1 to 25 of 28 Permanent ISO/IEC 27001 Jobs in Hampshire

security certifications, audits, and assurance standards for a leading Security Operations Centre (SOC) environment. This role will focus on delivering and maintaining key certifications such as ISO / IEC 27001 , SOC 2 Type II , Cyber Essentials Plus , and CREST SOC accreditation , as well as supporting sector-specific frameworks including PCI DSS and NCSC … CIR / CHECK . The ideal candidate will have a strong background in cybersecurity assurance , experience engaging with external auditors and customers , and a proactive approach to maintaining compliance and continuous improvement within a global SOC function. Key Responsibilities Certification Delivery & Maintenance Lead the delivery and ongoing maintenance of SOC-related certifications including SOC 2 Type II , SOC … ISO / IEC 27001 , Cyber Essentials Plus , and CREST . Manage sector-specific compliance such as PCI DSS and NCSC CIR / CHECK . Ensure timely renewals and proactively address compliance gaps. Security Assurance for SOC Operations Integrate certification and assurance requirements into SOC governance, processes, and operations. Maintain evidence collection and More ❯

will conduct vulnerability assessments, application security reviews, and network security analyses. Responsibilities include evaluating risks, providing actionable security recommendations, and assisting clients with compliance to established standards like ISO 27001 and PCI DSS. The role will involve working closely with clients across sectors to strengthen their overall security posture through proactive planning and solutions. Qualifications Experience … industry leading qualifications. In addition they will have: SPECIALITIES • Web Application Security (Implementation, detection, mitigation and education) • Penetration Testing and Vulnerability Assessment (Network, SCADA and Web Application) • Mobile phone / Application Penetration Testing (Android / iPhone / iPad) • Computer and Network Forensics (including e-Discovery) • Delivery of Enterprise Wide Security Programs • Operational Security (Incident Response) • Infrastructure Security … CCT-APP certifications • Current Check Team Leader (CTL) at NCSC • Current SC clearance Some of the following certifications are beneficial:- • Advanced Certified Ethical Hacker • EnCE - EnCase Certified Examiner http: / / www.encase.com • CWSP - Certified Wireless Security Professional • PWB - Offensive Security : Penetration Testing with Back|Track • SANS GCIH - GIAC Certified Incident Handler • Major involvement in Network & Web Application vulnerability More ❯

information security governance & risk management, to ensure that the organisation's security posture is robust, compliant, and adaptable to emerging threats while aligning with strategic business goals. Accountabilities Ensure ISO27001 compliance and maturity by identifying and recommending changes to Infosec policies, processes, control frameworks Ensure that we are consistently compliant with customer, regulatory, and shareholder obligations. Implement and continuously improve … the ability to oversee the implementation of appropriate controls, assurance mechanisms, and reporting frameworks. Cyber Governance & Advisory - Expertise in leading the adoption of industry cyber frameworks (e.g., NIST, ISO) and providing high-level advisory to boards, executives, and stakeholders on emerging threats and compliance posture. Incident Oversight & Resilience - Executive capability to govern cyber incident response strategies, ensuring the … to become a specialist in your field or climb to the top,we'll support you every step of the way. Job Info Job Identification 24051 Posting Date 10 / 20 / 2025, 02:21 PM Degree Level Bachelor's Degree Job Schedule Full time Locations 64 Newman Street, London, GT LON, W1T 3EF, GB National Customer Service More ❯

to the Head of IT on service compliance, health and technical risks Champion best practice across service delivery, patch management and system resilience Contribute directly to the ongoing ISO 27001 certification and Cyber Essentials Plus compliance Act as deputy to the Head of IT, maintaining continuity of leadership Some specific tasks include: Operational leadership ie lead … the following in the successful candidate: Solid, progressive experience in IT operations or Service delivery in a 200-500 user Organisation. Hands on experience with Microsoft 365, Azure AD / Entra ID and Intune endpoint management (or very close experience to this) Understanding of networking fundamentals, patch management and system monitoring. Practical knowledge of ITIL principles Confident in coaching … / mentoring / motivating others. In terms of personal attributes, its important you are methodical, calm and able to make decisions, work independently and take ownership. The team and company are super nice, so you need to be a decent, ethical person who works well in a team. Additional Information Salary is dependent upon experience. This is working More ❯

to the Head of IT on service compliance, health and technical risks Champion best practice across service delivery, patch management and system resilience Contribute directly to the ongoing ISO 27001 certification and Cyber Essentials Plus compliance Act as deputy to the Head of IT, maintaining continuity of leadership Some specific tasks include: Operational leadership – ie lead … the following in the successful candidate: Solid, progressive experience in IT operations or Service delivery in a 200-500 user Organisation. Hands on experience with Microsoft 365, Azure AD / Entra ID and Intune endpoint management (or very close experience to this) Understanding of networking fundamentals, patch management and system monitoring. Practical knowledge of ITIL principles Confident in coaching … / mentoring / motivating others. In terms of personal attributes, it’s important you are methodical, calm and able to make decisions, work independently and take ownership. The team and company are super nice, so you need to be a decent, ethical person who works well in a team. Additional Information Salary is dependent upon experience. This is More ❯

