14 of 14 Remote Permanent ISO/IEC 27005 Jobs

and Experience Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan ). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good salary & benefits … . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05 139). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good salary & benefits … . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO / IEC 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD … specific guidelines (e.g., JSP, Def Stan 05-138 / 139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … 5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … 5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

strong leadership and interpersonal skills combined with commercial awareness and the ability to play their part in growing a dynamic high-performance team. Missions / Main Duties Supporting the Lead Cyber Security Engineer you will deliver cyber security solutions, to our rail & infrastructure clients, on projects from Concept phase … technical documents and reports and assist in the preparation of expressions of interest and tenders. Effective and clear communication to project related correspondence. Profile / Skills BSc in Cybersecurity, BSc in Computer Science, BSc in Computer Science Engineering or similar. Experience in OT cyber security and cyber security risk … management. Ability to independently define and manage cyber security strategy / planning and establish the OT cyber security governance. Experience in Threat Identification and Cyber Security Risk Management (Analysis and Assessment) for complex systems. Working knowledge with the major OT cyber security standards (including IEC 62443 series More ❯

by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138 / More ❯

by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138 / More ❯

to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Apply today by completing our online application Additional information Life At PA encompasses our peoples' experience at PA. More ❯

to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to change based on the specific requirements More ❯

to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. We know the skill-gap and 'somewhat need to tick every box' can get in the way of More ❯

resilience controls to embedded systems. It would be desirable, but not essential , if you also had one or more of: Practical experience of ISO27001 / 27004 / 27005 or NIST Risk Management Framework (RMF); Knowledge of UK / NATO Information Assurance / Accreditation frameworks … Knowledge of EASA / FAA Airworthiness Certification frameworks; Awareness of current crypto technologies, Key Management Systems & practical COMSEC; Chartered Engineer status with a recognised body; Awarded or looking to achieve an NCSC Certified Cyber Professional (CCP) recognition; Awareness of Information Security (INFOSEC), Communications Security (COMSEC), Transmission Security (TRANSEC), Product … Safety and their inter-relationship; Experience of producing and delivering training / awareness material within a corporate environment; Familiarity with incident investigation and implementation of an investigation process such as used by the Air Accidents Investigation Branch (AAIB). Why Leonardo? The business, primarily based in Luton, has a More ❯

risk is measured, tracked, and embedded within broader technology and business decision-making frameworks. You'll leverage risk methodologies such as NIST and ISO 27005 to deliver detailed qualitative … and quantitative analysis, supporting effective security prioritisation and investment decisions. Key Responsibilities Perform detailed cyber and IT risk analysis using recognised frameworks (e.g. NIST, ISO27005) Collaborate pragmatically with technical and business stakeholders to undertake cyber risk assessments and influence control decisions Act as a subject matter expert and trusted advisor … effective risk governance. Essential Experience and Skills Demonstrable experience applying at least two recognised cyber and / or IT risk methodologies (e.g., NIST, ISO27005, FAIR, OCTAVE) Experience managing cyber risk in complex, geographically distributed organisations Strong documentation skills with the ability to manage and track detailed risk registers Excellent More ❯

Cambridge University Press & Assessment (CUPA) Location: Cambridge / Hybrid with 2 days a week minimum the office Contract: Permanent Join our organisation as a Security Risk Lead . Utilise your expertise and drive to safeguard operations in this impactful role. We are Cambridge University Press & Assessment, a world-leading … the organisation in industry forums. About you We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry. The ideal candidate will have a relevant degree in Risk Management, Finance, Business … regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class / background. We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively More ❯