24 of 24 Permanent ISO 31000 Jobs in the UK excluding London

EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR. You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and … groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining More ❯

EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR. You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and … groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining More ❯

and developing mitigation strategies. Conducting security code reviews and offering guidance to ensure a secure-by-design approach. Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans). Authoring vital security documentation, including RMADS and Security Assurance Documents. Performing penetration testing and coordinating remediation … efforts. What You Bring: A solid understanding of security frameworks such as ISO 27001/2, ISO 31000, NIST 800-30/37/53. Hands-on experience with Defence Standards (JSPs, HMG, Def Stan 05-138/139). Strong knowledge of security testing tools and More ❯

the ability to communicate effectively across all operational levels of the organisation as well as with suppliers Familiar with or accredited to ISO22301, ISO27001, ISO31000 Affiliated to BCI level AMBCI at a minimum, or equivalent Knowledge of ServiceNow More ❯

Represent the organisation in industry forums. About you We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry. The ideal candidate will have a relevant degree in Risk Management, Finance, Business, or More ❯

TCF) principles are met with regards to operational resiliency activities Skills & Experience Knowledge of Operational Resilience Some knowledge of industry standards (ISO27001, ISO22316, ISO22301, ISO31000, BS11200, ISO27001) Some knowledge of enterprise risk and control frameworks and resilience risks relating to business operations, technology platforms, digital channels, third parties and cloud More ❯

strong desire to assist customers and provide exceptional customer service. Proven experience working to processes aligned to ISO9001 (quality management), ISO27001 (information security) and ISO31000 (risk management). How to apply To apply, submit a covering letter explaining why you would love to work for Alcidion and your CV to More ❯

to ensure non-project IT risk is effectively managed, aligned with corporate governance, and in full compliance with regulatory bodies such as Ofqual and ISO standards. Key Responsibilities: Design, implement and own Exam Technology’s risk management framework, policies and procedures. Identify and mitigate IT risks in high-stakes … assessment products and services. Lead real-time risk assessments, audits, and remediation planning. Engage with third parties (e.g. ISO auditors) to ensure external compliance. Collaborate with senior leaders and technical teams to embed risk controls. Support the development of new assessment solutions from a risk perspective. Ideal Candidate Profile … Proven experience in IT Risk Management within complex or regulated environments. Strong knowledge of risk management frameworks such as ISO 31000, NIST, COSO. Solid understanding of cybersecurity, incident management, and IT infrastructure. Skilled in stakeholder management, negotiation, and presenting to senior audiences. Excellent judgement and the ability to More ❯

to ensure non-project IT risk is effectively managed, aligned with corporate governance, and in full compliance with regulatory bodies such as Ofqual and ISO standards. Key Responsibilities: Design, implement and own Exam Technology’s risk management framework, policies and procedures. Identify and mitigate IT risks in high-stakes … assessment products and services. Lead real-time risk assessments, audits, and remediation planning. Engage with third parties (e.g. ISO auditors) to ensure external compliance. Collaborate with senior leaders and technical teams to embed risk controls. Support the development of new assessment solutions from a risk perspective. Ideal Candidate Profile … Proven experience in IT Risk Management within complex or regulated environments. Strong knowledge of risk management frameworks such as ISO 31000, NIST, COSO. Solid understanding of cybersecurity, incident management, and IT infrastructure. Skilled in stakeholder management, negotiation, and presenting to senior audiences. Excellent judgement and the ability to More ❯

to ensure non-project IT risk is effectively managed, aligned with corporate governance, and in full compliance with regulatory bodies such as Ofqual and ISO standards. Key Responsibilities: Design, implement and own Exam Technology’s risk management framework, policies and procedures. Identify and mitigate IT risks in high-stakes … assessment products and services. Lead real-time risk assessments, audits, and remediation planning. Engage with third parties (e.g. ISO auditors) to ensure external compliance. Collaborate with senior leaders and technical teams to embed risk controls. Support the development of new assessment solutions from a risk perspective. Ideal Candidate Profile … Proven experience in IT Risk Management within complex or regulated environments. Strong knowledge of risk management frameworks such as ISO 31000, NIST, COSO. Solid understanding of cybersecurity, incident management, and IT infrastructure. Skilled in stakeholder management, negotiation, and presenting to senior audiences. Excellent judgement and the ability to More ❯

mitigate IT risks in high-stakes assessment products and services. Lead real-time risk assessments, audits, and remediation planning. Engage with third parties (e.g. ISO auditors) to ensure external compliance. Collaborate with senior leaders and technical teams to embed risk controls. Support the development of new assessment solutions from … risk perspective. Ideal Candidate Profile: Proven experience in IT Risk Management within complex or regulated environments. Strong knowledge of risk management frameworks such as ISO 31000, NIST, COSO. Solid understanding of cybersecurity, incident management, and IT infrastructure. Skilled in stakeholder management, negotiation, and presenting to senior audiences. Excellent More ❯

mitigate IT risks in high-stakes assessment products and services. Lead real-time risk assessments, audits, and remediation planning. Engage with third parties (e.g. ISO auditors) to ensure external compliance. Collaborate with senior leaders and technical teams to embed risk controls. Support the development of new assessment solutions from … risk perspective. Ideal Candidate Profile: Proven experience in IT Risk Management within complex or regulated environments. Strong knowledge of risk management frameworks such as ISO 31000, NIST, COSO. Solid understanding of cybersecurity, incident management, and IT infrastructure. Skilled in stakeholder management, negotiation, and presenting to senior audiences. Excellent More ❯

mitigate IT risks in high-stakes assessment products and services. Lead real-time risk assessments, audits, and remediation planning. Engage with third parties (e.g. ISO auditors) to ensure external compliance. Collaborate with senior leaders and technical teams to embed risk controls. Support the development of new assessment solutions from … risk perspective. Ideal Candidate Profile: Proven experience in IT Risk Management within complex or regulated environments. Strong knowledge of risk management frameworks such as ISO 31000, NIST, COSO. Solid understanding of cybersecurity, incident management, and IT infrastructure. Skilled in stakeholder management, negotiation, and presenting to senior audiences. Excellent More ❯

Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan More ❯

Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan More ❯

Def Stan 05-138, Def Stan ). An understanding of MOD ISN 23/09 Secure by Design. Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good salary & benefits . The client offers flexible working options, with some hybrid/remote working. Apply now to be immediately More ❯

Def Stan 05 139). An understanding of MOD ISN 23/09 Secure by Design. Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001/… ISO27005/31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good salary & benefits . The client offers flexible working options, with some hybrid/remote working. Apply now to be immediately considered for this fantastic More ❯

continuous improvement and knowledge sharing across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including More ❯

Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/… ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/… ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Disclaimer: This vacancy is being advertised by More ❯

Management Plan Conduct penetration testing, vulnerability assessments and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan More ❯

Management Plan Conduct penetration testing, vulnerability assessments and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan More ❯

secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security … Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on More ❯

secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security … Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on More ❯