11 of 11 Permanent ISO 31000 Jobs in the UK

risk management structures, policies, and practices within Technology and Network functions. Design a fit-for-purpose Technology Risk Management Framework that aligns with business needs and industry standards (e.g. ISO 27001, NIST, COBIT). Develop practical tools such as risk registers, heatmaps, control libraries, and risk assessment templates. Stakeholder Engagement & Knowledge Transfer: Work closely with internal stakeholders to understand … regulated sectors, ideally telecoms. Familiarity with regulatory and compliance requirements relevant to telecom (e.g., GDPR, NIS2, national telecom regulations). Experience working with risk and control frameworks such as ISO 31000, ISO 27001, NIST CSF, COBIT, or COSO. Ability to communicate clearly and influence senior stakeholders. Self-starter, capable of driving outcomes independently in a short time More ❯

to work effectively with cross-functional teams and influence strategic decisions. Qualifications Advanced qualifications or certifications Risk Management, or a related field. Advanced qualifications or certifications (e.g., CRISC, CISA, ISO 31000) are highly desirable. Extensive experience in risk management roles within IT, preferably in environments that deal with sensitive or high-security information. Familiarity with industry standards and More ❯

start to finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or SABSA. Why QBE? At My Best At QBE, we want our people to feel rewarded and inspired to perform More ❯

consulting, audit, or industry/operations) Experience in planning and operating security risk/issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, etc.) required Experience in service build-up is a plus Security Governance/Risk Management certification More ❯

consulting, audit or industry/operations Experience in planning and operating security risk/issue management-related processes and services. Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT More ❯

and executing a comprehensive control testing framework to evaluate operational, financial, and IT controls across the organization, ensuring compliance with regulatory standards such as FCA, PSD2, GDPR, COSO, and ISO 31000. Key Responsibilities Develop and update control testing policies, procedures, and documentation. Maintain a control library mapping controls to risks and objectives. Plan, execute, and document control testing activities More ❯

Experience delivering large engineering programmes & technology transformation activities. Proven ability to provide risk assurance across projects, change initiatives, and key technology controls. Familiarity with frameworks such as COBIT, ITIL, ISO31000, and COSO. Skilled in developing and delivering risk frameworks, dashboards, and training programmes. Confident engaging with senior stakeholders, including COO teams and divisional leaders. What you need to do now More ❯

transformative technology initiatives at an enterprise level Deep expertise in establishing and overseeing enterprise risk frameworks, policies, and governance structures Mastery of industry standards such as C OBIT, ITIL, ISO31000, and COSO, with a strategic mindset to embed these frameworks across the organisation Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the More ❯

design principles (e.g., threat modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools More ❯

including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯

including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST More ❯