1 to 25 of 468 Permanent ISO/IEC 27001 Jobs in the UK excluding London

Objectives & Outcomes Define and socialise target state architectures across Azure / AWS / GCP (networking, identity, landing zones, operations). Deliver reference architectures and reusable patterns for containerised, serverless, and data workloads. Establish / extend Cloud Landing Zones (policy, guardrails, RBAC, tagging, network segmentation). Lead migration and modernisation (re‐host / re‐platform / re‐factor) for priority applications. Implement IaC at scale (Terraform preferred; standard modules; pipelines). Build observability (logs, metrics, traces, SLOs) and resilience (HA, DR, RTO / RPO). Drive FinOps—cost transparency, budgets, showback / chargeback, right‐sizing. Embed security‐by‐design and compliance (CIS, NIST, ISO 27001, FCA / NHS … / PCI as applicable). Key Responsibilities Architecture & Design Produce HLDs / LLDs, diagrams, ADRs, non‐functional requirements, and traceability to business goals. Select and justify cloud services (compute, storage, data, AI / ML, integration). Define multi‐cloud connectivity (hub‐and‐spoke, transit gateways, ExpressRoute / Direct Connect / Cloud Interconnect, SD‐WAN). More ❯

Objectives & Outcomes Define and socialise target state architectures across Azure / AWS / GCP (networking, identity, landing zones, operations). Deliver reference architectures and reusable patterns for containerised, serverless, and data workloads. Establish / extend Cloud Landing Zones (policy, guardrails, RBAC, tagging, network segmentation). Lead migration and modernisation (re‐host / re‐platform / re‐factor) for priority applications. Implement IaC at scale (Terraform preferred; standard modules; pipelines). Build observability (logs, metrics, traces, SLOs) and resilience (HA, DR, RTO / RPO). Drive FinOps—cost transparency, budgets, showback / chargeback, right‐sizing. Embed security‐by‐design and compliance (CIS, NIST, ISO 27001, FCA / NHS … / PCI as applicable). Key Responsibilities Architecture & Design Produce HLDs / LLDs, diagrams, ADRs, non‐functional requirements, and traceability to business goals. Select and justify cloud services (compute, storage, data, AI / ML, integration). Define multi‐cloud connectivity (hub‐and‐spoke, transit gateways, ExpressRoute / Direct Connect / Cloud Interconnect, SD‐WAN). More ❯

We're looking for a Cyber Security Analyst who is passionate about closing security gaps and ensuring robust compliance. This is a permanent role where your expertise in ISO 27001 implementation AND ongoing maintenance will be the cornerstone of our security strategy. Why This Role Matters Gap Analysis at the Core: You'll lead regular risk … assessments and gap analyses to identify vulnerabilities and strengthen our security posture. ISO 27001 Expertise: Beyond implementation, you'll ensure continuous compliance and drive improvements to maintain certification year after year. Strategic Impact: Your work will influence audits, security operations, and business continuity planning across the organisation. What You'll Do Own the ISO … Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record in implementing AND maintaining ISO / IEC 27001 certification . Analytical Strength: Skilled in gap analysis, risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer / More ❯

technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec / Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems. They're a great firm we've seen … more), so take a look and apply if this looks like a great next step for your career: Key Responsibilities: Develop, execute, and maintain the overarching information security strategy / policies / relevant frameworks in adherence to ISO standards and other key regulations Oversee the firm's ISO 27001 accreditation and oversee … regular risk assessments; taking ownership of the register and plans Draft and implement InfoSec metrics / key performance indicators / reporting (up to board level) to demonstrate security / control / initiative effectiveness Audit and improve the firm's security operations across the spectrum, including incident response and escalation / best coding and config practice More ❯

technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec / Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems. They're a great firm we've seen … more), so take a look and apply if this looks like a great next step for your career: Key Responsibilities: Develop, execute, and maintain the overarching information security strategy / policies / relevant frameworks in adherence to ISO standards and other key regulations Oversee the firm's ISO 27001 accreditation and oversee … regular risk assessments; taking ownership of the register and plans Draft and implement InfoSec metrics / key performance indicators / reporting (up to board level) to demonstrate security / control / initiative effectiveness Audit and improve the firm's security operations across the spectrum, including incident response and escalation / best coding and config practice More ❯

ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO / IEC 27001, NIST 800-30 / 53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. … Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-, and ISN 23 / 09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to both technical and … the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001 / 2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who can balance More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

Remote (working on UK time) Join Tempo Audits to shape the future of information security and AI auditing Got a passion for IT / information security and AI? Develop your skills and be trained up to become an information security and AI auditor at a fast-growing startup audit-body that is challenging the traditional players in the market. … with a belief that work should be enjoyable. We are UK-based, but willing to work with the right candidate in any location that can reasonably work on UK / EU timezone. You should apply if: You have a passion for technology, and specifically information security and AI (Nb you do not need to be a qualified information security … auditor already, provided you have IT and / or AI experience as set-out below) You're excited about working directly with the leadership team, and thrive on taking responsibility and growing You want to be part of a growth journey at a company You have excellent written and spoken English skills You have excellent communication and interpersonal skills More ❯

Cyber Security Risk Manager Cyber Security Risk Manager - Cyber Security Risk Assessments, Audits, GRC, Information Security Management, CRISK, CISM, CompTIA Security+, NIS, NIST, ISO 27001 - Hybrid (Manchester) - to £61,500 + excellent bonus + bens This is an outstanding opportunity to become my clients primary Cyber Security Risk Advisor working within a high-profile and growing … business - Play a key role in the ongoing management of Cyber Security Risk boards and Risk Management platforms - Carrying out detailed assessments of the current threat landscape including risks / threats and supporting Cyber Security audits - Creating and presenting detailed Cyber Security reporting including the management of escalations - Contribute to Cyber Security testing, training and company-wide communication - Use … stakeholder management skills including the ability to write and present detailed reports - Certification in Information Security Management would be ideal (CRISK, CISM, COMPTIA Security+) - Cyber Security audit experience (NIS / NIST / ISO 27001) would be preferred, along with knowledge of vulnerability management platforms The role also involves consulting on ratings for IT / More ❯

organisations build trust, security, and resilience across their digital operations. Their specialist services span AI Governance as a Service (AIGaaS) , Virtual Data Protection Officer (vDPO) support, ISO / TISAX compliance , and digital resilience strategy . To support their next phase of growth, they're seeking a commercially driven Business Development professional to accelerate expansion across the SME … makers. Highly self-motivated with a proactive, start-up mindset. Excellent communication, negotiation, and commercial acumen. Organised approach to pipeline management and CRM usage. Familiarity with AI governance, GDPR / data protection, and cyber risk frameworks . Understanding of ISO / TISAX / ISO 27001 or other compliance standards desirable. More ❯

IT Security and Governance Manager, ISO27001, c £ 50000 - 60000+ benefits, nr Cheltenham, Gloucestershire. 3 days in the office, 2 days WFH Growing company are looking for an IT Security and Governance Manager who will co-ordinate all the governance and compliance including Certifications such ISO 27001, Cyber Essentials and NIST. You will support the ongoing production … and publication of Policies, Awareness and Risk across the business. These controls are provided in the Information Security Management system. Main responsibilities include - Manage the compliance Portal / Information Security Management System. Manage supplier engagements based on IT Security Certifications and to drive improvements where required. Manage the relevant Certifications. Primarily ISO 27001, Cyber Essentials … is a great chance to join a global company that is going through an exciting period of growth and expansion. If you have the required skills and experience around ISO27001 please send your CV for a full brief. This role is based in the Cheltenham / Gloucester area and requires 3 days a week in the office. Salary is More ❯

