1 to 25 of 54 Permanent ISO/IEC 27001 Jobs in the Midlands

What youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO / IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance, review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. … the near term). Significant experience in cyber security consulting or assurance, ideally within the public sector. Deep knowledge of GRC frameworks and standards (e.g. CAF, ISO / IEC 27001, PCI DSS).Strong client-facing skills, able to communicate complex issues clearly to technical and non-technical audiences. Proven track record of delivering … on time and influencing decision-making. Excellent written and verbal communication, including the ability to produce polished consultancy reports. Desirable certifications: ISO 27001 Lead Auditor / Implementer, CISSP, CISM, CRISC, CCP (GRC), or equivalent. Driving license and willingness to travel to client sites across the UK as required. Why join 4C Strategies? Work with a More ❯

Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT) / SOC Level 3 Analyst … are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to test resilience and improve preparedness. Reporting: Develop and improve reporting dashboards and security / performance metrics to drive continuous improvement in security operations. Security Tools Support: Support the implementation, maintenance, and configuration of security tools and systems for prevention, detection, and response. Audit … OT environments. SOC-specific training, qualifications, or a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC / GCIA / GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO More ❯

Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT) / SOC Level 3 Analyst … are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to test resilience and improve preparedness. Reporting: Develop and improve reporting dashboards and security / performance metrics to drive continuous improvement in security operations. Security Tools Support: Support the implementation, maintenance, and configuration of security tools and systems for prevention, detection, and response. Audit … OT environments. SOC-specific training, qualifications, or a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC / GCIA / GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external … audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across … both written and verbal * Ability to build effective working relationships and influence at all levels * Comfortable working independently and proactively across teams Desirable: * Experience in supplier risk management and / or tender processes * ISO 27001 Lead Auditor / Implementer, PCIP, CISM, CompTIA Security+, or CISMP certification What you get in return: * Up to More ❯

I and EU regulations. You will chair status review sessions, maintain accreditation tracking systems, and provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials / Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid … Nottingham-based role reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials / Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance … Partner with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001 / 2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows / More ❯

management, and people leadership. Key responsibilities of the role: Lead and manage support teams, driving a culture of accountability, collaboration, and innovation. Oversee ITIL-based service delivery, ensuring SLA / KPI targets are consistently met. Manage Jira Service Desk operations, incident resolution, and root cause analysis. Build insightful Power BI dashboards to track and report on service performance. Act … as the primary point of contact for service-related issues, managing client relationships and expectations. Ensure compliance with ISO 27001 standards and develop risk mitigation strategies. Drive continuous improvement initiatives to optimise processes and enhance customer satisfaction. Experience required: 5+ years’ experience in service delivery management in SaaS, cloud, or enterprise software environments. Strong expertise in … s on offer: A leadership role with real impact on client satisfaction and operational success. A collaborative and supportive culture where initiative and innovation are valued. Hybrid, (weekly office / home split), working model with regular opportunities to travel and engage with clients. If you are a strategic thinker with a hands-on approach to service delivery and team More ❯

understand technical requirements, present solutions and provide guidance. Produce and maintain technical documentation, including architecture diagrams, procedures, and operational controls. Assist with compliance activities and audits relating to ISO 9001, ISO 27001, and other regulatory frameworks. Support incident response, risk assessments and cybersecurity best practices (Cyber Essentials Plus desirable). Handling Active Directory and … stages of implementation projects to set up the infrastructure requirements. Essential Skills & Experience Proven experience with Microsoft Azure services (IaaS, PaaS, networking, security). Strong understanding of Windows and / or Linux server administration. Experience with Azure Active Directory, Azure Security Centre, and monitoring tools. Knowledge of IT security principles, risk management and compliance. Strong infrastructure background—networking, firewalls … backup and disaster recovery. Excellent communication skills with experience in client-facing roles. Ability to create and maintain clear documentation and operational controls. Desirable Qualifications & Knowledge Experience with ISO 9001 and ISO 27001 standards and audits. Understanding of Cyber Essentials Plus requirements. Familiarity with automation and Infrastructure as Code (e.g., ARM templates, Bicep, Terraform More ❯

