22 of 22 Permanent ISO/IEC 27001 Jobs in Scotland

using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role: Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards Conduct risk assessments across business units, vendors, and projects Monitor regulatory changes and ensure compliance with legal and contractual obligations Support … Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Knowledge of OneTrust risk management toolset or similar preferred More ❯

support secure and reliable deployments. Provision, support & maintain required cloud services for development, test and QA. Implement cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and … and network infrastructure (including physical and virtual servers and storage systems). Find, implement, and operationalize hardware environment improvements through a continual process. Develop and enforce IT policies, onboarding / offboarding procedures, and asset tracking. Leadership & Strategy Build and lead a small but scalable team across IT and Cloud Operations. Align with DevOps on roadmaps for infrastructure maturity and … and relevant work experience may compensate for lack of formal education. Certifications such as CISSP, CISM, expert level Azure, or similar are a plus. Familiarity with security frameworks (ISO 27001, SOC 2, NIST, FedRAMP). Competencies Advanced knowledge of cyber security. Excellent leadership, communication, and cross-functional collaboration and mentoring skills. More ❯

a small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps … culture across the organisation. IT Management Lead IT support, enterprise systems, and SaaS tooling. Manage IAM, endpoint security, networks, servers, and storage. Develop IT policies, asset tracking, and onboarding / offboarding processes. Drive continual improvement in IT systems and infrastructure. Leadership & Strategy Build and mentor a high-performing IT & CloudOps team. Work closely with DevOps to strengthen infrastructure maturity. … operations, cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. More ❯

a small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps … culture across the organisation. IT Management Lead IT support, enterprise systems, and SaaS tooling. Manage IAM, endpoint security, networks, servers, and storage. Develop IT policies, asset tracking, and onboarding / offboarding processes. Drive continual improvement in IT systems and infrastructure. Leadership & Strategy Build and mentor a high-performing IT & CloudOps team. Work closely with DevOps to strengthen infrastructure maturity. … operations, cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

exceptional customer service. You might be a great fit for this role if you have: Solid experience in DevOps and Platform Engineering . Git and version control workflows CI / CD tools (Jenkins, GitHub Actions, GitLab etc.) Container platforms (Docker, Kubernetes) Infrastructure-as-code (Terraform, Ansible, Pulumi, CloudFormation) Cloud platforms (AWS, Azure, GCP) Security engineering tools and practices: SAST … / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Perks & Benefits Competitive salary. Generous equity plan. Remote-first working environment with regular travel to More ❯

if you have: Live in Edinburgh or are within commutable distance Solid experience in DevOps and Platform Engineering Git and version control workflows Security engineering tools and practices: SAST / DAST tools (Checkmarx, Veracode, SonarQube) Container security (Aqua, Snyk, Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity … with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting, solutions architecture, or technical coaching. Interest in technical … sales and supporting go-to-market strategies. Excellent written and verbal communication skills, with the ability to translate complex technical topics to both technical and non-technical stakeholders. AWS / Azure / GCP certifications, CISSP, CISM, or other security certifications are a plus Generous equity plan. Remote-first working environment with travel to our Oslo office and customer More ❯

We will discuss what is important to you and balancing this with business requirements during the recruitment process. You can read more about Phoenix Flex here. Closing Date: 20 / 10 / 2025 Salary and benefits: £45,000 - £60,000 plus 16% bonus up to 32%, private medical cover, 38 days annual leave, excellent pension, 12x salary life … access management. - Hands-on experience with Saviynt, CyberArk, and Microsoft Entra ID. - Strong problem-solving and troubleshooting skills across identity platforms. - Awareness of regulatory and compliance standards (e.g. ISO 27001, NIST, GDPR, ISF Standard of Good Practice). We want to hire the whole version of you. We are committed to ensuring that everyone feels accepted … the right to remove adverts earlier than the advertised closing date. We encourage you to apply at the earliest opportunity. Find out more about #LifeAtPhoenix - Guide for Candidates: thephoenixgroup.pagetiger.com / guideforcandidates - Find or get answers from our colleagues More ❯

