151 to 175 of 667 Permanent ISO/IEC 27001 Jobs

Security Architect (London | Hybrid | Cloud, NIST, SABSA) A leading global financial services firm is hiring an Enterprise Security Architect for a permanent position based in London (2 days onsite / week) . Key Tech & Frameworks: Cloud Security (SaaS, IaaS, Infrastructure) SABSA, NIST CSF, ISO 27001 / 2, SP 800-53, SANS Top 20 Risk More ❯

including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and / or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders … up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us who we … our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who can influence More ❯

experience in the field of Information Security, preferably in a senior or advanced analyst role. Proven experience in managing and auditing Information Security Management Systems (ISMS) aligned with ISO 27001 standards. Strong skills in risk assessment, vulnerability identification, and development of practical security solutions for complex IT environments. Experience with penetration testing and vulnerability assessments; certifications … to achieve their goals and an environment in which they can thrive. Apply for this job indicates a required field First Name Last Name Email Phone Location (City) Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf DATA PRIVACY NOTICE FOR APPLICANTS Select Please review … the below link and confirm Which office are you applying to be based in? Select Do you have experience working to ISO 27001 standards? Select Do you require sponsorship to work in the UK? Select Do you have work experience in Ethical Hacking? Select Are you willing to work in the office 3 days a week More ❯

experiments we ought to start Several existing and potential new experiments related to a new market If not already covered above VPN termination, Jump Host solutions and SIEM / component management SOC integration Pre-requisites: 3-5 years working in an Agile mode Minimum 3+ years security architecture + PCI experience Understands GDPR / ISO 27001 … TOGAF or NIST or equivalent Further info: Competitive Basic / day rate South, UK To apply: Please either register your CV and complete the information fields requested or send your CV to referencing LCL113 and your current salary More ❯

stay for the same one: our culture. It's what sets us apart, and the reason our employees have been turning down headhunters for years. Whatever your priorities - work / life balance, career progression, sustainability, volunteering - you'll find like-minded people driving change at Howden. Technology Third Party Risk Manager Location: London Department: Group Technology and Data Risk … risk indicators. Support the preparation of dashboards and reports for senior team members. Policy Consistency:Ensure third-party engagements align with internal policies and regulatory requirements (e.g., DORA, ISO 27001). Collaboration:Work closely with procurement, legal, and information security teams to ensure a consistent approach to third-party risk ensuring adherence to regulatory requirements. Documentation … Management, Computer Science, or a related field. Proven track record in technology risk, third-party risk management, or IT audit. Strong understanding of regulatory frameworks and standards (e.g., ISO 27001, NIST, DORA, SOC 2). Evidence of ability to handle complex vendor relationships and risk assessments. Excellent analytical, organisational, and problem-solving skills. Strong written and More ❯

management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and … practices, while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems More ❯

management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and … practices, while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems More ❯

or civilian). Strong stakeholder engagement skills and the ability to explain technical risks in simple terms. Familiarity with security frameworks or policies such as JSP440, NCSC guidance, ISO 27001, Cyber Essentials or similar. Ability to travel and work on-site at secure locations. Qualifications and Training: SC clearance is essential (DV desirable). If you … hold or are working towards qualifications like CISSP, CISM, CompTIA Security+ or ISO 27001 that’s great – if not are client will help you work towards them. Degree-level education is advantageous but not essential if you have equivalent experience. More ❯

will be directly responsible for continued success of the entire Aforza product suite. As such, the ideal candidate must be hands-on, flexible, and used to working in startup / scale up environments, where every employee has a direct impact on the company's success. All of Aforza's cloud applications, microservice and websites are hosted on Google Cloud … with IaC tools such as Terraform Strong understanding of authentication and authorization protocols such as OAuth 2.0, OIDC, SAML etc Experience with SQL and NoSQL databases Experience with Docker / Kubernetes Knowledge of security and IAM best practices You might not have all of the above, but don't let that stop you. We're excited to hear from … benefits, including: Work on cutting edge technologies with world leading customers Stock options 25 days PTO & bank holiday Pension Private health cover & income protection Flexible hours and hybrid remote / office working Fantastic, brand new office space in the heart of Cardiff city centre Our Interview Process Director, Cloud Infrastructure Cardiff / Remote (UK only) About Aforza Aforza More ❯

