1 to 25 of 993 Permanent ISO/IEC 27001 Jobs in the UK

Slack, Lastpass). Lead IT support for 100 employees across two remote locations. We are mostly Mac users with a handful of Windows machines. Ensure a smooth onboarding / offboarding process and resolving technical issues efficiently. Implement and maintain identity and access management (IAM) systems, including SSO and MFA. Evaluate and recommend new technology solutions to support company growth … Microsoft 365, and endpoint management tools (e.g., Jumpcloud). Strong understanding of network infrastructure, including firewalls, VPNs, and cloud-based networking solutions. Experience with IAM systems (e.g., Azure AD / Microsoft Entra) and security tools (e.g., endpoint protection, DLP, SIEM). Hands-on expertise with troubleshooting hardware, software, and SaaS issues. Security Knowledge: Familiarity with security frameworks and standards … such as SOC 2, ISO 27001, GDPR, or NIST. Experience with incident response and risk management. Knowledge of Zero Trust architectures and security-first IT practices. Soft Skills: Excellent problem-solving and communication skills. Ability to collaborate effectively with external partners, such as an MSP. Strong organisational and project management skills. A proactive, growth-oriented mindset More ❯

So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also … enhance IT controls, compliance with standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials … disability, veteran status, gender identity, sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling) that are currently employed by More ❯

strong understanding of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP) in an MSP or similar environment, along with hands-on experience with Splunk / MS Sentinel / QRadar and KQL? Here at ARM we are recruiting for a full time permanent Cyber Security Engineer for a global IT services and consultancy client … will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Responsibilities: Design, implement, and manage advanced security solutions, including firewalls, SIEM, IDS / IPS, endpoint protection, and cloud security. Lead technical presentations, demonstrations, workshops and architecture design sessions, explain, demonstrate, and architect the solution to help solve client security challenges and priorities. … and maintain security policies, procedures, and incident response plans on managed devices. Conduct security awareness training and advise clients on best practices. Assist in security audits, compliance initiatives (ISO 27001, NIST, GDPR, etc.), and regulatory assessments. Be a technical specialist who is responsible for engaging and scaling with other teams within and outside the organisation throughout More ❯

or IT Operations and experience of maintaining an Information Security Management System. Reporting to the Head of Information Security, you will be supporting the business ensure continued certification of ISO27001 and SOC2. What we're looking for / Skills that will help you in the role Maintain ISO27001 / SOC2 certifications Responsibility for the smooth running of the … responding to regulatory compliance and auditors' queries Have conducted Information Security risk assessments and managed mitigation strategies Understanding SWIFT CSP, and operational resilience frameworks Knowledge of implementing and managing ISO27001:2022 Information Security Management Systems Familiar with: SOC2 Type II, NIST CSF, PCI DSS and NCSC guidance Familiarity with Data Protection and Financial regulations i.e. GDPR, FCA regulations, PRA guidelines … suitable alternate experience Must have obtained a known security qualification; acceptable certifications from ISC2, ISACA, GIAC or EC-Council. e.g. CISSP, CISM, CRISC or CISA preferable Must have either ISO27001 Certified ISMS Lead Implementer or Lead Auditor Languages English Personal Attributes A passion for cyber security and a keen interest in IT Highly motivated, responsible, reliable and organised individual able More ❯

infrastructure against emerging threats. Key Responsibilities: Monitor, detect, and respond to security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection / prevention systems (IDS / IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture … document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security … CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech sector. Knowledge of DevSecOps practices and secure CI / CD pipelines. Exposure to security automation and scripting (Python, PowerShell, etc.). In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. More ❯

infrastructure against emerging threats. Key Responsibilities: Monitor, detect, and respond to security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection / prevention systems (IDS / IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture … document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security … CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech sector. Knowledge of DevSecOps practices and secure CI / CD pipelines. Exposure to security automation and scripting (Python, PowerShell, etc.). In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. More ❯

vulnerabilities, and create threat models for new and existing systems to prioritize security controls. Compliance and Governance: Ensure solutions comply with regulatory and organizational security standards (e.g., NIST, ISO 27001, GDPR). Solution Design: Lead the design and architecture of security solutions, including identity and access management, data protection, network security, and application security. Technical Leadership … and Qualifications: Security Clearance: Active SC Security Clearance (required) Experience: 5+ years in cyber security, with a strong focus on architecture and design Technical Knowledge: Expertise in firewalls, IDS / IPS, SIEMs, endpoint protection, and encryption technologies Cloud Security: Proficient in securing cloud platforms (e.g., AWS, Azure, Google Cloud) Standards and Frameworks: Familiarity with NIST, CIS, ISO 27001, and other security standards Certifications (preferred): CISSP, CISM, CISA, SABSA, TOGAF Soft Skills: Strong analytical, communication, and problem-solving skills Desirable Skills: Experience in Agile / Scrum methodologies Familiarity with DevSecOps practices and tools (e.g., CI / CD, IaC) Knowledge of regulatory requirements (e.g., GDPR, HIPAA) Diversity & Inclusion: Here at Amber Labs, we are More ❯