working with a leading Systems Integration Consultancy based in Stone, Staffordshire. They're looking for an Operational Technology Cyber Security Engineer with a background in Industrial Control Systems (ICS / SCADA) This is a fantastic opportunity to join a high-performing engineering team working on critical national infrastructure projects across the energy, utilities, water, renewables, and manufacturing sectors. This … Security Clearance. Main Responsibilities: Lead the design and implementation of secure OT network architectures across critical infrastructure environments. Conduct attack path analysis, penetration testing and adversary simulations within ICS / OT environments. Perform cybersecurity risk assessments and technical security audits aligned to recognised industry frameworks. Develop technical design specifications and security documentation including functional and infrastructure specifications. Act as … a technical mentor, guiding and supporting junior engineers within the cyber and OT engineering teams. Required Skills: Proven experience securing ICS / SCADA, PLCs, RTUs and industrial communication protocols (MODBUS, OPC, DNP3, etc.). Strong background in designing and configuring secure networks including switching, routing, and firewalls. Solid knowledge of IT / OT segmentation and secure cross-domain More ❯

junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT / ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team … relationships. Key Requirements of the Senior ICS OT Cyber Security Engineer: Degree in Computer Science, Systems Engineering, or similar with 5+ years' relevant experience. 2+ years' experience in ICS / critical infrastructure cybersecurity. Knowledge of SCADA, PLCs, RTUs, OT protocols (MODBUS, OPC, DNP3). Experience with secure network design (switching, routing, firewalls). Experience conducting audits, risk assessments, and … implementing technical security frameworks (e.g., NIST 800-53 / 82, ISO 27001, IEC 62433). Strong stakeholder management and communication skills. Willingness to travel to client sites across UK. Eligible for SC clearance. To discuss this opportunity in more detail, please APPLY NOW . Alternatively, you can contact Katie Dark directly at . More ❯

junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT / ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team … relationships. Key Requirements of the Senior ICS OT Cyber Security Engineer: Degree in Computer Science, Systems Engineering, or similar with 5+ years' relevant experience. 2+ years' experience in ICS / critical infrastructure cybersecurity. Knowledge of SCADA, PLCs, RTUs, OT protocols (MODBUS, OPC, DNP3). Experience with secure network design (switching, routing, firewalls). Experience conducting audits, risk assessments, and … implementing technical security frameworks (e.g., NIST 800-53 / 82, ISO 27001, IEC 62433). Strong stakeholder management and communication skills. Willingness to travel to client sites across UK. Eligible for SC clearance. To discuss this opportunity in more detail, please APPLY NOW . Alternatively, you can contact Katie Dark directly at . More ❯

members. Experience required Degree in Software Engineering or related discipline. Minimum of 5+ years in a software leadership or management role. Proven experience leading software teams of 20+ developers / testers. Strong software engineering background with an understanding of modern coding standards, patterns, and tools. Demonstrated success delivering complex software projects on time and within budget. Hands-on experience … with Agile / Scrum, sprint planning, backlog grooming, and release management. Proficiency in risk management, resource allocation, and stakeholder communication. Knowledge of secure software development practices essential with any experience of the cybersecurity industry desirable. Understanding of ISO 9001 / ISO 27001 quality standards. This is just a short o v er More ❯

mapping adversary tactics and techniques to industrial environments and developing tailored mitigation strategies. You'll lead and execute advanced penetration testing, red teaming, and adversary simulation exercises within OT / ICS environments, leveraging frameworks such as MITRE ATT&CK for ICS and modelling using Bow-Tie Analysis to proactively identify and exploit vulnerabilities. You'll conduct vulnerability assessments and … including Chemical, Water, Oil and Gas, Energy. What you'll need: You'll have 5+ years' experience with cyber security technologies with at least 2 years serving critical infrastructure / industrial control systems, including SCADA, PLCs, RTUs, etc. Experience with securing systems running ICS-related communications protocols (e.g., MODBUS, OPC, DNP3, etc.). Experience securing cross-domain IT / OT communications and interfaces. Experience designing & configuring secure networks (Switching, Routing, Firewalls). Experience engineering security solutions for real-time and / or performance-sensitive systems. Experience creating Functional Design Specifications and Detailed Infrastructure, Network and Cyber Security Specifications. Demonstrated experience conducting system assessments and security audits in alignment with technical security frameworks, including NIST 800-53 / More ❯

