1 to 25 of 32 Permanent ISO/IEC 27001 Jobs in Central London

controlled, transparent, and low-risk manner. The role supports agile delivery while maintaining strong controls aligned to ITIL 4 Change Enablement, ISO / IEC 27001, and DORA operational resilience requirements. Key Responsibilities Own and maintain Change Management policies, procedures, standards, and governance frameworks … Management within complex, regulated environments Strong knowledge of ITIL 4 Change Enablement and operational risk controls Experience aligning change processes with ISO / IEC 27001 and DORA requirements Hands-on experience managing Change processes in ServiceNow Strong understanding of Agile delivery models ...

Senior Security Analyst / Security Engineer London (City) | £80,000–£90,000 | PermanentIf you’re the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn’t happen again — this role is built for you.We’re hiring … hands-on Senior Security Analyst / Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years ...

Information Security Analyst (GRC / ISO27001) DGH Recruitment are currently recruiting on behalf of a leading global client who are looking for an Information Security Analyst to join the team on a permanent basis in their London office. The role will work as part of a global team providing … Strong knowledge of ISO 27001 implementation and certification - Strong knowledge of governance, risk and compliance - Certifications such as CISSP, CISA, ISO27001 Lead Auditor (desirable) Information Security Analyst (GRC / ISO27001) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised ...

mainly focusses on information security, cybersecurity, and data security from a Greenfield perspective. We are on a journey to secure Cyber Essentials plus and ISO27001 certification. You MUST have experience working with banking / financial services regulations, FCA, PRA etc. Liaison with the Head Office, Security Operation Centre … audits. You will be part of the IT committee and work closely with the risk and compliance team. Ideally, having a background in IT / Network security, progressing into information security and cybersecurity. **Key Responsibilities:** - Develop, draft, implement, and maintain information security policies, procedures, and guidelines. - Conduct regular security ...

with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ISO 22301 / business continuity Coordinate internal / external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate ...

regulated environments; familiarity with AI and data frameworks (DAMA-DMBOK, NIST AI RMF, ISO 23894, ISO 27001, GDPR / DPA 2018); hands-on with platforms such as Microsoft Purview, Azure ML, Databricks, Power BI, Collibra, or Alation; exposure to MLOps practices. ...

Assurance Lead (CISA / Audit) City of London - Hybrid Working Responsibilities: - Plan, lead, and deliver a diverse portfolio of IT Assurance and Consulting engagements, including IT External Audit Support, SOC 1 & SOC 2 Attestations, IT Internal Audit Reviews, Regulatory Compliance Assessments, and Operational Resilience evaluations, ensuring quality delivery within … audit findings in clear, well-structured reports, highlighting control deficiencies, root causes, risk implications, and actionable recommendations for management and governance stakeholders. Required Skills / Experience: - Strong understanding of ISA 315 / 330 / 402 - Experience delivering IT Assurance, SOC 1 & 2, and IT Internal Audit engagements. ...

including those in FTSE 350, will allow you to gain experience across a range of sectors including: Financial Services, Banking, Insurance and Investment Corporates / Private Sector / Industry & Services Central and Local Government Retail and Consumer products organisations Job Purpose The role is to support the team … fieldwork and preparation of deliverables including actively contributing to final recommendations. Your responsibilities will include: Being activelyinvolved in the delivery of our Internal Audit / Consulting engagements. Act a subject matter expert in various security and risk management domains (e.g., IT risk management, cyber risk, security target operating model ...

operational improvements and recommending remediation actions. Business Systems Implementation Support the selection process and deployment of core business platforms (Portfolio Management, CRM, Microsoft 365 / Google Workspace, ERP / Finance). Support client(s) in navigating the technology landscape surrounding Digital Assets and cryptocurrency investments. Infrastructure, Security & Resilience … migration projects, including network redesign, platform hardening, and workload migration. Design, implement, and optimise Identity & Access Management (IAM) solutions (e.g., Okta, Microsoft Entra ID / Azure AD, Ping Identity). Implement and support secure remote access and VPN solutions (e.g., Palo Alto Global Protect, Cisco AnyConnect, Zscaler ZPA). ...

compliant and resilient technology estate. You will also contribute to enhancing identity security, infrastructure protection, awareness initiatives, and the onboarding of systems to SOC / SIEM tooling. This role is ideal for someone with strong technical knowledge, excellent communication skills and a passion for defending large-scale environments from … DMARC / DKIM / SPF, networking fundamentals and TCP / IP. Familiarity with frameworks such as MITRE ATT&CK, ISO27001, CIS benchmarks, NIST, Cyber Essentials. Ability to explain technical concepts to non-technical audiences. Strong documentation, analysis and problem-solving skills. Experience in security auditing ...

