1 to 25 of 27 Permanent ISO/IEC 27001 Jobs in Scotland

technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec / Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems. They're a great firm we've seen … more), so take a look and apply if this looks like a great next step for your career: Key Responsibilities: Develop, execute, and maintain the overarching information security strategy / policies / relevant frameworks in adherence to ISO standards and other key regulations Oversee the firm's ISO 27001 accreditation and oversee … regular risk assessments; taking ownership of the register and plans Draft and implement InfoSec metrics / key performance indicators / reporting (up to board level) to demonstrate security / control / initiative effectiveness Audit and improve the firm's security operations across the spectrum, including incident response and escalation / best coding and config practice More ❯

technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec / Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems. They're a great firm we've seen … more), so take a look and apply if this looks like a great next step for your career: Key Responsibilities: Develop, execute, and maintain the overarching information security strategy / policies / relevant frameworks in adherence to ISO standards and other key regulations Oversee the firm's ISO 27001 accreditation and oversee … regular risk assessments; taking ownership of the register and plans Draft and implement InfoSec metrics / key performance indicators / reporting (up to board level) to demonstrate security / control / initiative effectiveness Audit and improve the firm's security operations across the spectrum, including incident response and escalation / best coding and config practice More ❯

enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration • Lead end-to-end migration from legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. • Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem • Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance • Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. • Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (e.g., NHS DSP Toolkit, HIPAA). • Define data retention policies, PIA / DPIA frameworks … and lawful intercept / emergency call handling. DevOps & Automation • Establish CI / CD pipelines for flows, Lambda, Lex bots, and infrastructure using CloudFormation / Terraform / CDK. • Implement automated testing and version control for safe, repeatable deployments. Operational Excellence • Define KPIs / SLAs (AHT, CSAT / NPS, abandonment rates) and build real-time dashboards More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSEs digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews, pilots More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSEs digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews, pilots More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSE s digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSE’s digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews More ❯

our digital platforms and tools are aligned to the company vision. The successful candidate will have a deep understanding of digital architecture in asset-heavy environments (including BIM, OT / IT integration, and data led-delivery). Key Duties Include: Manage the design and development of end-to-end digital solutions that align with the engineering, operations, and BIM … delivery and Digital Transformation strategies. Define how digital platforms, tools, and integrations will work together (e.g., mobile apps, cloud-based services, analytics, IT / OT, customer portals). Produce and maintain architectural documentation (e.g., solution diagrams, interface specs, data flow models) to guide development and delivery. Ensure all solutions comply with data governance, cyber security, and ISO 19650 / ISO 27001 standards. Translate business objectives into technical roadmaps and digital service designs. Continuously scan for emerging technologies (e.g., AI, digital twins, automation) that can improve RSE’s digital capabilities. Manage the design of integrated platforms that connect existing legacy systems with new cloud-native or SaaS solutions. Participate in reviews More ❯

enterprise standards for security, cost efficiency, and operational sustainability. Implementation & Migration Lead full-scale migrations from legacy platforms (e.g., Avaya, Cisco, Genesys) to AWS Connect. Design and deploy IVR / contact flows, Amazon Lex conversational bots, analytics tools, and agent support solutions. Integration & Ecosystem Development Architect seamless integrations with CRM and ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … PCI-DSS, ISO 27001, and industry-specific standards. Develop data retention policies, privacy impact frameworks, and procedures for emergency call handling. DevOps & Automation Establish CI / CD pipelines for Lambda, Lex bots, contact flows, and infrastructure using CloudFormation, Terraform, or CDK. Introduce automated testing, version control, and repeatable deployment practices. Operational Leadership Monitor KPIs / SLAs including AHT, CSAT / NPS, and abandonment rates via dashboards. Drive capacity planning, incident management, and continuous service improvement initiatives. Stakeholder & Governance Engagement Facilitate executive-level workshops, translating business needs into technical roadmaps. Prepare TCO / ROI analyses, investment cases, and maintain audit-ready documentation. Required Experience & Skills 15+ years in architecture or engineering roles, including More ❯

