21 of 21 Remote Permanent ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs

part of the leadership team responsible for protecting a rapidly expanding global enterprise. The OT Manager, Cybersecurity, will audit the Industrial Control System / Operational Technology (ICS / OT) environment and perform risk / vulnerability assessments leading to the development of an enterprise strategy … / design plan. The OT Manager, Cybersecurity, will lead the team on implementation (hands-on configuration) of the enterprise ICS / OT systems Additional responsibilities include research, classification, and root cause analysis of security events that occur within the environment. The ideal candidate will have security … security assessments in an OT environment. Excellent leadership skills as this is a people manager role. Strong understanding of cybersecurity frameworks for ICS / OT environments Strong understanding of OT network communication protocols and industrial networking topologies. Familiarity with NIST (National Institute of Standards and Technology) Special Publication More ❯

Experience Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan ). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights … alongside good salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05 139). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights … alongside good salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO / IEC 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53. Strong understanding … of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138 / 139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this More ❯

reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance … penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven … product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / More ❯

reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance … penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven … product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / More ❯

a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these … a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There … means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes More ❯

mitigation strategies. Conducting security code reviews and offering guidance to ensure a secure-by-design approach. Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans). Authoring vital security documentation, including RMADS and Security Assurance Documents. Performing … penetration testing and coordinating remediation efforts. What You Bring: A solid understanding of security frameworks such as ISO 27001 / 2, ISO 31000, NIST 800-30 / 37 / 53. Hands-on experience with Defence Standards … JSPs, HMG, Def Stan 05-138 / 139). Strong knowledge of security testing tools and techniques. Excellent communication skills — able to explain complex risks and solutions clearly. A proactive, problem-solving mindset with a high level of personal integrity and professional ethics. Experience with NIST standards. (this More ❯

27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on prem and in cloud environments. More ❯

SIEM systems, such as Splunk, Sentinel, QRadar. Strong understanding of security standard methodologies and protocols, such as ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such More ❯

SIEM systems, such as Splunk, Sentinel, QRadar. Strong understanding of security standard methodologies and protocols, such as ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such More ❯

SIEM systems, such as Splunk, Sentinel, QRadar. Strong understanding of security standard methodologies and protocols, such as ISO 27001 / 27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

Culture: Join a team that values innovation, client success, and your professional development. Key Responsibilities: Conducting comprehensive security assessments, including PCI DSS, ISO27001 / 27002, SWIFT Security, and Cloud compliance. Preparing executive and technical reports detailing findings, security gaps, and actionable recommendations. Leading PCI DSS Gap … with technologies such as Cloud, Virtualization, Network Firewalls, Web Application Firewalls, and encryption. Bonus Skills (Desirable): Experience delivering training on PCI DSS and / or ISO27001. Knowledge of multiple information security frameworks with the expertise to conduct gap analysis and assessments (ISO 27001, SOC2 More ❯

AWS, GCP, Azure) and driving security policies and guide rails Experience working within a structured governance framework IT Security Qualification such as CISA / CISSP or BCS and PCI / ISA qualification Industry and Regulatory Experience The security architect is expected to have documented experience with … Frameworks Payment Card Industry Data Security Standard (PCI-DSS) General Data Protection Regulation (GDPR) and Privacy Practices ISO 27001 / 2 Knowledge of OWASP 10 NIST Cybersecurity Framework (CSF) CIS and Benchmarking By joining Morrisons, you not only become an essential asset to our More ❯

AWS, GCP, Azure) and driving security policies and guide rails Experience working within a structured governance framework IT Security Qualification such as CISA / CISSP or BCS and PCI / ISA qualification Industry and Regulatory Experience The security architect is expected to have documented experience with … Frameworks Payment Card Industry Data Security Standard (PCI-DSS) General Data Protection Regulation (GDPR) and Privacy Practices ISO 27001 / 2 Knowledge of OWASP 10 NIST Cybersecurity Framework (CSF) CIS and Benchmarking By joining Morrisons, you not only become an essential asset to our More ❯

and taking a pragmatic approach to designing security solutions for the bank Can work effectively and efficiently with internal and external SME's / Partner organisations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills More ❯

Pre-Sales or a similar role within an MSP / Reseller organization Experience in cybersecurity incident response and familiarity with industry standards (ISO27002, NIST, etc.) Expertise in endpoint detection, threat management, and advanced cybersecurity services (SSE, SASE, SIEM, MDR / EDR) Strong communication, organizational, and problem More ❯

ongoing information security compliance programme that delivers assurance of control performance Ensuring the ongoing compliance of baseline industry security standards such as ISO27001 / 2 are met Providing effective assurance of MIB's controls and control frameworks Providing a focal point for information security expertise Key Outputs Governance … approved and recorded. Completion of InfoSec risk assessments and workshops. Ensuring that InfoSec risk governance and control frameworks are maintained and that risks / issues are reported and escalated appropriately. Review, challenge and track the implementation and effectiveness of controls and risk mitigation treatment plans as a result … of leading information security risk assessments Proven experience in writing Information Security policies, procedures and standards Experience in maintaining all aspects of ISO27001 / 2 compliance Working knowledge of standard risk management / control frameworks such as ISF, NIST, ISO and ITIL. More ❯

candidate will possess the following: Proven experience working with information security controls and regulatory standards (e.g., NIST, ISO 27001 / 2, COBIT). Experience in developing and maintaining Information Security policies and standards that support an improvement in security culture. A passion for driving More ❯