for an Information Security Manager to lead and strengthen their information security function. This is a hands-on, strategic role where you’ll manage a small team, oversee ISO 27001 and Cyber Essentials Plus compliance, and drive continuous improvement across the business. What You’ll Do: Develop and deliver the firm’s information security strategy. Lead … mentor a small team of IT security professionals. Own ISO 27001 implementation and Cyber Essentials Plus certification. Manage operational security: endpoint protection, M365 security, SIEM / SOC, vulnerability management, and incident response. Lead security projects. Build strong relationships with stakeholders and deliver security awareness training. What We’re Looking For: Proven experience in information security … management, ideally in professional services. Hands-on experience with ISO 27001 and Cyber Essentials Plus. Strong technical knowledge: endpoint security, M365 / Entra ID, SIEM, network security, encryption, backup / recovery. Certifications highly desirable: CISM, CISSP, ISO 27001 Lead Implementer . Excellent communicator, strategic thinker, and supportive team leader. Why More ❯

enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration • Lead end-to-end migration from legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. • Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem • Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance • Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. • Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (e.g., NHS DSP Toolkit, HIPAA). • Define data retention policies, PIA / DPIA frameworks … and lawful intercept / emergency call handling. DevOps & Automation • Establish CI / CD pipelines for flows, Lambda, Lex bots, and infrastructure using CloudFormation / Terraform / CDK. • Implement automated testing and version control for safe, repeatable deployments. Operational Excellence • Define KPIs / SLAs (AHT, CSAT / NPS, abandonment rates) and build real-time dashboards More ❯

diverse client base. You'll lead and support security assessments including network, web application, mobile, cloud, wireless, and internal infrastructure testing , alongside Cyber Essentials and Cyber Essentials Plus (CE / CE+) assessments. This role suits someone who enjoys hands-on technical work, clear reporting, and helping clients improve their security posture in practical, measurable ways. This is primarily an … occasional travel to client sites. Key Responsibilities Penetration Testing and Security Assessments: Deliver CREST-aligned penetration tests across external and internal networks, web applications and APIs, mobile applications (iOS / Android), and Cloud environments (Azure, AWS, GCP). Wireless networks and remote working setups. Security configuration and segmentation reviews. Perform vulnerability assessments and risk-based testing using industry best … practices. Validate findings, reproduce issues, and advise on realistic remediation. Support red team / adversarial simulation exercises where appropriate. Cyber Essentials and Cyber Essentials Plus: Conduct Cyber Essentials readiness reviews , gap assessments, and remediation guidance. Lead Cyber Essentials Plus technical audits , including sampling, evidence review, and on-site / remote verification. Help clients interpret requirements and maintain compliance More ❯

security awareness training, security compliance, security accreditation and collaborate with various stakeholders to foster a security-conscious culture. Key Deliverables: Align the business' security stance to comply with ISO 27001 and Cyber Essentials Plus, or in accordance with the Cyber Assessment Framework Improve the Cyber Awareness within the company via communications, Cyber Awareness training and monitoring … business on matters relating to cyber security Skills & Experience: Solid experience working within a similar role within information security management, ideally within an ICT Infrastructure, Managed Service Provider and / or Systems Integrator In-depth knowledge of ISO 27001 standards and best practices, as well as other relevant security frameworks (e.g., NIST, CAF) A regluated … risks Proven experience in developing and implementing information security policies, procedures, and controls. Familiarity with risk assessment methodologies and tools Desirable: Experience of working within Defence, UK government and / or a commercial security supplier Professional certifications in information security, such as CISSP or CISM, ISO 27001 related If your profile demonstrates strong and recent More ❯

Information Security Officer / ISO27001 / Data Protection £65,000 - £75,000 + Benefits Newcastle Our client is an internationally renowned SaaS organisation that's flagship product is used by household media organisations around the world. They're looking for an Information Security Officer to join the organisation to drive their infosec maturity. You'll be responsible for … designing and implementing their security procedures in line with ISO27001, GDPR and Cyber Essentials+, ensuring compliance across the business. You will also act as the Data Protection Officer and work with stakeholders of across the business to ensure awareness of cyber security best practices. You must have proven experience as an Information Security Officer who has taken a business through … the ISO27001 accreditation process. You'll have outstanding stakeholder management experience and the ability to articulate complex security challenges to non-technical stakeholders to ensure standards are met. Newcastle £65,000 - £75,000 + Benefits Information Security Officer / ISO27001 / Data Protection More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