essential. Responsibilities: Regulatory Compliance & Framework Development: Support the implementation of a comprehensive business resilience framework aligned with DORA and other regulatory requirements (e.g., NIST, ISO22301, ISO 27001). Develop training materials, policies, controls, and risk assessment methodologies to ensure adherence to regulatory standards. Support key pillars … or related fields, with extensive exposure to Operational Resilience, particularly DORA . Strong understanding of UK regulatory requirements and frameworks such as DORA, NIST, ISO22301, and ISO 27001. Proven experience conducting risk assessments, regulatory compliance reviews, and resilience testing . Ability to translate regulatory requirements into More ❯
City of London, London, United Kingdom Hybrid / WFH Options
IPS Group
frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as More ❯
frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as More ❯
london, south east england, United Kingdom Hybrid / WFH Options
IPS Group
frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as More ❯
ISO Audit Specialist Posting Date: 1 May 2025 Function: Risk, Compliance and Assurance Unit: Business Location: UK Wide, United Kingdom About the role As our ISO Audit Specialist, you'll lead audits across multiple ISO Standards servicing BT group (Openreach, Digital, Business, Networks, Corporate Units). ISO … experience in telecommunications or technology industries. You will maintain ISO standards linked to BT Group Risks, such as ISO27001 for Cyber & Information Security, ISO22301 for Service Interruption, and ISO14001 for Major Contracts. Your role involves identifying and implementing actions to mitigate risks from non-compliance, with a strong understanding … and audit universe. Required experience and qualifications Lead Auditor qualification to ISO standards, primarily ISO27001, plus another ISO standard (e.g., ISO9001, ISO14001, ISO22301). Experience designing, implementing, and maintaining management systems (ISO 27001 preferred). Proven ability to lead audit programs in large, complex multinational organizations. Experience More ❯
strategy for all line of route off-site assets, engaging with Transport for London, Network Rail and other stakeholders. Working to the principles of ISO22301, engage with the wider project team to carry out risk assessments, business impact analyses and documentation of business continuity plans. Assist in planning and conducting … and training. Strong analytical skills, able to transfer and analyse business and technology requirements. Desirable Qualifications and Skills Previous experience of obtaining and maintaining ISO22301 accreditation Diploma in Security Management (NVQ Level 5) or or higher About the Company The role will work on the HS2 project. … reported to HS2. It is an SCSJV requirement that all employees, Design House, and Supply Chains must implement and comply with the requirements of ISO 9001:2015 Quality Management System, ISO 14001:2015 Environmental Management System with guidance for use", OHSAS 18001:2017 Occupational Health and Safety Management More ❯
s information security strategy, policies, and procedures, aligning them with business objectives and risk tolerance. Oversee the maintenance and expansion of existing security certifications (ISO 27001, SOC 2) and drive initiatives for future certifications (e.g., ISO22301, DORA). Direct regular security audits, risk assessments, and vulnerability … best practices and IT-regulations that apply to financial institutions or its outsourcing partners. In-depth knowledge of relevant regulatory requirements and industry standards (ISO 27001, SOC 2, GDPR, DORA, etc.). Experience with cloud security (AWS, Google etc.), application security, and DevSecOps practices is a significant plus. Proven More ❯
Microsoft Defender/Purview Work closely with the existing IT Infrastructure Manager to ensure security for office based & remote workers. As an ISO27001, BS10012, ISO22301 and Cyber Essentials Plus accredited business you must always carry out your role according to company IT policies. Assist with the handling of confidential information More ❯
similar Information Security role, and/or possess professional certification in Information Security (e.g. CISSP, CISMP etc). Certified or formally trained in auditing ISO management systems, preferably ISO27001, though experience with other relevant frameworks is also valuable. Familiar with modern security technologies and protocols, such as Zscaler, either … through practical use or academic exposure. Well-versed in security standards and certifications, including ISO27001, Cyber Essentials (Plus), ISO22301, and NIST frameworks. Competent in the use and security aspects of Microsoft Office 365 applications and services. Solid grasp of IT security principles, common protective measures, and widely More ❯
similar Information Security role, and/or possess professional certification in Information Security (e.g. CISSP, CISMP etc). Certified or formally trained in auditing ISO management systems, preferably ISO27001, though experience with other relevant frameworks is also valuable. Familiar with modern security technologies and protocols, such as Zscaler, either … through practical use or academic exposure. Well-versed in security standards and certifications, including ISO27001, Cyber Essentials (Plus), ISO22301, and NIST frameworks. Competent in the use and security aspects of Microsoft Office 365 applications and services. Solid grasp of IT security principles, common protective measures, and widely More ❯
procedures and plans Able to demonstrate an up-to-date knowledge of relevant legislation and guidance including the CCA and NHS EPRR framework and ISO22301 and/or the BCI good practice guidelines Experience of leading cross-functional teams towards successfully achieving objectives within agreed timeframes About More ❯
during testing. Supporting the creation of a control library and reviewing controls to ensure alignment with internal policies and external frameworks such as CRI, ISO, NIST, ISAE. Performing internal control assessments/audits for SWIFT CSCF, LINK CSB, ISO27001, and ISO22301. Developing internal assurance documentation. Preparing submissions for risk More ❯
Database and Development team for all compute, server and storage providing requirement & 24/7 availability. Complete annual reviews and internal audit of required ISO 27001, 9001 and 22301 standards. Competency Profile Extensive knowledge of data centre operations, , network engineering, datacentre applications, client/server computing and production More ❯
to drive solutions. Previous experience in a financial services company is highly desirable but not essential. A detailed knowledge of BCM standards and practices (ISO, BCI), tools and techniques of business continuity. Understanding of Digital Operational Resilience Act (DORA). Experience of implementing or working with digital BCMS and … least 5 of which are in a Business Continuity specific role, preferably within a financial services environment. Working knowledge of BC operations in an ISO22301 certified organisation, or in an organisation actively working towards this certification. Exposure to the complete BCM lifecycle. Aware of Operational Resilience (OR) and other resilience More ❯