security risk management processes, across all asset types, providing risk-based advice & guidance to asset owners across the business and carrying out regular reviews of the MCA's risk / threat landscape. Be the coordinator for annual compliance reviews and audits, managing the implementation of remediation action. Managing the development & delivery of the security training and awareness plan for … mediums. Experience in threat analysis including context, identifying existing or emerging threat to assets and using that to inform security decisions. Strong understanding of a range of security standards / regulations (e.g. ISO 27001, NIST 800, GovS007, UK GDPR etc) across all areas of information security, and how these can be applied to deliver effective … / appropriate / proportionate controls across all areas to minimize impacts of security incidents. Experience of building relationships and influencing stakeholders, working collaboratively and inclusively, sharing information and knowledge to achieve common aims. Additional Information This role will be based in the Southampton HQ. MCA supports flexible working and operates a hybrid working model between home and office More ❯

issues and complex troubleshooting Support and advise on technical aspects of projects and change initiatives Promote secure-by-design principles, with a strong focus on cybersecurity and compliance (ISO 27001, GDPR, etc.) Help modernise the estate, bridging on-prem infrastructure with Azure-based services Mentor junior team members and promote knowledge sharing 🛠️ Tech Skills We’re … to bring strong hands-on experience across: On-premises infrastructure & Azure cloud environments Microsoft 365, Active Directory, Azure AD Networking fundamentals – switching, routing, firewalls, and connectivity between on-prem / cloud systems Good working knowledge of ISO 27001 and general cybersecurity best practices Understanding of ERP systems (SAP experience is a bonus) Scripting or automation … e.g., PowerShell, Python) and familiarity with Git / version control 👤 You’ll Succeed If You... Have a delivery-first mindset and can balance strategic thinking with day-to-day problem-solving Are confident influencing and collaborating with technical and non-technical stakeholders alike Enjoy mentoring and raising the technical bar for those around you Thrive in a hands-on More ❯

Job Opportunity: Information Security Officer (Cyber & Assurance) Working Model: Litchfield – 1 / 2 days a fortnight Salary: Permanent OR Contract Opportunity available Are you an Information Security professional looking to make a real impact at national scale ? We’re recruiting an experienced Information Security Officer to join a high-performing Cyber Security & Assurance function within a leading public sector … assessments, and compliance checks Deliver cyber awareness and training programmes across the organisation Maintain asset registers, audit trails, and security logs as evidence of compliance Work closely with internal / external partners to address vulnerabilities and cyber risks Produce high-quality reports and metrics for senior leadership and governance boards Participate in cyber forums and working groups to stay … organisation, and stakeholder-engagement skills Ability to operate independently with strong accountability Experience conducting audits, assurance reviews, and compliance assessments Commitment to continuous learning and development in cybersecurity MOD / Defence Sector Experience 🎁 What’s in It for You Flexible hybrid working model Clear progression pathways within Cyber Security & Information Assurance More ❯

security risk management processes, across all asset types, providing risk-based advice & guidance to asset owners across the business and carrying out regular reviews of the MCA's risk / threat landscape. Be the coordinator for annual compliance reviews and audits, managing the implementation of remediation action. Managing the development & delivery of the security training and awareness plan for … mediums. Experience in threat analysis including context, identifying existing or emerging threat to assets and using that to inform security decisions. Strong understanding of a range of security standards / regulations (e.g. ISO 27001, NIST 800, GovS007, UK GDPR etc) across all areas of information security, and how these can be applied to deliver effective … / appropriate / proportionate controls across all areas to minimize impacts of security incidents. Experience of building relationships and influencing stakeholders, working collaboratively and inclusively, sharing information and knowledge to achieve common aims. The base pay is £44,241. In addition to this, the role includes a Digital and Data allowance of up to £14,756 The value More ❯

Role: IT SecOps Engineer Contract Type: Permanent Location: Banbury / Hybrid working, 3 days in office. This role can be based out of any office on the Chiltern network Salary: Up to 58,000 per annum Closing Date: Monday 24th November 2025 There is an expectations to travel to different Chiltern sites outside of your base location to support … risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report / escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive … protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid / Southeast Region - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … professional registration at either Chartered or Principal for Risk Management. Active DV clearance required Strong working knowledge of: Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system secure design MOD / GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements More ❯

