23 of 23 Permanent ISO/IEC 27001 Jobs in Buckinghamshire

Head of Engineering A fantastic opportunity for a Head of Engineering / Software Development Manager to join a well established software organisation undergoing a major technical evolution. This is a senior strategic role leading engineering, QA and cloud operations through a significant SaaS migration and AI enablement programme. … observability and security Establish metrics driven engineering practices and lead initiatives to reduce lead time, improve deployment frequency and optimise reliability Ensure compliance with ISO27001, GDPR, PCI DSS and sector specific requirements Key focus areas for the first 18 to 24 months: Deliver the engineering enablement plan across SaaS ...

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

2, GDPR, NIS2, DORA, and other relevant EU frameworks or regulations. At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Demonstrated ability to structure and lead projects successfully Responsibilities: Lead client audits / assessments … Experience: Information Security: 5 years (required) License / Certification: PCI QSA At least one certification from each group is preferred: Group 1- CISA, ISO27001 Lead Auditor Group 2- CISSP, ISO27001 Lead Implementer, CISM Work Location: UK (Remote with client onsite travel as necessary) Expected start date: ASAP ...

Network of Member Firms on a wide range of information protection strategic and operational priorities, including those related to artificial intelligence (AI). Experience / Knowledge / Qualification Proven experience in policy writing, development, management and or compliance in one or more of the following areas: information security … subject from an accredited college or university or equivalent work experience Professional qualifications (e.g. CISSP, CISM or CRISC) is desirable but not essential Agile / Flexible Working At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy ...

Network of Member Firms on a wide range of information protection strategic and operational priorities, including those related to artificial intelligence (AI). Experience / Knowledge / Qualification Proven experience in policy writing, development, management and or compliance in one or more of the following areas: information security … subject from an accredited college or university or equivalent work experience Professional qualifications (e.g. CISSP, CISM or CRISC) is desirable but not essential Agile / Flexible Working At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy ...

patterns and message-queue-based architectures. Developing and optimizing APIs that support real-time AI monitoring with strict sub-100ms performance requirements. Integrating ML / LLM systems into production environments. Building scalable data pipelines and processing systems. Deploying and operating services on AWS infrastructure. Contributing to frontend development … needed) within a modern JS framework. Collaborating with AI researchers to productionize experimental AI safety methods. Maintaining and improving CI / CD pipelines and developer tooling. Requirements Essential Strong, proven Python development experience in production environments. Familiarity with ML / LLM systems and their integration into applications. Experience ...

cloud security architecture across AWS, Azure, and GCP, with expertise in IAM, key management, data encryption, and network segmentation Skilled in securing AI / ML workloads and data pipelines, ensuring the AI systems have controlled, auditable, and principle-based access to sensitive information Experienced with hybrid architectures integrating … security and data governance principles, including data minimisation, secure model access, and AI transparency requirements Experienced in intrusion detection and prevention systems (IDS / IPS), vulnerability scanning, endpoint protection, and security incident management Skilled in designing network and application security controls, including WAFs, firewalls, zero-trust models, and identity ...

cloud security architecture across AWS, Azure, and GCP, with expertise in IAM, key management, data encryption, and network segmentation Skilled in securing AI / ML workloads and data pipelines, ensuring the AI systems have controlled, auditable, and principle-based access to sensitive information Experienced with hybrid architectures integrating … security and data governance principles, including data minimisation, secure model access, and AI transparency requirements Experienced in intrusion detection and prevention systems (IDS / IPS), vulnerability scanning, endpoint protection, and security incident management Skilled in designing network and application security controls, including WAFs, firewalls, zero-trust models, and identity ...

regulatory compliance oversight. The successful candidate will define security standards across the business product portfolio, manage security environments, and serve as central point for ISO27001, PCI / DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Key responsibilities: Define technical security architecture … vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Maintain ISO27001 certification and manage audit cycles Ensure PCI / DSS compliance for payment processing systems Manage GDPR compliance across all products and operations Complete HECVAT ...

regulatory compliance oversight. The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI / DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security … Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain ISO27001 certification and manage audit cycles Ensure PCI / DSS compliance for payment processing systems Manage GDPR compliance across all products and operations Complete HECVAT ...

regulatory compliance oversight. The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI / DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security … Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain ISO27001 certification and manage audit cycles Ensure PCI / DSS compliance for payment processing systems Manage GDPR compliance across all products and operations Complete HECVAT ...

privileged access policies, controls, and workflows with client stakeholders across on-prem, hybrid, and cloud environments. Integrate CyberArk with enterprise tools such as AD / LDAP, ticketing systems, SIEMs, and ITSM platforms. Lead technical workshops, demos, and training sessions for a range of technical and non-technical audiences. Troubleshoot … Privileged Access Management principles and security frameworks. Proven experience in Secrets Management using CyberArk Conjur (e.g. integration with automation platforms such as CI / CD and DevOps pipelines). Scripting experience (e.g., PowerShell, Python, Bash) for automation and system integration. CyberArk Certified Delivery Engineer (CDE) ideally, minimum CyberArk Defender ...

privileged access policies, controls, and workflows with client stakeholders across on-prem, hybrid, and cloud environments. Integrate CyberArk with enterprise tools such as AD / LDAP, ticketing systems, SIEMs, and ITSM platforms. Lead technical workshops, demos, and training sessions for a range of technical and non-technical audiences. Troubleshoot … Privileged Access Management principles and security frameworks. Proven experience in Secrets Management using CyberArk Conjur (e.g. integration with automation platforms such as CI / CD and DevOps pipelines). Scripting experience (e.g., PowerShell, Python, Bash) for automation and system integration. CyberArk Certified Delivery Engineer (CDE) ideally, minimum CyberArk Defender ...