disaster recovery. This role will require a minimum of 2 days on site working in Glasgow and offers an excellent opportunity for the right candidate to progress. Required skills / Experience: Background in Information Security and the ability to lead a team of information security analysts In-depth knowledge of security policies and frameworks such as Cyber Essentials, ISO 27001 / 22301, and NIST Experience working with operations teams to ensure compliance Understanding of a variety of security tools, in particular Microsoft Purview or another data loss prevention platform Ability to research and evaluate emerging cyber security threats and how to manage them Experience having input into disaster recovery plans as well as the More ❯

disaster recovery. This role will require a minimum of 2 days on site working in Glasgow and offers an excellent opportunity for the right candidate to progress. Required skills / Experience: Background in Information Security and the ability to lead a team of information security analysts In-depth knowledge of security policies and frameworks such as Cyber Essentials, ISO 27001 / 22301, and NIST Experience working with operations teams to ensure compliance Understanding of a variety of security tools, in particular Microsoft Purview or another data loss prevention platform Ability to research and evaluate emerging cyber security threats and how to manage them Experience having input into disaster recovery plans as well as the More ❯

Role: - Solution Architect (Amazon Connect Architect) Location: Glasgow, UK (Hybrid) (3 Days onsite in a week is Mandatory) Duration: Both Contract & Permanent position Required Qualifications:- 15+ years in architecture / engineering, 10+ years in contact centre technologies, 5+ years with Amazon Connect. Proven delivery of enterprise-scale Amazon Connect implementations with complex integrations. Expertise in AWS services: IAM, VPC … Kinesis, CloudWatch, DynamoDB. Strong knowledge of security and compliance frameworks (GDPR, PCI-DSS, ISO 27001, NHS DSP Toolkit). Hands-on experience with IaC (CloudFormation / Terraform / CDK) and serverless development (Node.js / Python). Preferred Qualifications:- AWS Solutions Architect Professional and Amazon Connect specialization. Experience with Contact Lens, Wisdom / Q in Connect, Voice ID, and outbound campaigns. Sector experience in healthcare / public sector or regulated industries. Familiarity with SIP, telephony routing, and Ofcom regulations. Success Metrics:- Delivery of secure, compliant architecture aligned to global regulatory standards. Achieve 99.99% availability, measurable improvements in CSAT / NPS, and reduced AHT. Full migration from legacy platforms within agreed More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

with IT, procurement, risk, and project teams to embed strong security practices throughout delivery lifecycles. ** Assist with audit activities and help maintain alignment with recognised frameworks such as ISO 27001 and NIST. ** Provide security guidance to stakeholders and promote a culture of awareness and accountability. Who We're Looking For ** Background in information security, risk assessment More ❯

Glasgow-based client who are looking for an Information Security Manager to harden their security posture, manage risk appetite, strengthen their GRC policies & controls focusing heavily on PCI-DSS & ISO27001, and manage their MSSP and a small team from a technical cyber perspective.The ideal candidate will have worked autonomously across these spaces previously. This role does not provide sponsorship. What … You'll Be Doing: Assisting the Head of IT with developing the scope for ISO27001 certificationAchieving ISO27001 certification further down the lineCoordinating the client's efforts to achieve / maintain compliance with PCI-DSS and NIS. Leading a small but growing information security function. Liaising with the managed service security provider from a policy improvement and managed detection and … developing security compliance in line with PCI-DSS and ISO27001. Experience working in an Information Security function in a managerial / mentorship capacity. Practical knowledge of PCI-DSS, ISO27001 and NIST.Experience implementing and validating security controls. Experience developing and improving long-term security strategies based on your knowledge of industry standardsA go-getter who's able to work autonomously More ❯

