1 to 25 of 232 Permanent ISO/IEC 27001 Jobs in London

Location: London / Greater London / Home-based with regular travel Reports To: Certification Manager / Head of Audit and Compliance Department: Information Security Certification About Us We are a UKAS-accredited certification body delivering independent audit and certification services across multiple management system standards, including ISO 9001, ISO 14001, and ISO … Lead Auditor based in or around London to join our expanding audit team. Youll lead and conduct Information Security Management System (ISMS) audits in line with ISO / IEC 27001:2022 , ISO 17021 , and UKAS requirements. Key Responsibilities Plan, conduct, and report Stage 1, Stage 2, surveillance, and recertification audits for … ISO 27001. Assess client ISMS implementations for conformity and effectiveness against ISO / IEC 27001:2022. Lead audits independently or as part of a multi-standard team (e.g. ISO 9001, ISO 22301, ISO 27701). Produce clear, objective audit reports with evidence-based findings and More ❯

and leading high-performing technical presales or sales engineering teams Broad technical foundation across areas such as cloud infrastructure, security and compliance, APIs, integrations, and modern approaches to AI / ML Demonstrated success in supporting large enterprise opportunities, from proof-of-value through to close This company values a top academic history so are looking for a 2.1 or … on with critical opportunities Responsibilities for Technical Presales Team Leader You will start leading a team of 4 Junior Pre-Sales Engineers in a role with an 80% sales / 20% solutions engineering split supporting how the software is integrated with customers: Lead, mentor, and grow a team of Tech Sales Specialists and Solutions Engineers Define best practices, playbooks … SaaS Integrations / APIs / Security / Compliance / AWS / Azure / GCP / NLP / ML / ISO27001 / SOC2 / GDPR More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / uk.linkedin.com / company / ryder-reid-legal More ❯

Cyber Security Engineer (Hedge Fund) - Python / Powershell / SQL / Tableau BI / NIST / CISSP / CISA - PERM We are seeking a Cyber Security Risk Engineer with a robust background in the full suite of modern technologies employed within an enterprise environment. This role requires a deep understanding of operating systems (Windows … risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications / Skills Required Demonstrated experience working with information technology, information security, compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk … express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client / third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and / … organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security … Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001 / 2, PCI, CIS 18, CMMC Principal Cloud Security: 4+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards Hands-on experience with a More ❯

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies, balancing exceptional user experience with enterprise grade security. We operate under an ISO / IEC 27001 certified ISMS and an ITIL aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … plans, schedules, and resource models. Oversee functional, regression, integration, UAT, and performance testing. Manage test environments, data, automation frameworks, and tooling. Ensure coverage across EUC technologies including Windows 10 / 11, Microsoft 365, collaboration tools, and VDI platforms. Lead defect management, triage, and resolution processes. Provide clear reporting on test progress, risks, and issues to senior stakeholders. Ensure compliance … with ISO / IEC 27001, IT governance, and change management processes. Drive continuous improvement of testing methods, automation, and processes. This is a leadership role with real visibility, ensuring that secure, user-centric solutions are delivered consistently and effectively. What We’re Looking For We would love to hear from you if you More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm's long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / company / ryder-reid-legal More ❯

shape how a global IT consultancy delivers trusted, ethical AI solutions. Role responsibilities As an AI Assurance Specialist, you’ll take ownership of: Leading and maintaining ISO / IEC 42001 certification for AI management systems. Translating AI risks (bias, transparency, accountability, explainability) into practical compliance controls. Acting as a primary point of contact for AI … audits, RFPs / RFIs, and customer assurance queries. Tracking and aligning with emerging AI regulations (EU AI Act, NIST AI RMF, OECD principles, and beyond). Driving continuous improvement across AI governance, data management, and assurance processes. What you'll bring Ideally experience delivering ISO certifications (ISO / IEC 42001, ISO 27001, or similar). Strong knowledge of AI compliance / governance, model lifecycle assurance, and risk management frameworks. Familiarity with AI regulation and ethical AI considerations. Excellent communication skills – able to influence senior stakeholders and simplify complex assurance topics. A delivery-driven mindset with confidence working across technical and client facing teams. Salary is competitive More ❯