Design & Architecture : Lead the design and architecture of on-premises, cloud, and hybrid infrastructure solutions. Infrastructure Management : Oversee the management and maintenance of core infrastructure services, including servers (Windows / Linux), storage, networking, firewalls, and backup systems. Cloud & Virtualization : Manage cloud environments (AWS, Azure, GCP) and virtualization platforms (VMware, Hyper-V). Security & Compliance : Enforce security best practices and … support compliance with frameworks such as ISO 27001. Automation & Monitoring : Drive automation efforts using tools like Terraform, Ansible, and implement robust monitoring systems (e.g., Zabbix, Prometheus). Team Leadership : Manage, mentor, and support a team of infrastructure engineers while fostering a culture of continuous improvement and knowledge sharing. Desired Experience and Skills: A minimum of 7 years in … problem-solving, communication, and documentation skills. Qualifications: Bachelors degree in computer science , Information Technology , or a related field (or equivalent experience). Industry certifications such as ITIL , MCSE , CCNA / CCNP , AWS / Azure Solutions Architect are preferred. More ❯

Cloud Platform Assured Workloads, private clouds). Security frameworks and compliance standards relevant to defenceand national security (e.g., NCSC best practices, NIST 800-53, DISA STIGs, SOC 2, ISO 27001). Secure cloud architecture patterns (e.zero trust, micro-segmentation, data loss prevention, encryption at rest and in transit). Infrastructure-as-Code (IaC) and automation for … PhD degree in a relevant technical field. Industry Experience Specific experience working with the UK Ministry of Defence(MOD), UK Intelligence Community (UKIC), or other national security agencies. Agile / DevOps Expertise Experience leading and implementing DevSecOpspractices in regulated environments. Publications / Presentations Contributions to industry publications or presentations on cloud security or architecture topics. What can we … Work scheme. Contributory company pension. Discretionary Bonus scheme. Secure, on site parking, cafe, restaurant, and gym facilities. Casual dress. Free hot and cold drinks in our own, modern kitchen / break out. A word on UK Security Clearance Due to the secure nature of the position and working environment, you must be a UK sole national and either have More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid / Southeast Region - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You’ll collaborate with multi … part of a knowledge-sharing culture, working alongside expert peers in Secure Architecture and Risk Planning. Key Responsibilities Deliver Secure by Design risk and security assurance functions within MOD / Public Sector. Lead and advise on risk management frameworks, ISMS, and Enterprise Security Risk Management. Facilitate security and risk workshops with Authority departments. Produce clear reporting on vulnerabilities, risks … professional registration at either Chartered or Principal for Risk Management. Active DV clearance required Strong working knowledge of Security Assurance Coordinator or Delivery Team Security Lead roles JSP440, JSP604 / 453 & JSP490 Working with system secure design & MOD / GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements More ❯

service offerings. Key responsibilities: Deliver advanced security consultancy across Azure and AWS. Conduct posture assessments, gap analyses, and configuration reviews. Design secure architectures aligned with NCSC, CIS, and ISO 27001. Advise on governance, compliance (ISO 27001, Cyber Essentials Plus, NIST). … Collaborate with SOC and engineering teams to strengthen detection and identity controls. You’ll need: 4+ years’ experience in security consulting, architecture, or engineering. Strong technical knowledge of Azure / AWS security tooling and frameworks. Experience designing or assessing secure cloud solutions. Excellent communication and stakeholder management skills. Nice to have: DevSecOps or infrastructure-as-code experience (Terraform, ARM More ❯

PAM Engineer (Active SC Clearance Required) Location: Workingham, Hybrid 2 days onsite Contract Duration: Initial 6 months Rate: £480 / day (Inside IR35) We’re seeking an experienced PAM Engineer to join a high-security environment. This role involves designing, implementing, and maintaining enterprise-grade PAM solutions to protect critical systems and identities. Please note: Active SC Clearance is … Defender, Sentry, or CPC). Strong understanding of Active Directory, LDAP , and authentication protocols. Scripting experience (PowerShell, Python) for automation and reporting. Familiarity with compliance and regulatory frameworks (ISO 27001, NIST, GDPR). Excellent analytical, communication, and … documentation skills. Preferred Qualifications Certifications such as CISSP , CISM , or CyberArk CDE . Experience with cloud platforms (AWS, Azure, GCP) and hybrid infrastructures. Exposure to DevSecOps practices and CI / CD pipeline integration. More ❯

service improvement. Key Responsibilities Lead design and architecture of on-premises, cloud, and hybrid infrastructure solutions including servers, storage, virtualization, and networking. Manage and maintain core infrastructure services (Windows / Linux servers, virtualization platforms, firewalls, disaster recovery). Deploy and administer cloud platforms (AWS, Azure, GCP) and virtualization technologies (VMware, Hyper-V). Ensure 24 / 7 system … Implement infrastructure automation using tools like Terraform and Ansible. Maintain monitoring and alerting systems such as Zabbix, Prometheus, or Nagios. Enforce security best practices and support compliance audits (ISO 27001, CE+). Manage, supervise, and mentor infrastructure engineers, promote knowledge sharing and continuous improvement. Candidate Profile Bachelor’s degree in Computer Science, Information Technology, or equivalent More ❯

