8 of 8 Permanent ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK

affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST … or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Please reach out to Lewis Dunn @ ARM if you are interested or simply have some questions - E: or DD: Disclaimer: This vacancy is being advertised by either Advanced Resource More ❯

design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security … Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product … or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on experience with security testing tools and techniques (SAST More ❯

on existing and emerging threats; and owns and develops the necessary IT security policies, standards, and procedures. Person Specification Qualifications Essential Formal certification (CISSP, CISM or CRISC) and / or formal training in information security standards and best practice (eg ISO 27001 / 2) Educated to Masters level or equivalent industry experience … strategically and develop long-term plans and strategies. Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.) Significant experience working on both strategic & operational matters and managing digital services, at a senior level Significant experience in delivering and … check for any previous criminal convictions. Employer details Employer name South Central Ambulance Service NHS Foundation Trust Address Bicester or Otterbourne Bicester OX26 6HR Employer's website https: / / scasjobs.co.uk / More ❯

Job Title: IT Security Manager Location: Hybrid in Buckinghamshire (2 days on-site) Job Type: Full-time, Permanent Salary: £60,000 - £67,000 + benefits Industry: Media / Broadcasting A leading Media / Broadcasting company based in Buckinghamshire are seeking an experienced IT Security Manager to join the Cyber Security team where you’ll mature the … Security solutions, including Defender, Sentinel, Entra ID, and Microsoft Purview. Deep knowledge and practical application of security frameworks and standards including CIS, ISO 27001 / 27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing … risk-based security metrics. Ability to bridge security and IT operations teams, with effective stakeholder communication and collaboration. Security certifications such as CISSP, CISM, Microsoft Security (SC-100 / SC-200 / SC-300), or equivalent are highly desirable. Apply directly to learn more about this exciting opportunity or connect with me on LinkedIn to stay More ❯

SLA’s and KPI’s for our customers leveraging vulnerability and assessment tools such as Qualys and Microsoft’s EDR offering. Analyse vulnerability test reports and provide remediation / mitigation plans to the team. Integrate with our vendors and security providers to identify the most up-to-date information on the latest vulnerabilities and deliver key awareness and … s Operation team to plan and implement internal security adoption across all our platforms including our hosted cloud platform, aligning to CE+, ISO 27001 / 27002 and ITIL. With the Technical Services Manager, identify and implement the best practice security posture for LIMA’s Managed Services Engineers when working with customers and … with technical accreditations or demonstrable experience in security and vulnerability remediation technologies: Security Tooling: OWASP ZAP, Nmap, Wireshark Assessment Tooling: Nessus, Qualys, etc Remediation Tooling: Microsoft Endpoint Management / Intune Microsoft Security / Compliance: MFA,?Conditional Access, SSPR, DLP, IPM, IRM, DKIM, MCAS Application packaging for automated deployment Intermediate scripting experience utilising PowerShell or Python You More ❯

outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels when necessary. When required, work … with the Director of Cyber Advisory and Head Consultant to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills / Must have: 5 years in a client-facing information / cyber security / GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience … in auditing and implementing security standards such as ISO 27001 / 2, NIST CSF, and others. Exceptional verbal, written communication, and presentation skills. Ability to articulate technical requirements to non-technical audiences. Proven self-management skills and ability to work on multiple assignments concurrently. Ability to travel to meet business needs. Benefits: Opportunity to More ❯

Active Directory, and Azure AD Ability to understand and articulate interoperability between technologies and design pragmatic security solutions for the bank Effective collaboration with internal and external SMEs / partner organizations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills Recognized leading security qualification or More ❯

metrics across IS teams, prepare regulatory submissions, and track compliance. ISMS Support: Maintain the Information Security Management System (ISMS) in line with ISO 27001 / 27002. Manage governance forums, minutes, and documentation. Policies & Standards: Develop GRC policies, standards, and procedures. Track exceptions, monitor risk, and report on performance and compliance. Controls Framework: Strengthen the … identifying threats and making smart, independent decisions. A working knowledge of ISO 27001 and aligning businesses to compliance frameworks. Confidence presenting to senior internal / external stakeholders. Excellent communication skills and a collaborative mindset. Culture fit really matters here. What’s In It For You? Freedom to shape the role. Real autonomy to define … the GRC roadmap alongside the manager. Ongoing investment in you. The team is already completing certs like CISM, CRISC, OT & Cloud, ISO Lead Implementer, and more. Award-winning employer. Recognised for diversity, digital transformation, and consistently ranked among the UK’s top employers. Real cyber focus. Not just ticking compliance boxes. Cyber is a business priority. More ❯