1 to 25 of 51 Permanent ISO/IEC 27001 Jobs in the Thames Valley

Objectives & Outcomes Define and socialise target state architectures across Azure / AWS / GCP (networking, identity, landing zones, operations). Deliver reference architectures and reusable patterns for containerised, serverless, and data workloads. Establish / extend Cloud Landing Zones (policy, guardrails, RBAC, tagging, network segmentation). Lead migration and modernisation (re‐host / re‐platform / re‐factor) for priority applications. Implement IaC at scale (Terraform preferred; standard modules; pipelines). Build observability (logs, metrics, traces, SLOs) and resilience (HA, DR, RTO / RPO). Drive FinOps—cost transparency, budgets, showback / chargeback, right‐sizing. Embed security‐by‐design and compliance (CIS, NIST, ISO 27001, FCA / NHS … / PCI as applicable). Key Responsibilities Architecture & Design Produce HLDs / LLDs, diagrams, ADRs, non‐functional requirements, and traceability to business goals. Select and justify cloud services (compute, storage, data, AI / ML, integration). Define multi‐cloud connectivity (hub‐and‐spoke, transit gateways, ExpressRoute / Direct Connect / Cloud Interconnect, SD‐WAN). More ❯

Objectives & Outcomes Define and socialise target state architectures across Azure / AWS / GCP (networking, identity, landing zones, operations). Deliver reference architectures and reusable patterns for containerised, serverless, and data workloads. Establish / extend Cloud Landing Zones (policy, guardrails, RBAC, tagging, network segmentation). Lead migration and modernisation (re‐host / re‐platform / re‐factor) for priority applications. Implement IaC at scale (Terraform preferred; standard modules; pipelines). Build observability (logs, metrics, traces, SLOs) and resilience (HA, DR, RTO / RPO). Drive FinOps—cost transparency, budgets, showback / chargeback, right‐sizing. Embed security‐by‐design and compliance (CIS, NIST, ISO 27001, FCA / NHS … / PCI as applicable). Key Responsibilities Architecture & Design Produce HLDs / LLDs, diagrams, ADRs, non‐functional requirements, and traceability to business goals. Select and justify cloud services (compute, storage, data, AI / ML, integration). Define multi‐cloud connectivity (hub‐and‐spoke, transit gateways, ExpressRoute / Direct Connect / Cloud Interconnect, SD‐WAN). More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

and lead technical and cultural change. You will:** Modernise and redesign the tech landscape** Strengthen security & compliance (ISO 27001, ISO 27701, Cyber Essentials / Plus)** Partner with the Governance Manager on data governance** Ensure staff feel confident and supported with technology What You'll Ideally Bring: ** Proven IT Manager experience** Strong strategic thinking … opportunity. Please apply or contact Matthew MacAlpine at Cathcart Technology. Cathcart Technology is acting as an Employment Agency in relation to this vacancy. For more jobs please visit http: / / jobs More ❯

certification and compliance. Hands-on experience implementing GDPR in software products. Working knowledge of PCI DSS and securing payment systems. Deep understanding of cloud security across Azure and / or AWS. Skilled in application security and the secure development lifecycle (SDLC). Experienced in incident response and cross-functional coordination. Confident supporting tenders and delivering client security assurance. Preferrable … as CISSP, CISM, CISA, or equivalent. Experience in or supporting the higher education sector. Strong understanding of multi-tenant SaaS security. Knowledge of DevSecOps and integrating security in CI / CD pipelines. Familiarity with NIST, CIS Controls, OWASP, and other security frameworks. Awareness of global data protection and multi-jurisdictional privacy requirements. Experience supporting enterprise sales cycles with security … pension contributions to help support your future. Two paid volunteering days annually for charity, community, or sustainability initiatives. Salary sacrifice schemes for electric vehicles and cycle-to-work. 24 / 7 Employee Assistance Programme offering confidential advice and wellbeing support. Annual health check to help you stay at your best. Flexible benefits platform with options including life assurance, learning More ❯