Security Operations Lead -Salary £65-75,000 -Fixed Term Contract - 12 months -Glasgow / Remote First Role Brand new opportunity to the market for a seasoned Security Operations Lead to join my financial services client, as they continue on their transformational journey of growth and improvement for the business. You will work alongside a team of Security Analysts within … team and leading the response to security incidents. Key Experience (A blend of): Strong, practical knowledge of security frameworks and industry standards Regulatory requirement expertise - Cyber Essentials Plus, ISO 27001 and GDPR Microsoft security tools - Defender, Entra ID, Purview Cloud platform exposure - Azure preferred Broad experience of configuring and management of SIEM tooling Certifications CISSP, CISM More ❯

analysis and remediation efforts for certificate expirations, key compromise, or misconfigurations. Collaboration & Reporting Work closely with DevOps, Infrastructure, and Application Security teams to integrate KCS best practices into CI / CD pipelines and cloud environments. Provide regular reports on KCS health, risk posture, and compliance metrics to senior leadership. Required Qualifications: 5+ years of experience in cybersecurity or infrastructure … operations, with a focus on cryptographic asset management. Strong understanding of PKI, TLS / SSL, HSMs, and secrets management tools. Proficiency in cryptographic protocols (OCSP, CRL, TSA). Hands-on experience with HSMs (e.g., Thales, SafeNet) and PKI platforms (e.g., Entrust, eMudhra). Experience with cloud-native KMS solutions (e.g., AWS KMS, Azure Key Vault, GCP Cloud KMS). … PowerShell, Terraform). Excellent leadership, communication, and problem-solving skills. What we will do for you: Competitive compensation Pension scheme DXC Select Our comprehensive benefits package (includes private health / medical insurance, childcare vouchers, gym membership and more) Perks at Work (discounts on technology, groceries, travel and more) DXC incentives (recognition tools, employee lunches, regular social events etc) At More ❯

within a complex or globally distributed environment. In-depth knowledge of infrastructure, networks, and cloud technologies (e.g. Azure, AWS). Experience with security frameworks and regulatory compliance, including ISO 27001 and GDPR. Demonstrated ability to lead, coach, and develop high-performing technical teams. Track record of managing incident response and conducting technical investigations. Confident multitasker with More ❯

within a complex or globally distributed environment. In-depth knowledge of infrastructure, networks, and cloud technologies (e.g. Azure, AWS). Experience with security frameworks and regulatory compliance, including ISO 27001 and GDPR. Demonstrated ability to lead, coach, and develop high-performing technical teams. Track record of managing incident response and conducting technical investigations. Confident multitasker with More ❯

experience in cloud governance, cloud architecture, or cloud security. Strong understanding of cloud platforms (e.g., AWS, Azure, GCP) and associated governance tools. Familiarity with regulatory frameworks (e.g., GDPR, ISO 27001, NIST). Excellent communication and stakeholder management skills. Experience with automation and policy-as-code tools (e.g., Terraform, Azure Policy, AWS Config). Analytical mindset with More ❯

and technical documentation Conduct security assessments and gap analyses to align solutions with client risk profiles and compliance needs Work as part of a team to respond to RFI / RFP documents Keep up to date with the lates cyber security trends, threats, technologies, and vendor offerings Here are the key skills and experience relevant to this role: Proven … the cyber security domain Strong knowledge of security technologies such as XDR, SIEM, EDR, identity management, email security, cloud security, etc. Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIS, NIST, GDPR) Excellent communication and presentation skills, both technical and non-technical Ability to translate technical concepts into business value Relevant security certifications (e.g., CISSP More ❯

clients to drive sustainable change, providing outstanding client experience and delivering exceptional results that are aligned with business priorities. Our commitment to security and quality is reinforced by our ISO27001 and ISO9001 certifications (UKAS), as well as our CREST approved penetration testing and SOC capabilities. Additionally, we are an IASME Cyber Essentials Certification Body and Cyber Essentials Plus certified. Why More ❯