and mature the entire IT strategy, operations and cyber posture. What You'll Do: Lead and develop a small internal IT team (initially 2 direct reports) while managing offshore / outsourced partners Own IT strategy, service delivery and infrastructure for 150 users across office and shop floor environments Maintain and enhance Cyber Essentials and ISO 27001 … budgets whilst ensuring value and performance Work closely with senior leadership to drive efficiency, resilience and innovation through technology What You'll Bring: Proven experience as Head of IT / IT Manager / IT Director within a manufacturing or industrial setting Strong knowledge of Cyber Essentials, ISO 27001, ITIL and supplier governance Experience working … level Why Join Us? Genuine ownership of IT across a growing, financially stable £80m business Direct impact on operations, performance and resilience Supportive leadership team and room to modernise / shape future roadmap Competitive salary + benefits + future progression opportunity RSG Plc is acting as an Employment Agency in relation to this vacancy. More ❯

internal and customer-facing IT projects. Maintaining infrastructure through patching, upgrades, testing, and proactive monitoring. Implementing IT security policies and VPN solutions in line with compliance standards. Supporting ISO 27001 compliance, risk management, and audit readiness. Assisting with disaster recovery planning and business continuity measures. Overseeing IT asset management, procurement, and vendor relationships. Producing and maintaining … VMware environments. Strong knowledge of Windows and Linux system administration. Familiarity with networking concepts (routing, switching, firewalls, VPNs). Exposure to automation tools such as PowerShell, Ansible, or CI / CD workflows. A solid understanding of IT security best practices and compliance standards. Experience supporting or maintaining ISO 27001 or similar frameworks. Strong communication and More ❯

fully functional internal IT team. Develop and enforce IT policies, procedures, and standards that meet operational, regulatory, and compliance requirements across all regions. Ensure full compliance with GDPR, ISO standards (27001, 27002, etc.), and global cyber regulations, including leading certification processes. Design and implement a comprehensive Information Security Management System (ISMS) and establish breach protocols, disaster … Looking For Proven experience in senior IT roles (e.g., IT Manager, Infrastructure Lead). Strong technical knowledge in networking, cloud computing, cyber security, and Microsoft 365. Experience with ISO 27001 certification and ISMS leadership. Skilled in managing external IT vendors and service providers. Excellent communicator with the ability to explain technical concepts clearly. Project management experience More ❯

planning through to handover, while also providing 3rd line support when required. The Infrastructure Engineer role will involve: Delivering infrastructure projects such as Azure IaaS migrations, VMware upgrades, Intune / Autopilot rollouts, Office 365 deployments, and telephony modernisation Leading change initiatives, ensuring smooth delivery, documentation, and transition to Service Desk support Supporting core systems including Windows Server, Active Directory … SQL, and networking (LAN / WAN / VPN / WiFi) Producing clear project documentation, progress reports, and stakeholder updates Working closely with clients across education and commercial sectors, building trusted relationships Skills & Experience required: Proven track record as an Infrastructure Engineer (or Senior 3rd Line Engineer) with hands-on project delivery Strong technical background across Microsoft … able to update stakeholders and produce project documentation Why this opportunity? Join a fast-growing IT services provider with exposure to a wide range of infrastructure projects Accredited organisation (ISO27001, Cyber Essentials Plus, Microsoft Partner status) Clear career path into more senior engineering or project delivery roles as the business continues to grow Collaborative, supportive team culture where Infrastructure Engineers More ❯