summaries Coordinate secure changes and maintenance windows with engineering teams Respond to security incidents and support root cause analysis and reporting Participate in the deployment of new applications and / or changes, ensuring that all service components are documented and monitored and integrated into the company’s operational processes. Work with stakeholders across the solutions lifecycle to ensure that … with technical stakeholders (including customers) on the delivery of hosted solutions. Experience & Qualifications Good experience in a hosting provider or managed service provider environment Strong working knowledge of ISO 27001, ISO 27017, ISO 27018, and ISO 22301 Hands-on experience with scanning and vulnerability detection applications Hands-on experience of … domain and AD management experience Strong troubleshooting skills Strong scripting skills Enthusiasm and talent for acquiring complex technical skills Good customer service attitude Knowledge of configuration management (Puppet and / or Red Hat Satellite preferred) Scripting for automation using technologies (e.g. Powershell, Puppet, Ansible, Python) ITIL knowledge – principles and application Ability to support and develop junior colleagues More ❯

internal teams, consultants, partners, and customers. Use downtime effectively to practice installations, test upgrades, and explore new technologies. Maintain internal information management systems and follow company standards, including ISO 27001. Mentor junior team members and contribute to knowledge sharing across the team. ? Technical research to identify new ideas and ways of working, as well as presentations to team … Leading and contributing to technical discussions and planning Working as part of a team; mentoring and learning from others Maintaining and improving information management systems according to the ISO 27001 standard Linux administration (Red Hat, Ubuntu): file systems, networking, LVM, backups, clustering, upgrades, installation, and scripting Windows Server administration and Microsoft enterprise software. Database management: DB2 … throughout the year. These have included visits to indoor electric go-karting, mini golf and driving ranges, escape rooms, and more. Check out some of our socials here: https: / / responsiv.co.uk / social-events / Continuous ProfessionalDevelopment: Responsiv provide access to self-paced training, distance learning, and residential courses as appropriate to support your work. More ❯

handling of goods-in, order picking, returns processing, and inventory control. This role manages staff performance, drives continuous improvement of warehouse processes, and ensures compliance with Hamilton Rentals ISO standards. The Warehouse Manager supports the wider business through collaboration with other department heads and plays a key role in maintaining operational effectiveness, safety, and customer service quality Responsibilities … warehouse plant. Develop and implement process improvements to maximise warehouse efficiency. Ensure daily checks are completed for all warehouse equipment (e.g., forklifts, lifting aids). Support compliance with ISO 9001, ISO 14001, ISO 45001, and ISO 27001 standards. Coordinate with the Stock Auditor to ensure timely completion of audit tasks … collaboratively with other department leads to align procedures and resolve operational issues. Requirements: Strong Leadership Skills Experience managing warehouse operations within a technical or rental environment. Familiarity with IT / AV products and their logistical handling. Experience with rental systems or warehouse management systems (e.g. RMS). Strong understanding of ISO standards, especially 9001, 14001, 45001, and More ❯

requirements and translate them into secure technical designs. Evaluate and recommend security products, tools, and technologies. Ensure solutions meet compliance, data privacy, and regulatory requirements (e.g., GDPR, HIPAA, ISO 27001). Support solution implementation teams with architecture guidance and technical documentation. Maintain up-to-date knowledge of emerging security threats and best practices to continuously enhance … NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS / Azure Security are a plus. Our company fosters a values-driven and people-centric work environment that enables our employees to: · Accelerate growth, both professionally and personally · Impact the … diversity and work-life wellbeing at the core · Unlock global opportunities to work and learn with the industry's best Let's unleash your full potential at Persistent - persistent.com / careers "Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. More ❯

internal security strategy within our Managed Services environment. This is a strategic and hands-on leadership position - you'll oversee security governance, ensure compliance with leading frameworks (Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor … risk registers. Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, and NIST . Ensure secure deployment and monitoring of core MSP systems (RMM, XDR, PSA, backup, etc.). Collaborate with service and project teams to embed security into delivery and … presenting to senior stakeholders and enjoy leading teams and shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews More ❯