Senior Cybersecurity Officer - Assurance - Information Security - Banking Excellent opportunity opens for an Cybersecurity Officer / Information Security Officer / Information Security Assurance Officer with Financial Services experience to join a London based bank's team, helping to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Key Responsibilities … resolution of risks and issues identified during audits or external assessments. Develop, review, and maintain information security governance documents, including policies, standards, frameworks, and procedures. Create and deliver Information / Cyber Security Awareness training, educating staff on best practices. Maintain comprehensive records and documentation of ISO activities. Provide regular updates and reports to the Information Security Management … time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence More ❯

Senior Cybersecurity Officer - Assurance - Information Security - Banking Excellent opportunity opens for an Cybersecurity Officer / Information Security Officer / Information Security Assurance Officer with Financial Services experience to join a London based bank's team, helping to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Key Responsibilities … resolution of risks and issues identified during audits or external assessments. Develop, review, and maintain information security governance documents, including policies, standards, frameworks, and procedures. Create and deliver Information / Cyber Security Awareness training, educating staff on best practices. Maintain comprehensive records and documentation of ISO activities. Provide regular updates and reports to the Information Security Management … time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence More ❯

Senior Cybersecurity Officer - Assurance - Information Security - Banking Excellent opportunity opens for an Cybersecurity Officer / Information Security Officer / Information Security Assurance Officer with Financial Services experience to join a London based bank's team, helping to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Key Responsibilities … resolution of risks and issues identified during audits or external assessments. Develop, review, and maintain information security governance documents, including policies, standards, frameworks, and procedures. Create and deliver Information / Cyber Security Awareness training, educating staff on best practices. Maintain comprehensive records and documentation of ISO activities. Provide regular updates and reports to the Information Security Management … time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence More ❯

and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … to simplify and automate complex processes and deliver highly secure, frictionless experiences across the customer lifecycle. To learn more, visit The responsibilities of the role include: Advocating for infrastructure / application Security and providing support for security projects. Competence in reviewing new technologies, methodologies and integration opportunities. Support in enhancing security detection and incident response efforts / playbooks. More ❯

The Information Security Director develops, shapes, and maintains Sycurio's information security capability, driving the attainment and maintenance of the ISO27001, PCI-DSS, and SOC2 compliance. They are the subject matter expert on all things regarding security and compliance, owning the information risk management processes. They are the thought leader on all matters within the security and compliance domain such … the information security strategy to relevant parties and providing assurance of policies, procedures, and systems. Develop, maintain, and expand the information security management system ('ISMS') to optimise compliance for ISO27001, PCI-DSS, and SOC2. Identify gaps in the information security capability, both technical and operational, and propose remediation and mitigation plans and solutions. Responsible for the Company's information security … degree in Computer Science, Cybersecurity, or related field (Master's preferred). Industry certifications such as CISSP, CISM, CISA, or equivalent. Experience: 10+ years of information security experience. Financial / Fintech services / payments desirable. Deep knowledge of security frameworks (PCI, ISO 27001, NIST) and regulations (GDPR, CCPA). Experience with PCI DSS compliance More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

Engineer , you will play a pivotal role in safeguarding our systems, networks, and data while ensuring compliance with industry-leading security certifications such as SOC 2, HIPAA, and ISO 27001. Your expertise will directly contribute to maintaining trust with our customers and securing their critical information assets. This role sits within the Platform Engineering Team and requires a … role, demonstrating strong knowledge of the threat landscape relevant to SaaS products, preferably in a data-heavy environment. Hands-on experience with security technologies such as firewalls, intrusion detection / prevention systems, SIEM, antivirus, encryption, and vulnerability assessment tools. You own relevant certifications (Security+, IAT II / III level or similar). You excel in risk assessments, vulnerability … security incidents. You have strong expertise in AWS and GCP, with experience in multi-region and hybrid cloud architectures; Azure is a plus. Excellent understanding of networking protocols, TCP / IP, and network security concepts. Strong programming / scripting skills (e.g., Python, Elixir) for automation and security tool integration. Strong analytical skills and the ability to use data More ❯