with the ability to influence technical and non-technical stakeholders. Strong leadership, motivational, and problem-solving abilities. Useful additional expertise (advantageous): Experience with SAN servers, SQL, Microsoft Teams, SCCM / SCOM, RMM / MDM tools. Cybersecurity certifications and knowledge (CE+, ISO 27001, etc.). Advanced networking expertise (QoS, VLANs, MPLS, wireless AP configuration). More ❯

skills with the ability to influence technical and non-technical stakeholders. Strong leadership, motivational, and problem-solving abilities.Useful additional expertise (advantageous): Experience with SAN servers, SQL, Microsoft Teams, SCCM / SCOM, RMM / MDM tools. Cybersecurity certifications and knowledge (CE+, ISO 27001, etc.). Advanced networking expertise (QoS, VLANs, MPLS, wireless AP configuration). More ❯

board Drive security awareness and training programmes for all employees Manage relationships with external auditors, regulators, and security vendors Mentor, hire, and retain high-performing information security talent Experience / Skills Required Managing security for cloud-first environments specifically Microsoft Azure Implementing Security Operations Centres (SOC) and automated security monitoring Collaborate with the third-party risk management and vendor … leadership experience in information security within financial services Deep understanding of regulatory and compliance requirements for banking and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills More ❯

Proficient in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of More ❯

Proficient in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of More ❯

IT, and Fleet. Every person in every team is contributing the lasting impact our Team makes. Help build and keep the nation's critical infrastructure connected and protected 24 / 7. Reporting into the Network Services Business Unit Security Manager, the Senior Information Security officer will ensure security is embedded into all areas of the business and appropriate technical … and compliance technical assessments of all applicable standards, policies, regulation, and legislation compliance Creation of security standards and requirements documents for projects and activities to be based on ISO 27001, NIST 800-53 and ISO 22301. Review risks, propose mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process More ❯

scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in ensuring the organisation meets security standards (e.g., ISO 27001, GDPR, Cyber Essentials) Security Awareness : Contribute to internal training and awareness campaigns to improve staff cyber hygiene Incident Investigation : Support in analysing and documenting cyber incidents … related discipline Strong interest in cyber security and desire to build a career in the field Basic understanding of cyber threats, security principles, and best practices Familiarity with Windows / Linux operating systems and networking concepts Strong analytical and problem-solving skills Good communication skills and the ability to explain technical concepts clearly Nice to Have (But Not Required … Excellent Company Benefits We believe in supporting our people from day one. Here’s what we offer: 25+ Days Annual Leave + bank holidays (with the option to buy / sell extra days) Hybrid & Flexible Working – work from home and the office Annual Bonus Scheme based on personal and company performance Professional Certification Support – we’ll cover exam costs More ❯

scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in ensuring the organisation meets security standards (e.g., ISO 27001, GDPR, Cyber Essentials) Security Awareness : Contribute to internal training and awareness campaigns to improve staff cyber hygiene Incident Investigation : Support in analysing and documenting cyber incidents … related discipline Strong interest in cyber security and desire to build a career in the field Basic understanding of cyber threats, security principles, and best practices Familiarity with Windows / Linux operating systems and networking concepts Strong analytical and problem-solving skills Good communication skills and the ability to explain technical concepts clearly Nice to Have (But Not Required … Excellent Company Benefits We believe in supporting our people from day one. Here’s what we offer: 25+ Days Annual Leave + bank holidays (with the option to buy / sell extra days) Hybrid & Flexible Working – work from home and the office Annual Bonus Scheme based on personal and company performance Professional Certification Support – we’ll cover exam costs More ❯

frameworks, and standards (e.g., NIST, ISO 27001, CIS) Proficiency with automation and scripting to streamline security processes Background in Infrastructure as Code (ideally Terraform), audit / compliance activities, and securing CI / CD pipelines Strong communication skills with a proactive, problem-solving mindset Benefits include: 27 days annual leave plus bank holidays, with additional More ❯