extended managed service team * Manage and presenting to the security advisory board * Implement and maintain compliance with industry best practice and security frameworks including Cyber Essentials +, NIST, CAF, ISO27001, and other recognised frameworks. * Act as the on-site SME facing off to, and working closely with, the organisation's managed service security provider. * Oversee advanced monitoring and risk management … the cybersecurity strategy * Drive security awareness initiatives What We're Looking For * Experience operating at a senior leadership level within security roles * Experience achieving and maintaining various security accreditations (ISO27001, Cyber Essentials+) on behalf of organisations * Experience owning or implementing a strategy * Strong communication skills * A technical IT background with a good understanding of networking, communication protocols and cloud technologies. More ❯

extended managed service team* Manage and presenting to the security advisory board* Implement and maintain compliance with industry best practice and security frameworks including Cyber Essentials +, NIST, CAF, ISO27001, and other recognised frameworks.* Act as the on-site SME facing off to, and working closely with, the organisation's managed service security provider.* Oversee advanced monitoring and risk management … the cybersecurity strategy* Drive security awareness initiatives What We're Looking For * Experience operating at a senior leadership level within security roles* Experience achieving and maintaining various security accreditations (ISO27001, Cyber Essentials+) on behalf of organisations* Experience owning or implementing a strategy * Strong communication skills* A technical IT background with a good understanding of networking, communication protocols and cloud technologies. More ❯

or Glasgow. As one of the leading companies in their industry, they invest heavily in the latest technology across infrastructure and software, working in line with DevOps and CI / CD methodologies to ensure the efficient delivery of creative solutions that help drive their business forward. As a Cyber Security Lead, you will manage a small team of Engineers … the subject matter expert Serve as the technical lead for all queries Research, recommend, and advise on the latest best practices and solutions Drive continuous improvement to maintain ISO-27001 and Cyber Essentials accreditations. Ensure adherence to Information Security standards, policies, and procedures. Utilising Azure DevOps to oversee project-related and non-service desk tasks for the year … technical background in cyber security Familiarity with the M365 stack from a security perspective, including Defender and Azure Proficiency in vulnerability management, web application filtering, and security audits (including ISO27001) Experience in project management, preferably in an Agile / Scrum environment Excellent communication skills to convey complex technical concepts clearly Demonstrated ability to manage personnel effectively in a team More ❯

or Glasgow. As one of the leading companies in their industry, they invest heavily in the latest technology across infrastructure and software, working in line with DevOps and CI / CD methodologies to ensure the efficient delivery of creative solutions that help drive their business forward. As a Cyber Security Lead, you will manage a small team of Engineers … the subject matter expert Serve as the technical lead for all queries Research, recommend, and advise on the latest best practices and solutions Drive continuous improvement to maintain ISO-27001 and Cyber Essentials accreditations. Ensure adherence to Information Security standards, policies, and procedures. Utilising Azure DevOps to oversee project-related and non-service desk tasks for the year … technical background in cyber security Familiarity with the M365 stack from a security perspective, including Defender and Azure Proficiency in vulnerability management, web application filtering, and security audits (including ISO27001) Experience in project management, preferably in an Agile / Scrum environment Excellent communication skills to convey complex technical concepts clearly Demonstrated ability to manage personnel effectively in a team More ❯

Glasgow-based client who are looking for an Information Security Manager to harden their security posture, manage risk appetite, strengthen their GRC policies & controls focusing heavily on PCI-DSS & ISO27001, and manage their MSSP and a small team from a technical cyber perspective. The ideal candidate will have worked autonomously across these spaces previously. This role does not provide sponsorship. … What You'll Be Doing: Assisting the Head of IT with developing the scope for ISO27001 certification Achieving ISO27001 certification further down the line Coordinating the client's efforts to achieve / maintain compliance with PCI-DSS and NIS. Leading a small but growing information security function. Liaising with the managed service security provider from a policy improvement and … developing security compliance in line with PCI-DSS and ISO27001. Experience working in an Information Security function in a managerial / mentorship capacity. Practical knowledge of PCI-DSS, ISO27001 and NIST. Experience implementing and validating security controls. Experience developing and improving long-term security strategies based on your knowledge of industry standards A go-getter who's able to More ❯