service improvement. Key Responsibilities Lead design and architecture of on-premises, cloud, and hybrid infrastructure solutions including servers, storage, virtualization, and networking. Manage and maintain core infrastructure services (Windows / Linux servers, virtualization platforms, firewalls, disaster recovery). Deploy and administer cloud platforms (AWS, Azure, GCP) and virtualization technologies (VMware, Hyper-V). Ensure 24 / 7 system … Implement infrastructure automation using tools like Terraform and Ansible. Maintain monitoring and alerting systems such as Zabbix, Prometheus, or Nagios. Enforce security best practices and support compliance audits (ISO 27001, CE+). Manage, supervise, and mentor infrastructure engineers, promote knowledge sharing and continuous improvement. Candidate Profile Bachelor's degree in Computer Science, Information Technology, or equivalent More ❯

Qualifications Bachelor’s degree in Information Security, Risk Management, or related field. 2+ years of experience in GRC, compliance, or risk management roles. Familiarity with frameworks such as ISO 27001, NIST, SOC 2, or GDPR. Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Preferred Skills Experience with GRC tools (e.g., Archer, ServiceNow More ❯

project feasibility and planning, translating business needs into technical solutions. Cybersecurity & Compliance: Lead the development of robust security practices and ensure alignment with regulatory frameworks (e.g., GDPR, HIPAA, ISO 27001). Continuous Improvement: Drive system enhancements, automation opportunities, and cross-team knowledge sharing. Mentorship: Uplift the technical capabilities of teams through coaching, collaboration, and support. What … including APIs, databases, and cloud platforms (preferably Azure). Proficiency with Microsoft 365, Active Directory, and modern workplace technologies. Familiarity with ERP systems (e.g., SAP) and system integrations. Scripting / automation skills (e.g., PowerShell, Python) and experience with version control (e.g., Git). Solid understanding of cybersecurity and data protection standards. Excellent communication and influencing skills-able to bridge More ❯

business systems. Scripting or automation (PowerShell, Python, etc.) and experience in source control tools (eg Git) is advantageous. Strong awareness of cybersecurity and data protection principles (eg GDPR, ISO 27001). Interpersonal Skills Ability to influence without authority and foster collaboration across disciplines. Clear communicator with the ability to engage both technical and nontechnical stakeholders. Strong More ❯

workload and meet deadlines Desirable Skills UK Cyber Security Council registration Knowledge of HMG or MoD security policy Secure by Design experience Experience with NIST, CAF, GovAssure or ISO 27001 audits Understanding of supplier assurance Experience reviewing penetration test and vulnerability outputs Additional Requirements SC or DV clearance preferred or willingness to be vetted Right to More ❯

Cyber Security Engineer, COR7396 This is an excellent opportunity for a candidate with a background / previous career in general server / network / infrastructure support, now working as a Cyber Security Engineer or Cyber Security Analyst, to join a growing, award-winning company, at their head offices in Basingstoke. The successful Cyber Security Engineer will be … required to have a full-UK driving license as this role will involve ad hoc travel to other sites / data centres. The Role The Cyber Security Engineer will be joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular … IDS / IPS, Firewalls, VPN, EDR / XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing / vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if More ❯

Fortinet, Palo Alto, Juniper, Check Point, or Netskope, and familiarity with SIEM, SOAR, and managed security services. Strong understanding of enterprise security architecture frameworks (e.g. SABSA, TOGAF, NIST, ISO 27001). A confident, engaging personality with the ability to build rapport and credibility with customers at all levels. Excellent communication and presentation skills with the ability More ❯

role Role Responsibilities: Infrastructure: Maintain and enhance IT infrastructure, including VMware ESXi, Microsoft Windows Server environments, and Network Monitoring and networking components. There is some minimal work supporting AWS / Linux server infrastructure as well. Ensure system reliability, scalability, and performance through proactive monitoring and automation. Maintain and improve local network environments, including Dell servers and Dell switch configurations. … SSO, SAML, Entra Connect). Develop and manage automation solutions to streamline infrastructure deployment, management, and monitoring. Implement and optimize automation tools such as Azure DevOps (or other CI / CD pipelines), Terraform, Node-Red, and Packer. Deploy and manage monitoring tools (Zabbix, SolarWinds SentryOne, and other network / database monitoring solutions). Ensure secure cloud infrastructure management … CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001. An understanding of network security and compliance in regulated environments. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP / IP). Proficiency in firewall and load balancer technologies for secure environments. Hands-on experience with virtualization platforms (VMware, Citrix Xen) and backup solutions (Veeam or similar). Experience More ❯