Cybersecurity leadership Strong knowledge of ISO 31000, NIST RMF, ISO 27001 and CIS Controls Experience working with OT / industrial environments Proven ability to influence senior stakeholders in a global organisation Relevant degree in Information Security, Risk, Computer Science or similar Professional certifications ...

Experience Essential: Strong grounding in security engineering principles, practices and risk management. Experience working with a broad range of security controls (e.g., SIEM, IDS / IPS, firewalls, secure SDLC, cloud security configuration, CIS hardening, API security). Knowledge of security frameworks such as NIST, ISO 27001 … equivalent professional certification. Multi-year experience in a security engineering role. Desirable: CISSP certification. Cloud security certifications for AWS. Risk management experience (CRISC, ISO 27005, NIST RMF). Network security and coding experience (Python, Bash, PowerShell, GitHub). Penetration testing exposure. ...

roadmaps, adoption frameworks, and business cases for GCP migration. Design scalable, secure and resilient GCP cloud architecture Conduct cloud assessments, maturity evaluations, and TCO / ROI analysis for clients. Guide clients through modernization of legacy workloads into cloud-native architectures. Align technical decisions with business outcomes and long-term … Provide oversight to migration waves, cutover planning, operational readiness, and risk management. Application & Data Modernization Lead modernization using GKE, Cloud Run, Cloud Functions, Pub / Sub, Dataflow, BigQuery, and managed databases. Define rehost, replatform, refactor strategies for application and data migration. Architect microservices, event-driven and serverless patterns. Governance ...

managing Azure infrastructure including writing and maintaining Terraform modules for Azure resources and implementing infrastructure changes through workflows. Experience with version control (GitHub / ADO), code reviews, and understanding of infrastructure drift detection and remediation. Configuration Management (Ansible) - Proficient in using Ansible for configuration management, application deployment, and orchestration … Azure AD), Azure RBAC, Privileged Identity Management (PIM), managed identities, service principals, and Azure AD Connect for hybrid scenarios. Experience managing user provisioning / deprovisioning, conditional access policies, multi-factor authentication, Azure AD Application Proxy, federated authentication, SAML / OAuth integration, and implementing least-privilege access controls across ...

existing technologies and services Reporting on control effectiveness and risk posture to governance forums Supporting incident management and resolution of major security / data incidents Required experience and skills include: Strong knowledge of IT security technologies (e.g. IAM, SIEM, firewalls, cloud platforms such as AWS / Azure) Understanding … application security threats and emerging information security risks Hands-on experience with IT risk frameworks (e.g. ISO 27001, COBIT, NIST) Strong stakeholder management and communication skills across technical and non-technical audiences Ability to balance commercial priorities with security, risk, and compliance needs ...

Experience and Skills Required At least seven years’ experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and / or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing … CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

grounding in NIST, ISO 27001, and CIS frameworks Broad cyber experience with depth in at least one area (cloud, IT / tech, OT, IAM, third-party risk, IR / BC) Experience or strong exposure to M&A and Private Equity Ability to explain complex ...

Role: Security & Information Risk Advisor (SIRA) Location: London (hybrid) Rate: £500-550 p / d Duration: Initial 6 month work package Start: January 2026 Active SC clearance is required. We're looking for an experienced Security & Information Risk Advisor to support secure, high-impact programmes within a sensitive … supplier and third-party security controls What You'll Bring Experience in information security, risk management, or assurance Strong understanding of NCSC guidance, ISO 27001, and government security classifications Ability to communicate risk clearly to technical and non-technical audiences If you're ready to apply ...

engineers through effective Standard Operating Procedures (SOPs). Senior 3rd Line IT Engineer - Key Responsibilities Act as the primary escalation point for complex 2nd / 3rd line incidents and service requests across infrastructure, networking, Azure, Microsoft 365, and cybersecurity. Manage and maintain client systems and centralized services, including Mimecast … communication skills Ability to work independently and collaboratively across teams Experience with Cyber Essentials, Cyber Essentials Plus, and other frameworks such as NIST, ISO27001 Commitment to producing clear documentation and knowledge sharing Desirable Certifications Microsoft Certified: Azure Administrator / Solutions Expert CompTIA Security+, CISSP, or similar cybersecurity qualification ITIL ...

Information Security Analyst (GRC / ISO27001) DGH Recruitment are currently recruiting on behalf of a leading global client who are looking for an Information Security Analyst to join the team on a permanent basis in their London office. The role will work as part of a global team providing … following; - Supporting the maintenance of the IS0 27001 certification (risk assessment, managing ISMS, pr click apply for full job details ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...