19 of 19 Permanent ISO/IEC 27001 Jobs in the East of England

vulnerability assessments. The ability to manage business and IT expectations, compliance, and Security requirements are critical to success. You should also have the ability to manage a small team / vendor resources for tasks assigned by Cyber Assurance Program Managers. Each Technical Project Manager will be responsible for oversight of a subset of annual penetration tests. This includes planning … include? Manage application and security assessments allocated by Cyber Assurance Program managers from start to end of the penetration Testing lifecycle. Testing should occur on time and output findings / reports should be communicated to internal stakeholders after review. Work with Cyber Assurance Program managers and Internal AXAXL stakeholders to strategically plan testing windows on suitable dates. Assisting testers … with Scoping Calls, ensuring prerequisites are in place in advance of test dates.Troubleshooting procedural / technical challenges and any blockers faced by testers. Ensure smooth delivery and completion of penetration tests. Providing regular updates to Cyber Assurance Program Managers on status of tests you have been allocated to support. Perform Technical Vulnerability and Web Application scans and provide output More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

Enterprise Risk Management Framework. Ensuring compliance with applicable legislation, regulatory requirements, and business obligations, as well as adherence to the most current frameworks and standards (e.g., Licence 4, ISO 27001, WLA:SCS, PCI-DSS, and DPA 2018). Coordinating and participating in internal and external security and privacy audits. This includes ensuring necessary evidence is available … concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability to … technical, complex, or sensitive issues and risks to a diverse audience and align them with broader governance frameworks Formal education or certifications in Information Security, such as a BSc / MSc in Information Security, or certifications like CISM, CISSP, or equivalent What’s In It For You? Amazing company to work for. Competitive benefits. For further information on this More ❯

todeliver against agreed targets. Who we're looking for Ideally, you'll have experience leading within a risk management role and havea good knowledge of methodologies such as IEC 62443 and ISO 27005. Knowledge ofcontrol frameworks such as NIST, IEC 62443, ISO 27001, ITIL (InformationTechnology Infrastructure Library), and SABSA is More ❯

The Cybersecurity team, within the IT department, is responsible for information and Cybersecurity. Responsibilities include information and cybersecurity risk management, and ensuring compliance to CAA, NIS and ISO27001 standards. The team also works closely with our majority shareholders, and partners, such as retailers, ground handlers, as well as suppliers, to ensure a joined-up approach to information and cyber security. … projects, and assisting with regulatory compliance to encourage continual enhancement of our IT security environment. Key responsibilities and accountabilities: * Endpoint monitoring and analysis. * Malware analysis and forensics research. * Understanding / differentiation of intrusion attempts and false positives. * Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders. * Enforce security policies, procedures, and guidelines for … all IT systems and operations. * Provide recommendations for improving security practices to meet evolving regulatory and organisational needs. * Vulnerability identification & mitigation / remediation. * Advise incident responders & other teams on cybersecurity threats. * Triage security events and incidents and apply containment and mitigation / remediation strategies. * Collaborate with other IT teams to ensure seamless security integration with infrastructure, applications, and More ❯

and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8 / 5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender. Role This company is seeking an experienced DevSecOps … testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI / CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident … GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com / privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving … to work every day. And you'll never stop growing, whatever your level . Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers More ❯

HQ Permanent, Full-time Monday to Friday: 37.5 hours per week You will lead technical discovery sessions, design scalable solutions across Microsoft 365, Azure, Microsoft Sentinel, Intune, and network / firewall infrastructure, and support the sales team with pre-sales input and client proposals. You will also guide project delivery, ensuring solutions are implemented to a high standard with … queries. Understanding incident response, security event correlation, and automation via Logic Apps. Solid understanding of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune / Endpoint Management: Deployment and configuration of Intune, AutoPilot, configuration profiles, compliance and security policies. Experience with application deployment, device encryption, and monitoring / reporting. Integration with Defender for … subnets, VLANs, NAT, DNS, DHCP. Configuration and deployment of firewalls (e.g., Cisco ASA, Fortinet, Ubiquiti), including site-to-site VPNs, remote access VPNs, and secure segmentation. DNS and SSL / TLS certificate management. Ability to engage with clients during scoping calls, solution workshops, and technical reviews. Experience creating proposals, high-level designs (HLD), low-level designs (LLD), and cost More ❯

