1 to 25 of 511 Permanent ISO/IEC 27001 Jobs in the UK excluding London

GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO Information Security Analyst Liverpool City Centre … keen eye for detail. A proactive mindset and willingness to learn and grow in the role. Benefits: 25 days holiday + BH Enhanced maternity / paternity packages Employee wellbeing support including counselling sessions and CBT programmes Company pension and life assurance Recognition and reward platform, regular socials, and long … service awards Important Notes: Sponsorship isn’t available GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO More ❯

GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO Senior Information Security Analyst (FTC … company offers a supportive, inclusive environment where personal development and employee wellbeing are a top priority. Benefits include: 25 days holiday +BH Generous paternity / maternity leave policies Life assurance and pension scheme Flexible benefits pot and early access to earned pay Regular company-wide recognition programmes and team … events Important to Know: Sponsorship is not available at this time. GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec More ❯

the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. More ❯

the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. More ❯

compliance effectiveness, you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: - ISO / IEC 27001:2022 - NIST Cybersecurity Framework - PCI-DSS 4.0.1 - UK GDPR, NIS2 Directive, CAP1753, and related sector obligations . This … their ongoing security posture meets Virgin Atlantic requirements Conduct internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements Support internal / external audits, evidence readiness, and corrective action tracking Maintain the policy and control framework, identifying non-compliance and advising on remediation or risk acceptance … and reliable protective security measures to effectively limit opportunities for attackers to compromise networks and systems is incorporated in project design. About you CRISC / CISA / CISM certification through ISACA or an equivalent professional body. ISO 27001 Lead Implementer / Auditor certification More ❯

compliance effectiveness, you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: ISO / IEC 27001:2022 NIST Cybersecurity Framework PCI-DSS 4.0.1 UK GDPR, NIS2 Directive, CAP1753, and related sector obligations This makes … their ongoing security posture meets Virgin Atlantic requirements. Conducts internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements. Supports internal / external audits, evidence readiness, and corrective action tracking. Maintains the policy and control framework, identifying non-compliance and advising on remediation or risk acceptance. … and reliable protective security measures are incorporated in project design to effectively limit opportunities for attackers to compromise networks and systems. About you CRISC / CISA / CISM certification through ISACA or an equivalent professional body. ISO 27001 Lead Implementer / Auditor certification. More ❯

Managing Consultant - IAM / PAM Managing Consultant - IAM / PAM Location: Global role - UK based - Manchester, London Or Cheltenham Role Purpose: NCC Group are investing in expanding our digital identity service line, to grow and expand capabilities, offerings and propositions. This new global practice will focus on three … Management (AM) and Customer Identity (CIAM). The opportunity is for an IAM technical consultant with hands-on technical experience, performing as an engineer / developer to support large-scale IAM deployments, supporting the implementation of identity lifecycle management, access governance and / or privileged access. The role … the service line leader. Summary: This is a fantastic new opportunity to join our Global IAM team. The ideal candidate will have previous IAM / PAM engineering and development experience and exposure gained from delivering complex IAM engagements, ideally across a broad client base. In addition to your technical More ❯

and business leadership to ensure seamless program execution and operational buy-in. Lead program governance and execution frameworks, including risk assessment, remediation planning, KPI / OKR reporting, and change control processes. Ensure cybersecurity controls and program components align with leading industry frameworks (e.g., ISO / IEC … regulatory compliance Fluency in German and English (written and spoken) is required Deep knowledge of security frameworks and methodologies (e.g., NIST, ISO / IEC 27001, CIS Controls, BSI, MITRE ATT&CK) Demonstrated ability to lead cross-functional teams and manage large-scale cybersecurity … initiatives Relevant certifications such as PMP, CISM, CISSP, ISO 27001 Lead Implementer / Auditor are highly desirable Bachelor's or Master’s degree in Cybersecurity, Information Systems, Engineering, or related field Understanding of cloud platforms (e.g., AWS, Azure, GCP) and modern enterprise IT environments is More ❯

all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness … standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking … sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling More ❯

Cyber Security Architect SC or DV Cleared (DV Eligible) £65,000 – £95,000 DOE + Excellent Benefits London (Hybrid) Secure Government Projects DevSecOps / SIEM / ISO 27001 / Azure / CISSP Permanent Apply by emailing luke.parry@searchability.com Are you a Cyber … implementing secure architectures across complex environments Leading technical teams and advising on security controls and risk management Shaping cloud and DevSecOps security strategies (AWS / Azure / GCP) Supporting accreditation and compliance with security frameworks (ISO 27001, NIST, JSP 440, Secure by Design) What … role: Strong experience in a Security Architecture role Knowledge of frameworks such as ISO 27001, NIST, CIS Familiarity with TOGAF / SABSA methodology Understanding of SIEM, firewalls, IDS / IPS, vulnerability management Cloud security expertise – AWS, Azure, or Google Cloud DevSecOps knowledge, CI / More ❯

years+ experience leading Cyber Security Defense and Operations teams. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Hold an industry recognised information security qualification such as GIAC / GCIA / GCIH, CISSP or CompTIA Advanced Security Practitioner … CASP+) and / or SIEM-specific training and certification. An understanding and knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Practical experience of incident response More ❯

engineering and development team to ensure in-house technologies comply with relevant security standards, regulations, and industry certifications, such as OWASP, CIS, PCI-DSS, ISO27001 to ensure security is prioritised throughout the development lifecycle Maintains current understanding of policy, regulations, and compliance standards that affect assigned areas of responsibility and … practices 3+ years of information security experience in cloud environments. In depth experience secure coding practices, threat modeling, secure architecture design, and secure SDLC / CICD pipelines In-depth technical experience with identifying and advising on the remediation of application security vulnerabilities on application platforms, including cloud and web … and information security executives and in influencing stakeholders to achieve strategic objectives Experience in working with industry frameworks and standards such as OWASP, PCIDSS, ISO27001 / 27002, CIS and NIST Information Security (CISSP, CISA, Security +) and cloud certification (preferably GCP / AWS) What’s In It For More ❯

