4 of 4 Permanent ISO/IEC 27005 Jobs in the UK

ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO / IEC 27001, NIST 800-30 / 53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. Collaborate with … multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-, and ISN 23 / 09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to both technical and senior stakeholders. … roles within the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001 / 2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to change based on the specific requirements of the role. Quick call More ❯

integrated, actionable risk dashboards and reporting using Power BI, custom APIs, and data engineering best practices. Partner with engineering, DevOps, and SRE teams to embed risk controls into CI / CD pipelines, deliver technical training, and drive adoption of secure-by-design principles. Build and mentor a community of risk-aware technologists, championing best practices in secure architecture, cloud … ll need to email us at confirming your wish to opt-in, alongside your contact details and the title of the role you wish to apply for.# Full Time / Part Time Full time# Worker Type Employee# Job Exempt (Yes / No) Yes# Workplace Model Pursuant to Invesco's Workplace Policy, employees are expected to comply with the … do use agencies, we have a PSL in place, so please do not contact hiring managers directly. Regulatory: This position may fall in-scope of one or multiple regimes / directives. More ❯

and security assurance function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk … risk treatment activity. Facilitate security and risk workshops with the various Authority departments, to align with wider customer transformational Security and risk management outcomes. Provide accurate and pragmatic remediation / risk management guidance / advice in balance with Business objectives and risk appetites. Have an understanding of risk assessment in an agile delivery environment. Exceptional team working ethic … sector. Have a good understanding of modern IT technologies and services, such as Cloud Computing, AI (ISO42001 desirable), Mobile Computing, IT Security, Infrastructure technologies, Zero Trust, Data at Rest / In Transit Cryptography, Cross Domain Solutions and demonstrate an understanding of security architecture both physical and cloud (be able to read and understand HLDs / LLDs). As More ❯