to interpret IT Risk regulatory requirements and translate them into actionable sales opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and / or optimizing these solutions. Proven strategic experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem-solving skills with experience in data-driven … in risk management tools and frameworks, as well as development of IT methodologies and practices. Significant experience in driving regulatory compliance requirements (e.g., UK Corporate Reform, SOx, GDPR, ISO 27001) and industry best practices. What we look for We are interested to hear from people who are motivated to form a part … of a growing team, who embrace diversity and inclusion and who are market-oriented and ready to help our clients solve and control their biggest issues, risks and regulatory / compliance requirements. What we offer EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance More ❯

information security. Strong working knowledge of the Cyber Essentials framework. Familiarity with the security and operational demands of the renewable energy or utilities sector. Proficiency with firewall configuration, antivirus / endpoint protection tools, and secure system administration. Experience with Windows environments and user access management. Ability to document and communicate technical policies and compliance processes clearly. Self-driven with … strong organisational and troubleshooting skills. Desirable: Previous experience achieving Cyber Essentials or ISO 27001 certification in an energy-related organisation. Familiarity with NIS regulations, GDPR, or Ofgem compliance frameworks. Understanding of Azure cloud platforms, including relevant security controls. Experience of querying SQL Server databases using T-SQL for data validation, reporting, or audit support. Relevant industry More ❯

Architect (Security), you'll work directly with major enterprise customers, playing a strategic role in advisory, design, and technical delivery. What you'll do Provide expert guidance across SASE / SSE, PAM, detection, and data centre security technologies Lead customer engagements, providing advisory services, architecture guidance, roadmap planning, and solution governance Define and document high-level solution designs, technical … architecture engagements at the enterprise level Expertise in Secure Access Service Edge (SASE) and Secure Service Edge (SSE), especially with Zscaler Experience in at least three enterprise Zscaler SSE / SASE projects Ability to provide presales advisory, requirements gathering, and high-level solution design Strong understanding of Zscaler architecture and troubleshooting Broad knowledge across IAM, SSO, MFA, PAM, and … IDaaS Strong background in core security technologies such as firewalls, IDS / IPS, endpoint protection, and encryption Comfortable working with cloud platforms and designing secure architectures across Azure, AWS, or Google Cloud Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security More ❯

Architect (Security), you'll work directly with major enterprise customers, playing a strategic role in advisory, design, and technical delivery. What you'll do Provide expert guidance across SASE / SSE, PAM, detection, and data centre security technologies Lead customer engagements, providing advisory services, architecture guidance, roadmap planning, and solution governance Define and document high-level solution designs, technical … architecture engagements at the enterprise level Expertise in Secure Access Service Edge (SASE) and Secure Service Edge (SSE), especially with Zscaler Experience in at least three enterprise Zscaler SSE / SASE projects Ability to provide presales advisory, requirements gathering, and high-level solution design Strong understanding of Zscaler architecture and troubleshooting Broad knowledge across IAM, SSO, MFA, PAM, and … IDaaS Strong background in core security technologies such as firewalls, IDS / IPS, endpoint protection, and encryption Comfortable working with cloud platforms and designing secure architectures across Azure, AWS, or Google Cloud Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security More ❯

