5 of 5 DemandTrendPermanent ISO/IEC 27001 Jobs in Somerset

objectives, future growth ambitions and product lines. Compliance: Ensure the company's security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO27001:2022 and other relevant frameworks. Risk management: Lead the information security risk management program, including identification, assessment, mitigation, and monitoring of information security risks across all systems, applications, and operations. … experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System … AWS, GCP), including knowledge of cloud security best practices and compliance frameworks Certifications: Relevant industry certifications such as CISSP, CISM, CISA, ISO 27001 Lead Implementer / Auditor, or similar. Supplier Security Management: Experience in conducting due diligence and ongoing monitoring of third-party security posture, specifically SaaS. Threat Intelligence: Experience in leveraging threat intelligence to More ❯

Job Title: Cyber & Information Security Lead Type: Full Time & Permanent Location: Hybrid / Bath, England About the Role: Seeking a senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s … Key Responsibilities: Security Strategy : Define and maintain a robust security strategy aligned with business goals and growth. Compliance : Ensure adherence to key standards including DSPT, Cyber Essentials Plus, and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage … security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge of UK healthcare security frameworks like DSPT, DTAC, and NCSC CAF. ISO 27001 : Proven track record in implementing and maintaining ISO 27001:2022-certified ISMS. Secure by Design : Deep understanding of secure SDLC and embedding More ❯

Job Title: Cyber & Information Security Lead Type: Full Time & Permanent Location: Hybrid / Bath, England About the Role: Seeking a senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s … Key Responsibilities: Security Strategy : Define and maintain a robust security strategy aligned with business goals and growth. Compliance : Ensure adherence to key standards including DSPT, Cyber Essentials Plus, and ISO27001:2022. Risk Management : Lead the identification and mitigation of information security risks across all operations. Security Architecture : Oversee secure system and software design throughout the development lifecycle. Incident Response : Manage … security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge of UK healthcare security frameworks like DSPT, DTAC, and NCSC CAF. ISO 27001 : Proven track record in implementing and maintaining ISO 27001:2022-certified ISMS. Secure by Design : Deep understanding of secure SDLC and embedding More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

vendor management, procurement, or category management. Proven experience working in multinational or global environments with diverse stakeholders. Confidence in reviewing vendor contracts, including security schedules. Strong knowledge of ISO27001:2022 and information security standards. Experience with TPRM tools / platforms; exposure to software licensing, cloud services, or professional services vendors is a plus. This is your opportunity to More ❯