cyber threats, with a particular focus on Datacentre, 3GPP mobile network CORE and RAN environments. Key Responsibilities: Networking, Segmentation, Optimization and Maintenance Design, configure and implement highly scalable L2 / L3 networks using varieties of protocols and vendor equipment. Monitor network traffic and analyse security incidents to detect and respond to threats within mobile network environments. Diagnose and troubleshoot … to ensure timely restoration of critical network services. Design and implement network security solutions such as Policies, IPS, SSLVPN, IPSec VPN and security profiles using Next-Gen Firewalls (FortiGate / Palo-Alto). Develop and apply network segmentation strategies to strengthen security and safeguard sensitive information within the core network. Work closely with other teams to establish and enforce … with IT and engineering teams to integrate security measures into network architecture, including mobile network elements. Respond to security breaches and provide incident response and disaster recovery support. Qualifications / Skills: Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience). Master's degree in Cybersecurity or Networking is desirable. Proven experience More ❯

Here at Action For Humanity (AFH), we are looking for Senior Architect / Architect - Information Security to join us at our International Office in Manchester. You will join us on a full-time basis and in return you will receive a competitive annual salary. AFH is an INGO that provides aid and assistance to people affected by natural and … to mobilise and respond to emergencies and critical needs through humanitarian, development and peace-building action, helping affected communities survive, recover and build a better future. The Senior Architect / Architect - Information Security will lead the design and implementation of security frameworks within a Microsoft-centric environment. The ideal candidate will have extensive hands-on experience in Microsoft … vendor security risks and ensure compliance with security policies. Support secure DevOps (DevSecOps) methodologies in IT and software development environments. What we are looking for in our Senior Architect / Architect - Information Security: Education Microsoft Certifications: Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900), Microsoft Certified: Azure Security Engineer Associate. Other security / More ❯

and a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote. Close Date: 25 / 03 / 2025 We also provide the following additional benefits: Reservist Leave - Additional 18 days full pay and 22 unpaid. Personal Pension Plan - Personal contribution rates of … performance metrics and management reporting. Information Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO 27001 / 27002 including the governance forum agenda and minutes. Policies and Standards: Establish GRC policies, standards and procedures to monitor UKPN information security controls, exceptions, risks, and testing including management … relevant laws, regulations, and industry standards. We are looking for a detailed knowledge and practical expertise in at least 3 of the following specialist areas: Specific Industry Standards. IS / IT Operational Controls and Governance. Business Continuity Planning and Disaster Recovery. Supply Chain and 3rd Party Risk Management. Problem Solving: The role must have strong analytical and problem-solving More ❯

This job is brought to you by Jobs / Redefined, the UK's leading over-50s age inclusive jobs board. Sonata One is a rapidly scaling, regulated fund services and technology (fintech) business. We're The Private Funds Clearinghouse, connecting more than 53,000 investors with 6,500 funds and 180 fund managers around the globe. Our vision is … from a seamless, one & done experience across the fund lifecycle (from fund selection and subscription through to settlement and reporting) underpinned by a globally compliant KYC passport and 24 / 7 support. Fund managers can raise capital faster at a lower cost from a wider pool of pre-approved investors. Founded in 2015, Sonata One has a presence in … endpoint protection, DLP, etc.). Oversee the organization's incident response and business continuity plans, including simulations and real-time responses. Conduct regular security audits and work with internal / external auditors to support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements More ❯

time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response … capable of working effectively with diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / Relationship Management. You have excellent … or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for data protection compliance) Experience Requirements: 3-5+ years of … experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and regulators. Ability More ❯

help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and … roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS / NIS2, DORA, UK CNI / OT / IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance More ❯

ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection / prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among … bank London employees; conduct annual training / workshops to educate staff on security best practices aligned with GT. Other Duties Maintain professional and technical knowledge (Conduct Rule 2) e.g. by attending educational workshops; read professional publications; benchmarking state-of-the-art practices etc where relevant. Collaborate with stakeholders to handle backlogs and new requirements - Resolve conflicts and remove blockers … on IT related matters. Ensure work deliverables are in compliance with policies and regulatory requirements . Maintains quality service by establishing and enforcing organization standards. To act as second / third level support with GT for support related issues. To comply with all applicable FCA / PRA conduct rules. Compliance with all mandatory training as set by the More ❯

a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection / prevention systems (IDS / IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security … certifications, such as Security+, IAT II / III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP / … social office in Shoreditch Deliveroo for working late in the office Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf More ❯