23 of 23 DemandTrendPermanent ISO/IEC 27001 Jobs in Bristol

Information Security Engineer Hybrid: Remote / Bristol Reporting to: Joe Mathews - VP of Technology Salary: £45,000 - £50,000 About Us Duel is a SaaS company on a mission to make Brand Advocacy the industry standard philosophy for building brilliant retail brands. It was founded by world record-breaking adventurer and former brand ambassador Paul Archer, alongside viral games … and fixes are applied in a timely manner. Learn and implement security monitoring and automation solutions to detect and respond to threats. Help manage security tooling, including SIEM, IDS / IPS, and vulnerability scanning solutions. Work closely with engineers to support secure coding practices and help embed security considerations early in the development process. Assist in securing infrastructure and … with compliance automation tools such as Secureframe, Drata, or Vanta Experience working with pen testing and bug bounties a plus Basic understanding of security tools such as SIEM, IDS / IPS, and vulnerability management solutions Experience or knowledge of cloud security (AWS, GCP, or Azure) Awareness of security best practices in application and infrastructure security Some exposure to IAM More ❯

Microsoft Dynamics Nav Developer. This is an excellent opportunity to make a meaningful impact within a collaborative and forward-thinking environment. The Role at a Glance: Microsoft Dynamics NAV / BC Developer - C / AL / AL. 100% Remote UK £60,000 - £70,000 Training and Development Contributory pension scheme, Perkbox Membership Company: Leading provider of tailored … chain, inventory management and the back-office; benefiting both the NHS and healthcare suppliers Pedigree: First GS1 UK Approved Solution for inventory management in the NHS. ISO / IEC 27001:2022 Certified. ISO Certified Awards: Extensive awards in the Heath Tech, Innovation & Supply Chain Categories Other Tech Innovations: 360 Healthcare Management … Familiar with Microsoft SQL Server, XML, APIs, and other OOP languages (e.g., C#, Java). Tooling & Standards: •Experienced with DevOps, GitHub, and automated testing tools. •Knowledge of ISO9001 and ISO27001 standards and integrated management systems. Consultancy & Mentoring: •Consultancy experience in Microsoft Dynamics NAV / BC implementations. •Familiar with third-party NAV / BC tools such as Tasklet Mobile More ❯

Birmingham, Bristol, Manchester, Reading, St Albans Business Line Enabling Functions Job Type Permanent / FTC Date published 07-Aug-2025 19967 Connect to your Industry Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can … experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security / cybersecurity domain, with a focus on policies and standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences … at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO / IEC 27001 / 27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel More ❯

sacrifice scheme Life Insurance (3x annual salary) Employee Assistance Programme (EAP) and workplace wellbeing initiatives Private Healthcare cash-back scheme Flexible working hours and location, open to part-time / condensed hours Flexible benefits, such as: Cycle to Work, volunteer days / opportunities and charity events Enhanced parental leave packages and enhanced sick pay Training and development opportunities … team building, company-wide events Role specifics Salary range: Market rate Reporting to: Head of Platform Key stakeholders: Technology and Product, InfoSec, Support Organisational Framework Level: 3 About you / Job Summary We are seeking a pragmatic and highly skilled DevSecOps Engineer to join our Platform team. In this role, you will be responsible for identifying, prioritising and remediating … prem systems. Define and run patch management processes for virtual machines, containers and serverless functions. Integrate vulnerability scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI / CD pipelines. Security Analysis & Incident Response Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging More ❯

principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication and … space system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication and … space system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

Job Title: Cyber & Information Security Lead Type: Full Time & Permanent Location: Hybrid / Bath, England About the Role: Seeking a senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s … Key Responsibilities: Security Strategy : Define and maintain a robust security strategy aligned with business goals and growth. Compliance : Ensure adherence to key standards including DSPT, Cyber Essentials Plus, and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage … security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge of UK healthcare security frameworks like DSPT, DTAC, and NCSC CAF. ISO 27001 : Proven track record in implementing and maintaining ISO 27001:2022-certified ISMS. Secure by Design : Deep understanding of secure SDLC and embedding More ❯

Cyber Security Consultant - Risk Consultant (MOD / Defence - SC) Location: Remote / Southwest on-site presence Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal for Risk Management. Hold an active and transferable SC clearance Willingness to undergo DV clearance / UK Citizen / residing in UK Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system More ❯

down to the successful candidate. You can expect: Design and manage scalable, secure cloud environments using Azure Bicep, ARM, or Terraform Lead the implementation of DevSecOps practices including CI / CD, secrets management, zero-trust security, and vulnerability management Develop secure cloud-native architectures including microservices, containers, and serverless patterns Ensure compliance with industry security and privacy standards ( e.g. … ISO 27001, SOC 2, GDPR) Secure containerised environments, including Kubernetes and Docker Collaborate with developers to integrate secure deployment pipelines across the SDLC Support deployments in client environments, including on-prem and multi-cloud Continuously improve infrastructure processes for performance, reliability, and security Where you'll be stretched (and thrive): We're growing fast: That means … skillsyou'll need to succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI / CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as More ❯

Location: Bristol, GB, BS16 1EJ Onsite or Hybrid: Job Title: Cyber Security Lead Location: Warrington, Bristol or Leicester Compensation: Up to £58,104 + Benefits Role Type: Full time / Permanent Role ID: SF66104 At Babcock we're working to create a safe and secure world, together, and if you join us, you can play your part as a … out of the ordinary. We are looking for a Cyber Security expert with proven working experience within a complex organisation responsible for critical defence programmes. Closely working with government / MOD client, programme partners, and design collaborators, you will ensure the highest standards of cybersecurity across all stages of development. Day-to-day, you'll have the following responsibilities … entries, Risk Balance Cases, Information Asset Owner forms, Supplier Assurance Questionnaires. Experienced in relevant Security Policy and Cyber Security Frameworks including the GovS 007, MOD Secure by Design (SbD), ISO27001 - Information Security Management Systems, NIST, NCSC IA Guidance Qualifications for the Cyber Security Lead Educated to degree level or holds a relevant professional qualification or equivalent experience. Security Clearance The More ❯