Architect (Security), you'll work directly with major enterprise customers, playing a strategic role in advisory, design, and technical delivery. What you'll do Provide expert guidance across SASE / SSE, PAM, detection, and data centre security technologies Lead customer engagements, providing advisory services, architecture guidance, roadmap planning, and solution governance Define and document high-level solution designs, technical … architecture engagements at the enterprise level Expertise in Secure Access Service Edge (SASE) and Secure Service Edge (SSE), especially with Zscaler Experience in at least three enterprise Zscaler SSE / SASE projects Ability to provide presales advisory, requirements gathering, and high-level solution design Strong understanding of Zscaler architecture and troubleshooting Broad knowledge across IAM, SSO, MFA, PAM, and … IDaaS Strong background in core security technologies such as firewalls, IDS / IPS, endpoint protection, and encryption Comfortable working with cloud platforms and designing secure architectures across Azure, AWS, or Google Cloud Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security More ❯

global team of security professionals Ensure compliance with ISO 27001, Cyber Essentials+, GDPR, and client standards Own and manage the cyber security budget Lead internal / external audits, client due diligence, and risk reviews Drive security awareness and training firm-wide Collaborate with IT, Risk, Legal, and senior business stakeholders More ❯

a proactive first-line defender of the digital estate. You will be working for a top 15 accountancy practise with a people centric culture and excellent progression opportunities. Role / Responsibilities Designing, delivering, and evaluating engaging technical and security training programmes that empower employees to thrive in a secure, technology enabled environment. Awareness of regulatory and compliance frameworks (ISO 27001, GDPR, Cyber Essentials), with a willingness to deepen understanding. … Experience delivering or co-delivering training sessions whether in-person, virtually, or through recorded content with an appreciation for adult learning principles. Familiarity with Learning Management Systems (LMS) and / or e-learning tools like KnowBe4. More ❯

a proactive first-line defender of the digital estate. You will be working for a top 15 accountancy practise with a people centric culture and excellent progression opportunities. Role / Responsibilities Designing, delivering, and evaluating engaging technical and security training programmes that empower employees to thrive in a secure, technology enabled environment. Awareness of regulatory and compliance frameworks (ISO 27001, GDPR, Cyber Essentials), with a willingness to deepen understanding. … Experience delivering or co-delivering training sessions whether in-person, virtually, or through recorded content with an appreciation for adult learning principles. Familiarity with Learning Management Systems (LMS) and / or e-learning tools like KnowBe4. More ❯

and ML capabilities. Embed intelligence into digital products and services. Collaborate on innovation and stay current with emerging tech trends. Risk, Compliance & Security Ensure compliance with regulations (GDPR, ISO 27001, etc.). Implement security protocols around data access, retention, and classification. Work with InfoSec and Legal to manage data risk and incident response. What Success Looks … forward. A clear AI and analytics roadmap is in execution. Ideal Candidate Profile Proven leadership in fast-paced, evolving data environments. Expertise across data engineering, architecture, analytics, and ML / AI. Strong experience with cloud-native platforms and real-time data. Skilled in Power BI, Tableau, SQL, Python, Spark or equivalent tools. Effective stakeholder communicator and team mentor. Background More ❯

it supports our commercial objectives and long-term product vision. Foster a culture of technical excellence, leading our Software, DevOps, and IT teams to deliver high-quality products. Champion ISO27001 compliance, ensuring our security practices are practical, effective, and customer-friendly. Drive product delivery, working closely with Product and Commercial teams to define the product roadmap, align delivery timelines, and More ❯

to meet deadlines and client expectations Monitor team performance, identify improvements, and implement continuous improvement initiatives (LEAN / Six Sigma) Ensure compliance with ISO standards (ISO9001, ISO27001, ISO10008) and all Health & Safety requirements Collaborate with cross-functional teams to deliver new projects and support business growth Produce clear management reporting, dashboards, and KPIs to track performance and … profitability 🔹 What We’re Looking For Proven supervisory / management experience in scanning or production environments Strong knowledge of scanning hardware / software (IBML, Kodak, Kofax / Tungsten) Excellent people management and team leadership skills Commercially aware with experience in cost control, operational planning & modelling Confident in Microsoft Office, with advanced Excel skills desirable Understanding of GDPR More ❯