules and reusable templates for AKS, networking, storage, databases, and app runtimes. Implement and evolve CI / CD pipelines (HL version control set) with quality gates … testing, security scanning, and progressive delivery. Introduce and run GitOps for Kubernetes (AKS preferred), patterns and multi-environment promotions. Own platform observability: metrics, logs and traces using Azure Monitor / Log Analytics / Application Insights, plus Datadog / Grafana where appropriate. Embed security by design: Azure Policy, Defender for Cloud, secrets management with Key Vault, SBOM and … image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs / SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform enhancements. Implement cost visibility and optimisation (FinOps More ❯

Cyber Consultant - Governance, Risk & Compliance (MOD / Defence - SC) Location: Remote / Southwest on-site presence Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Hold an active and transferable SC clearance Willingness to undergo DV clearance / UK Citizen / residing in UK Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system More ❯

high performing Security team Leading by example to create a culture of continuous service improvements About you Experience in a regulated environment, preferably Financial Services. Previous experience in Information / Cyber Security, with demonstrable experience of Cloud Security tooling, to reduce risks and maintain strong controls in a DevSecOps cloud context Highly organised with the ability to prioritise workload … for example CCSK, CCSP, CISSP, CRISC Hands on demonstratable experience and knowledge of: Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017 / 27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF Atlassian, IAAC Terraform, Merge Requests, GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal … / Purview, Microsoft Information Protection (AIP), Azure Security Centre. Strong experience with DevOps practices, continuous integration / continuous deployment (CI / CD) pipelines, and related tools Ability to evaluate the adequacy of cloud security controls, and how they are applied in a business context. Interview process The interview process for this role will be in two stages. More ❯

providing advice & guidance on a wide range of projects and BAU work. Primarily working on IT projects & programmes across IT Defence Portfolio, youll take responsibility for the installation and / or decommissioning of products and services. Responsible for delivering multiple IT platforms across both hybrid and on-premises environments. These platforms combine traditional virtualised infrastructure with cloud-based services. … secure, resilient, and supportable infrastructure components that align with architectural standards and project timelines. Specifically: Builds and configures on-premises infrastructure Deploys and integrates cloud-based services (e.g. IaaS / PaaS / SaaS, virtual machines, storage, networking, identity). Ensures systems are built in line with approved high-level and low-level designs Collaborates with solution architects, programme … and compliance frameworks (e.g. ISO 27001, Cyber Essentials Plus). Understanding of data classification, encryption standards (e.g. at rest and in transit), and secure storage / access principles. Experience supporting and configuring enterprise server platforms. Familiarity with virtualisation technologies used in production environments. Exposure to public cloud platforms and integration with on-premises systems. General More ❯

access. Knowledge of identity and access management (IAM), including multi-factor authentication (MFA), RBAC, and conditional access policies. Familiarity with common regulatory and compliance frameworks (e.g.NIST, CIS Controls, ISO 27001, Cyber Essentials Plus). Experience aligning infrastructure builds with cyber security standards such as … NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage / access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated authentication models Understanding of security automation concepts, including security orchestration and More ❯

SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience within Operational Technology / IoT-rich environments would be an added bonus If this sounds like a role you would be interested in, please apply online ASAP - Shortlisted applicants will be contacted within More ❯

SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO 27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience within Operational Technology / IoT-rich environments would be an added bonus If this sounds like a role you would be interested in, please apply online ASAP - Shortlisted applicants will be contacted within More ❯

business stakeholders to agree, implement, and manage security controls for key business systems and processes. Coordinate security inventories, scheduled team activities, actions, and improvements. Generate ongoing team reporting, metrics / KPIs, and dashboards for stakeholders, including senior leadership and governance committees. Support information security incident response and recovery efforts as directed, including Post Incident Reviews and implementing control improvements. … Skills / Experience: Industry-recognised security certifications such as Security+, CEH, or CySA+. Familiarity with basic security principles and practices. Knowledge of a range of technical security controls and their operations Familiarity with compliance and audit tools, risk assessment methodologies, and security technologies. Broad ranging analyst skills acquired while working on diverse … IT and / or business projects. Proven experience in performing IT / Cyber security control assessment reviews. Experience working with Information security frameworks and compliance standards (e.g. ISO27001, Cyber Essentials Plus, NIST, SOC2 and PCI-DSS). Strong interest in Information security and technology, and motivated to learn new technologies. Robert Half Ltd acts as an employment business More ❯

fast-growing consultancy. Key Responsibilities of the IT Technical Lead: Define and maintain TwinStream's IT strategy in partnership with leadership. Take ownership of our IT estate, from AWS / M365 accounts to endpoint management. Provide technical leadership and mentoring to the IT team. Drive incident resolution and problem management when needed. Partner with stakeholders across Delivery, InfoSec, Finance … Infrastructure as Code (Terraform, Microsoft365DSC, etc.). Backup & Disaster Recovery planning and execution. SaaS deployment and support, ensuring compliance. Engaging with stakeholders at all levels. Desirable extras: Knowledge of ISO27001, Cyber Essentials Plus, and information security tooling. Public sector client experience. Linux and Windows system administration. Why Join Us? Generous Pension – 8% employer contribution Private Medical Healthcare – including dental & optical More ❯

to the team. Key Responsibilities of the Lead Infrastructure Engineer: Define and maintain TwinStream's corporate IT strategy with senior leadership. Own and manage the IT estate—from AWS / M365 accounts to mobile devices and laptops. Provide technical leadership, mentoring, and guidance to the IT team. Work with our Service Manager to continuously improve IT capabilities as an … monitoring). Infrastructure as Code (Terraform, Microsoft365DSC). Backup & Disaster Recovery planning and execution. SaaS deployment and integration. Strong stakeholder engagement and communication skills. Nice to Have: Knowledge of ISO27001, Cyber Essentials Plus, and InfoSec tooling. Experience working with public sector customers. Linux and Windows system administration. Why Join Us? Pension Plan – 8% employer contribution. Private Medical Healthcare – including dental More ❯

and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus – Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯

ready for operational handover. Manage risks associated with installation or decommissioning, communicating with project managers and other stakeholders, and adopting measures to reduce risks. Plan, estimate, and schedule installation / decommissioning work, minimizing disruption and seeking necessary approvals for changes. Maintain high levels of IT security by implementing security baselines and configuration hardening in collaboration with cyber security engineers. … relevant infrastructure experience in an IT Engineer role. Strong experience with Microsoft environments and implementing security best practices. Knowledge of network security principles, IAM, and compliance frameworks like ISO 27001. Proficiency in virtualisation technologies, public cloud platforms, and hybrid environments. Excellent communication skills, able to act as a bridge between technical and non-technical stakeholders. If you are More ❯

and market leading manner. This position is a key part of ensuring ongoing work is delivered effectively for the Pensions Administration business. The role will report into the Work / Skill Leads and will be part of the Admin Systems team. You will work closely with the Pensions Administration business as well as stakeholders from across Isio. What does … team to develop and enhance understanding. Participate in the training and development of the Admin Systems team as well as mentoring less experienced colleagues. Ensure processes support Isio’s ISO27001 & ISO22301 certifications and are built with security considerations as a key element. What we’re looking for Proven record of delivering solutions across pensions admin systems. Proven systems expertise across More ❯