ROLE OVERVIEW / / We are recruiting for an experienced Technology Innovation Manager to join our Technology Team. This role will lead our efforts to leverage emerging technologies, particularly artificial intelligence and high- to enhance operational excellence within legal services. Working closely with the Head of Innovation and the broader technology leadership team, the successful candidate will bring … AI initiatives. The role currently reports to the Chief Information Officer (CIO) but this may be subject to change, with strategic direction from the Head of Innovation. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below, though others may arise as needed. You may occasionally be required to work outside the normal hours … Innovation solutions, ensuring alignment with business needs and regulatory requirements. Evaluate the impact of new technologies on legal operations, productivity, and client service, with a clear understanding of upstream / downstream dependencies. Practical innovation delivery lead short innovation trials and technical prototypes, with a fail fast mentality. Translate experimental results into actionable technical recommendations and oversee transition planning and More ❯

Ensuring that all procedural, process, and policy documentation pertaining to GRC and audit requirements remains up-to-date and relevant. Provide assistance, as and where required, to complete GRC / Audit requirements for client derived security self-assessment (SSA) questionnaires. Managing PCI Pal's outsourced Data Privacy programme and ensuring compliance to global data privacy regulations is always adhered … our commitments and requirements to managing a security, education, training and awareness (SETA) programme. WE WANT TO HEAR FROM YOU IF YOU: Possess extensive and comprehensive knowledge of Information / Cyber Security processes and methodologies as they relate to maintaining compliant PCI DSS and ISO certified environments. Have exceptional knowledge of steering and strategically managing GRC and … listed within the You Will be Responsible For section), e.g. PCI DSS, ISO 27001:2022, SOC2 etc. Possess a good, and demonstrable, understanding of EU / UK GDPR and the Data Protection Act 2018 etc. Have led and managed audit programmes from inception to completion for PCI DSS and ISO 27001 More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

Location: London / Leicester / Essex Hybrid: 2-3 days in office Our client is financial service company. They are looking for a passionate and detail-oriented Information & Cyber Security Executive to join the teams. The role encompasses all aspects of information security including organisational security and governance, people security, physical (site) security and technical security controls. The … salary up to £80k base + £5k car allowance and other benefits. What You'll Do Assess compliance with internal security policies and industry standards (eg, ISO / IEC 27001 / 2, PCI-DSS). Conduct supplier risk assessments and third-party due diligence. Support vulnerability assessments, incident investigations, and operational resilience More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

product to running product service support. Hire, develop, mentor and retain top talent against the established engineering career paths. Partner with Product colleagues to align delivery roadmap to strategy / OKRs, ensuring predictable delivery and outcomes. Partner with the Solution Design and Platform Engineering teams to evolve to scalable, secure, observable architectures (APIs, microservices, event-driven, domain-driven design … . Institutionalize modern delivery practices on the engineering practices and route-to-Live delivery and drive metrics-led improvement using DORA + cost-to-serve. Own CI / CD strategy (pipeline standardization, policy as code, quality gates, security scanning) and implement test automation at all levels. Embed DevSecOps and SRE practices across the Engineering team: SLOs / SLIs … ways of working, collaboration, continuous improvement with high levels of trust and autonomy. Excellent communication and influencing skills, including the capability and gravitas to operate execs, engineers, and regulators / auditors. Client / Customer-centric mindset; measurable impact on revenue, activation, retention, and cost-to-serve. Ability to create a positive and collaborative climate in which people want More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and … managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as … CISM, CISSP, CRISC, ISO 27001 Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization’s risk register. Support efforts More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and … managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as … CISM, CISSP, CRISC, ISO 27001 Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization’s risk register. Support efforts More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and … managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as … CISM, CISSP, CRISC, ISO 27001 Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization's risk register. Support efforts More ❯