1 to 25 of 29 Permanent ISO/IEC 27001 Jobs in the City of London

Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS). The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients … security posture to clients and partners Occasional international travel may be required Candidate Requirements ISO 27001 Lead Auditor certification and / or extensive experience with ISO 27001 standards 5+ years’ experience in IT or Security audits, assessments or compliance management Strong ...

more major modules of our platform (e.g., discovery & mapping, risk scoring & analytics, automated response). You will work closely with the CTO / founder, engineering, data / AI teams, UX / design, marketing, and customer-success to define product strategy, prioritise features, and deliver value to customers … business. You will play a key role in shaping the product direction, defining metrics, understanding market / competitive dynamics, and ensuring that we build a product that addresses real pain points for our users (e.g., cybersecurity / risk teams, GRC teams, supply chain teams). Key Responsibilities: Define ...

mainly focusses on information security, cybersecurity, and data security from a Greenfield perspective. We are on a journey to secure Cyber Essentials plus and ISO27001 certification. You MUST have experience working with banking / financial services regulations, FCA, PRA etc. Liaison with the Head Office, Security Operation Centre … audits. You will be part of the IT committee and work closely with the risk and compliance team. Ideally, having a background in IT / Network security, progressing into information security and cybersecurity. **Key Responsibilities:** - Develop, draft, implement, and maintain information security policies, procedures, and guidelines. - Conduct regular security ...

with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ISO 22301 / business continuity Coordinate internal / external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate ...

compliance specialists. * Support internal capability development, including the creation of OT security frameworks and training materials. Required Skills: * Approximately 5 years' experience in OT / ICS cyber security or C&I system engineering, including security risk management. * Familiarity with control system architectures (PLC, DCS, SCADA) and industrial network protocols. … assessments, system security evaluations, or vulnerability analysis. * Working knowledge of applicable standards (IEC 62443, NCSC CAF, ISO 27001 / 27019, NIST 800-82). * Strong writing and communication skills able to translate technical findings into clear, actionable recommendations and specifications. * Eligible ...

including those in FTSE 350, will allow you to gain experience across a range of sectors including: Financial Services, Banking, Insurance and Investment Corporates / Private Sector / Industry & Services Central and Local Government Retail and Consumer products organisations Job Purpose The role is to support the team … fieldwork and preparation of deliverables including actively contributing to final recommendations. Your responsibilities include: Actively involve in the delivery of our Internal Audit / Consulting engagements. Act a subject matter expert in various security and risk management domains (e.g., IT risk management, cyber risk, security target operating model, governance ...

audit findings in clear, well-structured reports, highlighting control deficiencies, root causes, risk implications, and actionable recommendations for management and governance stakeholders. Required Skills / Experience: - Strong understanding of ISA 315 / 330 / 402 - Experience delivering IT Assurance, SOC 1 & 2, and IT Internal Audit engagements. … across varied system environments. - Sound knowledge of ERP systems (SAP, Oracle, Dynamics, Sage, Xero) and cloud platforms (AWS, Azure, GCP). - Familiar with ISO 27001, COBIT, and NIST frameworks. IT Audit Assistant Manager In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position ...

Security Project Manager £600 / day Leeds (3 days onsite per week) Outside IR35 About the Role As the Security Project Manager, you will play a crucial part in the successful delivery of the company's Security Improvement Programme. Your primary responsibility will be to lead the planning, execution ...

fast-growingspecialistsoftwarecompanyatapivotalmomentinitsjourney. WhyThisRoleisDifferent Since2013,TrinitatumhavebuiltareputationservingglobalenergytradingandfinancialservicesorganisationswiththeirTriangleTestAutomationplatform - reducingtestingeffortbyover70%andacceleratingreleasesfromweekstodays.Theirrecentstrategicpartnershipsareopeningglobalmarkets,andtheyneedatechnologyleaderwhocanscalewiththem. You'llworkdirectlywiththeirCEOChrisJonesandtheseniorleadershipteamthroughthreedistinctphases: Phase1:TheFixer(Months1-6) Rapidlyassess,identifygaps,andimplementcriticalfoundationsfromsecurityposturetooperationalresilience. Phase2:TheBuilder(Months6-18) Establishscalablestructuresandleadtheproductroadmap.Drivebestpracticedevelopmentstandards,buildsecuritycredentials(SOC2,ISO27001),andarchitectforscaleacrosstheirAzure / .NETstack. Phase3:TheScaler(18+months) TransitionintotheCTOrole.Leadtechnicalvision,scaleengineeringcapabilityinternationally,anddrivemarketdifferentiationthroughtechnicalexcellence. YourFirst12Months:TheMission-CriticalChallenges Workingshoulder-to-shoulderwithChris,you'lltacklefourkeyareas: ProductSecurity&Compliance AuditTriangle,implementend-to-endsecurityimprovements,andestablishpathwaystoSOC2complianceforourhighlyregulatedclients … ProductRoadmap&Strategy Createaconversationalroadmapthatbalancesnewfeatureswithtechnicaldebtwhilstguidingcustomerenhancementpriorities BestPracticeDevelopmentStandards Implementautomatedtestingframeworks,introduceBDDpractices,andbuildacultureofcontinuousimprovement OperationalResilience Eliminatesinglepointsoffailure,createredundancy,andestablishrobustbusinesscontinuitycapabilities WhatMakesYouExceptional Youbring: Deep.Netmasteryyou'vebuiltproductionsystemsatscale StrongAzurearchitectureexperiencewithcloud-nativedesignpatterns Demonstrablesecurityframeworkexperience(SOC2,ISO27001,ITIL) Hands-onautomatedtestingframeworksexpertise PracticalBDDfamiliarity Moreimportantly,youare: Astrategicpartnerwhocanbalancetechnicalexcellencewithcommercialreality Hands-onwhenneededcomfortablecoding,reviewingarchitecture,ordebuggingcriticalissues Ateambuilderreadytorecruit,mentor,anddeveloptechnicaltalent Customer-awareyouunderstandthatTriangleservesmission-criticaltradingsystemswherereliabilitymatters Growth-orientatedexcitedbythejourneyfromspecialistconsultancytoglobalsoftwareplatform BonusPointsFor: ETRM / CTRMplatformexperience,financialservicesorenergysectorbackground,experiencewithEndur / Findur / ...