for someone who thrives in regulated, mission-critical environments. The Role: Lead the evolution of a secure, scalable Azure-based SaaS platform Shape and deliver the company's AI / ML strategy across products and operations Own corporate IT and cybersecurity, ensuring compliance with ISO 27001 and other frameworks Mentor and grow a high-performing … role, candidates need Senior leadership experience in a SaaS environment Deep expertise in cloud environments (ideally Azure) Proven track record in secure SaaS delivery and compliance Exposure to AI / ML technologies and their application in SaaS products. Pragmatic, hands-on and commercially aware. Experience with modern DevOps practices to support developers and product teams. Motivational leader who develops … and inspires IT / Development teams This is an excellent opportunity to make a real difference, so please apply to find out more More ❯

for someone who thrives in regulated, mission-critical environments. The Role: Lead the evolution of a secure, scalable Azure-based SaaS platform Shape and deliver the company's AI / ML strategy across products and operations Own corporate IT and cybersecurity, ensuring compliance with ISO 27001 and other frameworks Mentor and grow a high-performing … role, candidates need Senior leadership experience in a SaaS environment Deep expertise in cloud environments (ideally Azure) Proven track record in secure SaaS delivery and compliance Exposure to AI / ML technologies and their application in SaaS products. Pragmatic, hands-on and commercially aware. Experience with modern DevOps practices to support developers and product teams. Motivational leader who develops … and inspires IT / Development teams This is an excellent opportunity to make a real difference, so please apply to find out more More ❯

demonstrate strong identity skills and have the ambition to utilise Deloitte's leading training opportunities to enhance and extend their capabilities. Proven experience of incident management, crisis management, and / or an operationally relevant role; A detailed understanding of the subject of Cyber Incident Response including a detailed understanding of key technical concepts and methodologies, attacker techniques, and threat … financial and people management; Experience in leading business development activities in the Private Sector; Strong commercial awareness and business acumen, including specifically an excellent understanding of business processes and / or supporting technology; Experience or familiarity in managing contracts; Excellent verbal and written communication skills, with the ability to tailor communications to people from a wide range of backgrounds … Security clearance, or is willing to undergo the security vetting process; Strong academics, including a minimum of 2.1 degree or equivalent experience Familiarity with information security frameworks such as ISO27001, NIST etc; Willingness to operate as part of an 'on-call roster', travelling to assist our UK and EMEA clients when required in an incident management capacity; Connect to your More ❯

focussing on insights and continuous improvement with a need to be an out of the box thinker. Role details: Be conversant in ISO Standards that include: ISO9001, ISO27001, ISO22301, ISO45001 and ISO14001, maintain all ISO Standards and accreditations and associated internal policies and procedures. Support and maintain positive relationships with any relevant regulatory bodies. Management & Testing … and promote quality improvements and efficiencies along with risk mitigation based on actionable insights. Leading and supporting the Quality Team. Requirements: Essential Previous success in delivering comprehensive quality assurance / continuous improvement strategies. Experience in a contact centre, business improvement role. Knowledge and understanding of the ISO Standards and audit procedures Experience of risk management / … legislation, how it impacts the business and data subjects. Benefits: Salary up to £50,000.00 DOE + employee benefits Bonus Opportunity 30 Days Paid Holiday Hybrid Working Enhanced Maternity / Paternity Cover Comprehensive training to ensure you have the tools to do your job Relaxed Dress Code Positive working environment Plus much more! INDQC1 Next steps:Feel ready to More ❯

minimum of three days a week, with the flexibility to work from home for some of your working week. Find out more about our flexible work culture at computershare.com / flex. We give you a world of potential Computershare have a fantastic opportunity for a CTI Analyst to join our Global Cyber Defence team. The Global Cyber Defence team … close-knit community, with experienced colleagues ready to help you grow. Our careers hub will help you find out more about our rewards and life at Computershare, visit computershare.com / careershub. More ❯