compliance. Provide technical oversight for solution deployment, testing, and lifecycle management. Governance & Compliance Ensure all IT solutions comply with internal governance frameworks, cybersecurity protocols, and international standards (e.g., ISO 55000, ISO 27001, RAMS). Maintain accurate solution documentation, architecture diagrams, and operational procedures. Innovation & Continuous Improvement Identify emerging technologies and best practices that enhance … PMP, ISO 55000) preferred. Experience: Minimum 8–12 years of experience in IT solutions or digital transformation within asset-intensive or transportation industries. Proven experience with EAM / CMMS platforms (e.g., IBM Maximo, Infor EAM, SAP PM, or similar). Strong background in asset maintenance, infrastructure monitoring, and system integration. Prior experience in heavy rail, utilities, or More ❯

and IT services. Collaborate with cross-functional teams and stakeholders to define requirements and deliver integrated, secure solutions. Act as the primary technical contact for telecom operators and internal / external stakeholders, ensuring effective communication and solution integration. Ensure compliance with industry standards, regulatory requirements, and legal frameworks such as IPA 2016 and GDPR, as well as security standards … including authoring HLDs, LLDs, and interface specifications. Proven ability to design and integrate IT systems such as CRM, middleware, and data platforms with telecom technologies (OSS, BSS, IMS, NAT / CGNAT, IPv4 / IPv6). Understanding of Big Data and data governance. Strong knowledge of cloud platforms including AWS, Azure, and GCP, as well as hybrid / private data centres. Experience with CI / CD tools and technologies such as Kubernetes, Docker, GitOps, Prometheus, Grafana, ELK Stack, and Datadog. Experience leading multi-supplier teams, collaborating in a 'one-team' approach, and working within highly regulated environments such as telecoms or government. Excellent analytical, verbal, and written communication skills, with a solid grasp of software engineering More ❯

Role: IT SecOps Engineer Contract Type: Permanent Location: Banbury / Hybrid working, 3 days in office. This role can be based out of any office on the Chiltern network Salary: Up to £58,000 per annum Closing Date: Monday 24th November 2025 There is an expectations to travel to different Chiltern sites outside of your base location to support … risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report / escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive … protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as More ❯

Role: IT SecOps Engineer Contract Type: Permanent Location: Banbury / Hybrid working, 3 days in office. This role can be based out of any office on the Chiltern network Salary: Up to 58,000 per annum Closing Date: Monday 24th November 2025 There is an expectations to travel to different Chiltern sites outside of your base location to support … risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report / escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive … protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as More ❯

configurations, hardware and networking skills experience of IT management, developing IT strategies, and budget management experience of supervising / managing small teams cyber security experience including knowledge of ISO27001 / ISO277001 On offer Salary of up to £59,000 plus excellent company benefits, including hybrid and flexible working options Robert Half Ltd acts as an employment business for … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb / en / privacy-notice. More ❯

with operational security management and regulatory compliance oversight. The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI / DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security architecture and standards across multi … incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain ISO27001 certification and manage audit cycles Ensure PCI / DSS compliance for payment processing systems Manage GDPR compliance across all products and operations Complete HECVAT and security questionnaires for higher … primary security contact for customers and prospects Essential Requirements: Substantial information security experience in SaaS / cloud software environment (ISV or B2B software preferred) Proven track record managing ISO27001 certification and compliance Practical GDPR implementation experience in software products PCI / DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and / or More ❯

with operational security management and regulatory compliance oversight. The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI / DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security architecture and standards across multi … incident response and vulnerability remediation Oversee security monitoring, alerting, and detection capabilities Manage vulnerability assessment and penetration testing programs Maintain identity and access management controls Compliance & Assurance (30%) Maintain ISO27001 certification and manage audit cycles Ensure PCI / DSS compliance for payment processing systems Manage GDPR compliance across all products and operations Complete HECVAT and security questionnaires for higher … primary security contact for customers and prospects Essential Requirements: Substantial information security experience in SaaS / cloud software environment (ISV or B2B software preferred) Proven track record managing ISO27001 certification and compliance Practical GDPR implementation experience in software products PCI / DSS compliance experience with payment processing systems Strong understanding of cloud security (Azure and / or More ❯

and management response is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop … standards, controls and consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company … in relation to information and cyber security risks. Working towards or achieved professional certifications (ISO27001 lead, ISC2, CISM or CRISC) advantageous. Benefits Competitive salary Company bonus Pension scheme Life assurance Income protection 25 days holiday plus bank holidays Electric Car / Bike to Work schemes More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