Business Line Enabling Functions Job Type Permanent / FTC Date published 05-Jun-2025 19325 Connect to your Industry Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and … and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem … self to work every day. And you'll never stop growing, whatever your level. Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers WPFULL SLICSS BAGLOB LOCGAT LOCREA LOCALB More ❯

We’re looking for a Senior Cloud / Infrastructure Engineer with strong Oracle Cloud (OCI) expertise. You’ll design, build, and support mission-critical cloud environments, driving automation, migrations, and innovation on high-impact projects. Location - Bristol (Hybrid) Key Skills: Strong knowledge of OCI services (compute, storage, networking, load balancers) Automation with Terraform, Ansible, Python, Bash, PowerShell Experience with … CI / CD pipelines (Jenkins, GitHub Actions) Knowledge of IAM, VPNs, WAF, GDPR, ISO 27001 Exposure to Autonomous DB, Exadata, Data Guard, Kubernetes, Docker Security clearance (or willingness to obtain More ❯

Were looking for a Senior Cloud / Infrastructure Engineer with strong Oracle Cloud (OCI) expertise. Youll design, build, and support mission-critical cloud environments, driving automation, migrations, and innovation on high-impact projects. Location - Bristol (Hybrid) Key Skills: Strong knowledge of OCI services (compute, storage, networking, load balancers) Automation with Terraform, Ansible, Python, Bash, PowerShell Experience with CI / CD pipelines (Jenkins, GitHub Actions) Knowledge of IAM, VPNs, WAF, GDPR, ISO 27001 Exposure to Autonomous DB, Exadata, Data Guard, Kubernetes, Docker Security clearance (or willingness to obtain More ❯

ability to understand how architects and designers employ technology to build systems of interest Digitally literate (including fluency in Microsoft Office tools) Able to understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't have a fixed More ❯

practice. Reporting to the Head of Security & Governance , the successful candidate will play a central role in delivering risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day … to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response … including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . In-depth knowledge of ISO27001, GDPR, FCA SYSC, PCI DSS and other regulatory / compliance frameworks. Hands-on experience with security technologies: SIEM, IAM, vulnerability assessment, endpoint protection, cloud services (AWS, SaaS, IaaS) . More ❯

architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS / IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices Maintain clear documentation of risk, incidents, and security configurations Contribute to evolving internal … controls and support continuous improvement in InfoSec Required Skills & Experience: Strong knowledge and hands-on experience with cloud security (AWS and / or Azure) Proven ability to perform detailed risk assessments and identify meaningful control improvements … Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP / IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are More ❯

architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS / IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices Maintain clear documentation of risk, incidents, and security configurations Contribute to evolving internal … controls and support continuous improvement in InfoSec Required Skills & Experience: Strong knowledge and hands-on experience with cloud security (AWS and / or Azure) Proven ability to perform detailed risk assessments and identify meaningful control improvements … Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP / IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are More ❯

architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS / IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices Maintain clear documentation of risk, incidents, and security configurations Contribute to evolving internal … controls and support continuous improvement in InfoSec Required Skills & Experience: Strong knowledge and hands-on experience with cloud security (AWS and / or Azure) Proven ability to perform detailed risk assessments and identify meaningful control improvements … Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP / IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical risk to non-technical stakeholders Relevant certifications are More ❯

pure' managerial role with no hands-on technical work Technical knowledge of Windows Server, Azure, Active Directory and cloud-based O365 environments Strong knowledge of IT Security and ISO 27001 standards A mix of polictical and technical skills A personable nature, able to manage up and down where requried The successful IT Infrastructure Manager will work … fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary / contract vacancies we are acting as an Employment Business. More ❯

pure' managerial role with no hands-on technical work Technical knowledge of Windows Server, Azure, Active Directory and cloud-based O365 environments Strong knowledge of IT Security and ISO 27001 standards A mix of polictical and technical skills A personable nature, able to manage up and down where requried The successful IT Infrastructure Manager will work … fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary / contract vacancies we are acting as an Employment Business. More ❯

management, including due diligence and third-party incident management. Work closely with stakeholders to provide advice in relation to third party information security risks, recommending risk mitigation strategies and / or advising on risk exceptions based on the business' risk appetite. Driving policy & standard governance processes including creating new policies and standards where required. Managing framework alignments, identifying gaps … at all levels and be confident in influencing business areas to meet compliance requirements. Demonstrable experience of working with compliance and risk management in a NIST CSF (Preferable) or ISO27001 aligned environment, along with an understanding of PCI-DSS. Experience in managing supply chain risk, including due diligence, risk escalation and treatment. Good writing capabilities, analytical skills, including demonstrated experience More ❯

to deliver cyber services, working closely with those responsible for service delivery. Managing and coordinating all processes and work instructions documented in accordance with Jisc's certifications, including ISO9001, ISO27001, and CREST. Developing and implementing strategies to streamline the onboarding process, ensuring it is efficient and effective. Quickly addressing and resolving any issues or challenges that arise during the onboarding … bank holidays) that includes three closure days over Christmas plus the opportunity to buy up to an additional 5 days leave during the flexible benefits window A comprehensive 24 / 7 mental health support package, including coaching and appropriate counselling or specialist therapy, with no predetermined limit on the number of sessions you can access Annual Jisc performance award More ❯

e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government) Undertake cyber security vulnerability analysis to provide a rich picture of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across … Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't have a fixed More ❯