Central London, London, United Kingdom Hybrid / WFH Options
Velocity Talent Ltd
Location: London / Greater London / Home-based with regular travel Reports To: Certification Manager / Head of Audit and Compliance Department: Information Security Certification About Us We are a UKAS-accredited certification body delivering independent audit and certification services across multiple management system standards, including ISO 9001, ISO … in or around London to join our expanding audit team. Youll lead and conduct Information Security Management System (ISMS) audits in line with ISO/IEC 27001:2022 , ISO 17021 , and UKAS requirements. Key Responsibilities Plan, conduct, and report Stage 1, Stage 2, surveillance, and recertification … audits for ISO 27001. Assess client ISMS implementations for conformity and effectiveness against ISO/IEC 27001:2022. Lead audits independently or as part of a multi-standard team (e.g. ISO 9001, ISO 22301, ISOMore ❯
program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and … / or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in … security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security More ❯
program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and … / or analysis and investigations, ideally in complex environments, with security event correlations across a variety of sources i.e. cloud, network, endpoint, logs Ability to perform detailed assessments, identify areas for improvement and make recommendations to transform an organisation's cyber security operations and capabilities to better protect, detect and rapidly respond to modern threats Demonstrated experience in … security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security More ❯
threat modelling, risk assessments, and recommend effective security controls following "Secure by Design" principles Develop security documentation, reference architectures, and governance frameworks aligned with NIST, NCSC, and ISO standards Collaborate with stakeholders across all defence lines to ensure regulatory, privacy, and risk compliance Mentor junior consultants and support the growth of the Security Practice through knowledge … KPIs, and compliance measures What you'll bring: Knowledge of frameworks such as NIST CSF, NIST 800-53, and NCSC CAF Strong understanding of networking, cloud security (AWS / Azure), IAM, and vulnerability management Familiarity with ISO 27001 /27002 and related standards Awareness of modern threats, malware, and security More ❯