Engineering Location: Milton Keynes (2 days a week in office) Salary: £80,000 Engineering - QA - Cloud Operations - SaaS - Leadership - Azure - AWS - GCP - Architecture - AI / ML An established software provider is seeking an experienced Head of Engineering to lead their product engineering organisation through a major SaaS … Customer Experience teams to align delivery and ensure successful customer migrations Set standards for secure development, CI / CD, observability and compliance (ISO27001, GDPR, PCI / DSS) What You'll Bring Proven leadership in enterprise SaaS or major SaaS transformation programmes 8+ years in engineering, including 4+ years ...

platform; aligning to our product roadmaps. Identify and mitigate technical risks, ensuring SaaS solutions are secure. Compliance needs include keeping out SOC2 and ISO 27001 accreditations. Design and understand integration with customer networks and software products. Develop and maintain detailed high-quality design documentation. Working with ...

platform; aligning to our product roadmaps. Identify and mitigate technical risks, ensuring SaaS solutions are secure. Compliance needs include keeping out SOC2 and ISO 27001 accreditations. Design and understand integration with customer networks and software products. Develop and maintain detailed high-quality design documentation. Working with ...

house applications Develop new features and tools to agreed requirements Scope, estimate, schedule, and communicate development work Ensure solutions comply with IT security and ISO27001 standards Identify and deliver system improvements Collaborate with the Senior Developer and wider data team Too be successful as the Application Developer you will need ...

Some of our environments require security vetting and you should be comfortable undertaking that process. Skills & Requirements Significant C# and web-development experience Javascript / Typescript experience Experience programming using a functional approach (professional or hobby) Desirable Exposure to the LanguageExt library in C# ( Health industry work experience SaaS … large complex code bases Experience with .Net Framework as well as modern .Net SQL Server knowledge About Us Medical Management Systems is an ISO 27001:2013 certified organization that adheres to NHS Data Security and Protection Toolkit (DSP Toolkit) standards and GDPR compliance. As part ...

Some of our environments require security vetting and you should be comfortable undertaking that process. Skills & Requirements Significant C# and web-development experience Javascript / Typescript experience Experience programming using a functional approach (professional or hobby) Desirable Exposure to the LanguageExt library in C# ( Health industry work experience SaaS … large complex code bases Experience with .Net Framework as well as modern .Net SQL Server knowledge About Us Medical Management Systems is an ISO 27001:2013 certified organization that adheres to NHS Data Security and Protection Toolkit (DSP Toolkit) standards and GDPR compliance. As part ...

Expertise & Thought Leadership: Act as the subject matter expert for all IT & Cyber product areas (e.g., cloud, cyber security, managed services, Microsoft 365, backup / DR). Maintain cutting-edge knowledge of features, competitive positioning, and market trends. Share best practice strategies and playbooks with sales teams. Peer-review … revenue achievement. Desirable Extras: Relevant vendor certifications (e.g., Microsoft, Cisco, VMware, Fortinet). Pre-sales or sales engineering background. Experience in cyber security frameworks (ISO27001, Cyber Essentials, NIST). Track record of exceeding new business targets or KPIs in a technical sales role. Ready to become the authoritative voice that ...

Expertise & Thought Leadership: Act as the subject matter expert for all IT & Cyber product areas (e.g., cloud, cyber security, managed services, Microsoft 365, backup / DR). Maintain cutting-edge knowledge of features, competitive positioning, and market trends. Share best practice strategies and playbooks with sales teams. Peer-review … revenue achievement. Desirable Extras: Relevant vendor certifications (e.g., Microsoft, Cisco, VMware, Fortinet). Pre-sales or sales engineering background. Experience in cyber security frameworks (ISO27001, Cyber Essentials, NIST). Track record of exceeding new business targets or KPIs in a technical sales role. Ready to become the authoritative voice that ...

Expertise & Thought Leadership: Act as the subject matter expert for all IT & Cyber product areas (e.g., cloud, cyber security, managed services, Microsoft 365, backup / DR). Maintain cutting-edge knowledge of features, competitive positioning, and market trends. Share best practice strategies and playbooks with sales teams. Peer-review … revenue achievement. Desirable Extras: Relevant vendor certifications (e.g., Microsoft, Cisco, VMware, Fortinet). Pre-sales or sales engineering background. Experience in cyber security frameworks (ISO27001, Cyber Essentials, NIST). Track record of exceeding new business targets or KPIs in a technical sales role. Ready to become the authoritative voice that ...

fantastic opportunity for a Head of Engineering / Software Development Manager to join a well established software organisation undergoing a major technical evolution. This is a senior strategic role leading engineering, QA and cloud operations through a significant SaaS migration and AI enablement programme. You will drive organisational development … observability and security Establish metrics driven engineering practices and lead initiatives to reduce lead time, improve deployment frequency and optimise reliability Ensure compliance with ISO27001, GDPR, PCI DSS and sector specific requirements Key focus areas for the first 18 to 24 months: Deliver the engineering enablement plan across SaaS ...