Experience and Skills Required At least seven years’ experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and / or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing … CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

include overseeing major security initiatives such as the implementation and optimisation of Microsoft security solutions (Defender, Purview, Sentinel), ensuring alignment with frameworks including ISO 27001, NIST, and COBIT, contributing to vulnerability scanning, and facilitating penetration testing activities to identify and remediate risks across … technology estate. Required Technical Experience Strong experience working in Azure Cloud environments Hands-on experience deploying, configuring, and implementing Microsoft Defender, Purview, and / or Sentinel Familiarity with the wider Microsoft infrastructure stack, including Active Directory, Entra ID, Intune, and related technologies Candidates with a passion for Microsoft security ...

will act as the organisation's subject matter expert on information security compliance and data protection, ensuring adherence to recognised standards such as ISO 27001, Cyber Essentials Plus, and NIS2, alongside compliance with the UK General Data Protection Regulation (UK GDPR) and other relevant legislation. … have certification in CIPP / E, CIPM, CIPT, CISSP, or equivalent privacy or cybersecurity qualification - A strong knowledge of GDPR, UKGDPR ePrivacy Directive, ISO27001, national data protection laws and FOIA is a must - The ability to handle sensitive and confidential information with integrity is necessary and a priority ...

will act as the organisation’s subject matter expert on information security compliance and data protection, ensuring adherence to recognised standards such as ISO 27001, Cyber Essentials Plus, and NIS2, alongside compliance with the UK General Data Protection Regulation (UK GDPR) and other relevant legislation. … have certification in CIPP / E, CIPM, CIPT, CISSP, or equivalent privacy or cybersecurity qualification - A strong knowledge of GDPR, UKGDPR ePrivacy Directive, ISO27001, national data protection laws and FOIA is a must - The ability to handle sensitive and confidential information with integrity is necessary and a priority ...

Role: Security & Information Risk Advisor (SIRA) Location: London (hybrid) Rate: £500-550 p / d Duration: Initial 6 month work package Start: January 2026 Active SC clearance is required. We're looking for an experienced Security & Information Risk Advisor to support secure, high-impact programmes within a sensitive … supplier and third-party security controls What You'll Bring Experience in information security, risk management, or assurance Strong understanding of NCSC guidance, ISO 27001, and government security classifications Ability to communicate risk clearly to technical and non-technical audiences If you're ready to apply ...

Incident Response Identity, Access & Data Security Risk & Compliance Support Security Training and awareness Required Technical Experience: Proven experience in a hands-on IT security / cybersecurity role Logging and monitoring Security Tooling (vulnerability scanning (Tenable, Qualys, Rapid7) Endpoint or network security platforms IAM or access control systems Ability … analyse security findings and implement effective technical remediation Strong understanding of security controls, policies, and technical standards Desirable Experience working with ISO 27001, NIST, or similar frameworks Exposure to security architecture or secure system design ...

Management. Experience in senior stakeholder engagement and management reporting. Ability to coach and mentor team members. Deep understanding of IT security frameworks (SOX, FFIEC, ISO27001, NIST, PCI-DSS, Cloud Security Alliance). Strong managerial and leadership skills. Hands-on experience as an IT auditor, security auditor, or GRC analyst. Excellent … systems (OS, databases, firewalls, SIEM, DLP). Cloud Platforms: AWS and Azure. AI Knowledge: Understanding of AI principles and security implications. Solutions / Technical Network Architecture: Ability to design secure technical solutions and network architectures. Controls Experience: Strong background in implementing and assessing security controls. Splunk Knowledge: Familiarity with ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...

protocols (LDAP, SAML, OAuth, OpenID Connect). Proficiency in cross-platform scripting (e.g., T-SQL, PowerShell, Bash) and integration with on-premise / cloud directory services (Azure AD, GSuite, LDAP … . Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role ...