14 of 14 Permanent ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in England

development Lead efforts to assess and mature security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security … day,’ we run a range of initiatives that support employees’ sense of belonging and physical, emotional and mental well-being. Our extensive benefits for employees typically include: Vacation / annual leave: 25 days in UK / Asia + 3 life days, 23 in US + 3 life days Private medical and dental cover and life insurance … US ‘Locate for your day’ hybrid working – 2 days a week in office. Access to Discover – our learning platform with 1000+ courses from LinkedIn Learning. Paid parental leave / Coaching and support services ‘Heads down days’ with no meetings on the last Friday of every month Diversity Council / Affinity groups (Women’s Forum, Black Employee More ❯

development Lead efforts to assess and mature security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security … fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including: Holiday - UK / Asia: 25 holiday days and 3 'life days' (in addition to bank holidays). US: 23 holiday days. 2 paid volunteer days so that you can actively support causes … Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I. Hybrid working to promote a healthy work / life balance, enabling employees to work collaboratively in the office when needed and work from home when they don't. Active support of flexible working for all employees where More ❯

on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs More ❯

on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs More ❯

Job Title: IT Security Manager Location: Hybrid in Buckinghamshire (2 days on-site) Job Type: Full-time, Permanent Salary: £60,000 - £67,000 + benefits Industry: Media / Broadcasting A leading Media / Broadcasting company based in Buckinghamshire are seeking an experienced IT Security Manager to join the Cyber Security team where you’ll mature the … Security solutions, including Defender, Sentinel, Entra ID, and Microsoft Purview. Deep knowledge and practical application of security frameworks and standards including CIS, ISO 27001 / 27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing … risk-based security metrics. Ability to bridge security and IT operations teams, with effective stakeholder communication and collaboration. Security certifications such as CISSP, CISM, Microsoft Security (SC-100 / SC-200 / SC-300), or equivalent are highly desirable. Apply directly to learn more about this exciting opportunity or connect with me on LinkedIn to stay More ❯

Job Description Role – Cybersecurity Delivery Manager Location: Milton Keynes / London / United Kingdom Job Responsibilities - Functional Domain Responsibility:  Previous work experience managing below three or more Cybersecurity delivery engagements o Audit principles and associated compensating controls o Enterprise Security architecture o Cloud Security o Vulnerability Management o E-Mail security o Web Application Firewall o … Cyber Incident Management (CERT) Delivery Operations & Excellence:  Manage & maintain steady state global delivery operations (Green)  Manage Operational / delivery issues & escalations  Ensure continuous communication & coordination with client in the event of issue / escalation  Ensure SLA / SLO attainment & process compliance along with high customer satisfaction  Act as first point of escalation for the … delivery team, account team & Client stakeholders.  Review the outcomes of the transition projects to capture learnings & disseminate across organization Technical Skills –  Basic Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5  Experience on Security tools & Technologies  Integration of testing mechanisms with industry best practices such as OWASP & NIST  Good Understanding of IT security policy, procedure, design More ❯

Architect (London | Hybrid | Cloud, NIST, SABSA) A leading global financial services firm is hiring an Enterprise Security Architect for a permanent position based in London (2 days onsite / week) . Key Tech & Frameworks: Cloud Security (SaaS, IaaS, Infrastructure) SABSA, NIST CSF, ISO 27001 / 2, SP 800-53, SANS Top More ❯

SP800-37, ISO27001) Practical experience of risk assessment processes (NIST SP800-30 and ISO 27005) Practical experience of applying security controls (NIST SP800-53 and ISO27002) Practical experience of Secure by Design requirements (ISN 2023 / 09) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Ability to interpret More ❯

outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels when necessary. When required, work … with the Director of Cyber Advisory and Head Consultant to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills / Must have: 5 years in a client-facing information / cyber security / GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience … in auditing and implementing security standards such as ISO 27001 / 2, NIST CSF, and others. Exceptional verbal, written communication, and presentation skills. Ability to articulate technical requirements to non-technical audiences. Proven self-management skills and ability to work on multiple assignments concurrently. Ability to travel to meet business needs. Benefits: Opportunity to More ❯

metrics across IS teams, prepare regulatory submissions, and track compliance. ISMS Support: Maintain the Information Security Management System (ISMS) in line with ISO 27001 / 27002. Manage governance forums, minutes, and documentation. Policies & Standards: Develop GRC policies, standards, and procedures. Track exceptions, monitor risk, and report on performance and compliance. Controls Framework: Strengthen the … identifying threats and making smart, independent decisions. A working knowledge of ISO 27001 and aligning businesses to compliance frameworks. Confidence presenting to senior internal / external stakeholders. Excellent communication skills and a collaborative mindset. Culture fit really matters here. What’s In It For You? Freedom to shape the role. Real autonomy to define … the GRC roadmap alongside the manager. Ongoing investment in you. The team is already completing certs like CISM, CRISC, OT & Cloud, ISO Lead Implementer, and more. Award-winning employer. Recognised for diversity, digital transformation, and consistently ranked among the UK’s top employers. Real cyber focus. Not just ticking compliance boxes. Cyber is a business priority. More ❯

Active Directory, and Azure AD Ability to understand and articulate interoperability between technologies and design pragmatic security solutions for the bank Effective collaboration with internal and external SMEs / partner organizations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills Recognized leading security qualification or More ❯

design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security … Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product … or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on experience with security testing tools and techniques (SAST More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol More ❯