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing … ISO 27005, EBIOS RM). Even better if you’re certified! You're curious and have already read cybersecurity frameworks and methodologies (ISO27001 / 2, IEC 62443, ANSSI, NIS, NIST…) Soft Skills Required: Mindset is key: you’re motivated, dynamic, and autonomous You enjoy teamwork … English (you can understand conversations, lead meetings, and write reports…) Other Requirements: Master’s degree or equivalent Certifications such as IEC 62443, ISO27001 / 2 / 5, EBIOS EM, ISC2 are a plus! Driver's license (B), useful for some travel Integrity360 Employee Benefits (UK) At More ❯

and Experience Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan ). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good … salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05 139). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good … salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss More ❯

may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss More ❯

Head of Information Security required for online retail business. The role will initially be focused on ISO27001 & ISO9001 recertifications. Responsibilities Lead on information security strategy and implementation of security roadmap Develop security KPIs and track their progress Advise senior management on risk levels and any changes impacting security posture, including … Conduct risk assessments, maintain risk registers, and design risk treatment plans. Support oversight of vulnerability tooling & processes, assess risk and prioritise remediation. Lead internal / external audits (ISO 27001 and ISO 9001) and ensure compliance with regulations (GDPR). Support wider IT project … defined gates, provision of guidance and assessment of controls. As an ideal candidate, you will have a proven track record of bringing organisations through ISO27001 & ISO 9001 accreditations. ISO27001 lead implementer or auditor qualifications are essential. More ❯

Information Security Engineer Hybrid: Remote / Bristol Reporting to: Joe Mathews - VP of Technology Salary: £45,000 - £50,000 About Us Duel is a SaaS company on a mission to make Brand Advocacy the industry standard playbook for building brilliant retail brands. It was founded by world record breaking … a timely manner. Learn and implement security monitoring and automation solutions to detect and respond to threats. Help manage security tooling, including SIEM, IDS / IPS, and vulnerability scanning solutions. Work closely with engineers to support secure coding practices and help embed security considerations early in the development process. … as Secureframe, Drata, or Vanta. Experience working with pen testing and bug bounties a plus. Basic understanding of security tools such as SIEM, IDS / IPS, and vulnerability management solutions. Experience or knowledge of cloud security (AWS, GCP, or Azure). Awareness of security best practices in application and More ❯

posture. You’ll work with industry-leading frameworks like Cyber Essentials (CE), Cyber Essentials Plus (CE+), NIST 2, ISO 27001 / 223001, DORA , and more. This is the perfect opportunity if you’re looking for more autonomy, rapid career growth, and a dynamic environment —far … and principal consultants as needed. Lead and contribute to diverse security projects, including third-party risk management, mergers and acquisitions, security policy development, ISO 27001 implementation, audits and compliance (NIS 2, DORA), risk assessments, remediation programs, and more. Lead, manage, and deliver full cyber security engagements … Bring as a Senior Cyber Security Consultant: 2+ years of information security consulting Experience of Governance, Risk, and Compliance (GRC) frameworks such as ISO 27001, ISO 223001, NIST, DORA and other regulatory standards. Experience conducting Cyber Essentials and Cyber Essentials Plus assessments and guiding More ❯

UK. The Information Security Manager Role: As Information Security Manager, you’ll be the go-to expert for all things security, steering our ISO 27001 compliance and leading security strategy across the business. From protecting internal operations to aligning with defence frameworks, your work will directly … the cutting edge of cybersecurity excellence. Key Responsibilities of the Information Security Manager: Maintain and enhance ISO 27001, Cyber Essentials / Cyber Essentials+, and DCPP compliance Lead policy development and risk mitigation across the business Advise on Secure by Design (SbD) assurance and government protective … Own security controls for our North Bristol site Support the creation of project-specific security documentation and assurance strategies Skills & Experience: Experience leading ISO 27001 and cybersecurity governance Strong knowledge of NIST CSF, ISO 27005, and DCPP frameworks Confident communicator with a security-first More ❯

UK. The Information Security Manager Role: As Information Security Manager, you'll be the go-to expert for all things security, steering our ISO 27001 compliance and leading security strategy across the business. From protecting internal operations to aligning with defence frameworks, your work will directly … the cutting edge of cybersecurity excellence. Key Responsibilities of the Information Security Manager: Maintain and enhance ISO 27001, Cyber Essentials / Cyber Essentials+, and DCPP compliance Lead policy development and risk mitigation across the business Advise on Secure by Design (SbD) assurance and government protective … Own security controls for our North Bristol site Support the creation of project-specific security documentation and assurance strategies Skills & Experience: Experience leading ISO 27001 and cybersecurity governance Strong knowledge of NIST CSF, ISO 27005, and DCPP frameworks Confident communicator with a security-first More ❯

About the Role This is a key role in the design and development of a Secure Data Environment which will be certified to ISO 27001 standards. You will be joining our current High Performance Computing team, who have years of experience delivering research computing, and working … Research Environments IT infrastructure and automation tooling required to deliver the Secure Data Environment and its compliance with the appropriate accreditations (e.g., Cyber Essentials / Plus, ISO / IEC 27001). - Work with a combination of virtualised and bare metal infrastructure to More ❯