of our legacy systems to the Microsoft cloud. Your responsibilities will include: Evaluate and enhance existing IT systems, management procedures, and security protocols to ensure robust protection. Oversee ISO 27001 and other key accreditations by collaborating with internal teams and external auditors. Manage information security requests and compliance reports, ensuring adherence to GDPR and other relevant … have the opportunity to leverage your existing skills while developing new ones, contributing to the strategic security objectives of the Company and ensuring adherence to critical accreditations, including ISO 27001, GDPR, Cyber Essentials, and PCI DSS. The successful candidate will demonstrate: Strong analytical skills with a meticulous approach to identifying and resolving security issues. Excellent verbal … attitude towards learning and developing expertise in information security. Happy to travel occasionally to other sites as required. Desirable Experience: Demonstrable expertise in external audit, compliance, and security processes (ISO27001, GDPR, Cyber Essentials and PCI DSS). Microsoft accreditation or other recognised certifications (e.g. Microsoft Learning, CISA, CISM, CRISC, CCSP) would be very beneficial. Benefits: £25,000 - £35,000 salary More ❯

relationship between the controls framework and contemporary contextual cybersecurity risks. Developing and operating our ISMS, and all that this entails: You will also be responsible for maintaining our ISO 27001 and Cyber Essentials certificationsand other security-related compliance accreditations as may be required. We are a scaling business, staying lean wherever possible, which means currently, responsibility … globally (e.g. GDPR, NIS Directive, EBA Guidelines). Has a comprehensive understanding of what it takes to comply with cyber security industry standards and frameworks in practise (e.g. ISO 27001, NIST CSF, SP 800-53, NCSC CAF, Cyber Essentials). Has a thorough understanding of cyber security threat and risk with the ability to think like … to aid in your personal development Regular socials to unwind and have some fun Apply for this job * indicates a required field First Name * Last Name * Email * Phone * Resume / CV * Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile * What are your salary expectations for this role? * What is your notice period? * Will you require visa sponsorship More ❯

a wide range of infrastructure improvements. From migrating to Azure AD and Intune, to rolling out Defender across the business and helping push toward Cyber Essentials Plus and ISO 27001 compliance; there's a lot going on, and you'll be in the thick of it. Alongside cloud migration work, you'll also be involved in … telephony platforms in a business environment Exposure to cloud migrations, ideally Azure (some AWS experience also fine) Experience supporting enterprise platforms like IIS & SQL Familiarity with compliance standards (ISO 27001, Cyber Essentials, NIST) There's no on call requirement, though some flexibility around out of hours work may occasionally be needed. This is a genuinely varied More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We don't expect candidates to tick every single box, we encourage you to apply even if you don't meet all of the criteria. It would also be nice if More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring ****and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We dont expect candidates to tick every single box, we encourage you to apply even if you dont meet all of the criteria. It would also be nice if you have More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We don't expect candidates to tick every single box, we encourage you to apply even if you don't meet all of the criteria. It would also be nice if More ❯

Enterprise Risk Management Framework. Ensuring compliance with applicable legislation, regulatory requirements, and business obligations, as well as adherence to the most current frameworks and standards (e.g., Licence 4, ISO 27001, WLA:SCS, PCI-DSS, and DPA 2018). Coordinating and participating in internal and external security and privacy audits. This includes ensuring necessary evidence is available … concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability to … technical, complex, or sensitive issues and risks to a diverse audience and align them with broader governance frameworks Formal education or certifications in Information Security, such as a BSc / MSc in Information Security, or certifications like CISM, CISSP, or equivalent What’s In It For You? Amazing company to work for. Competitive benefits. For further information on this More ❯

and threats. Responsibilities: Design and implement enterprise-wide security architecture and strategy based on industry best practices and business requirements. Evaluate, recommend, and implement security technologies including firewalls, IDS / IPS, SIEM, endpoint protection, and identity and access management solutions. Conduct security assessments and threat modeling to identify and mitigate risks to IT systems, applications, and infrastructure. Develop and … regulated industries such as healthcare, finance, or government. Background in enterprise risk management, data privacy, or compliance auditing. Experience leading cross-functional security projects or initiatives. Familiarity with CI / CD pipelines and securing development workflows. Security Clearance Active Top Secret / SCI clearance required. More About B&A: Notable Clients B&A has grown to be a … employees and includes a company matching contribution. B&A has launched several programs to focus on employee engagement, wellness, and assistance. These include: The B&A Cares program: 30 / 60 / 90-day wellness check ins, personal development, financial management, and stress management seminars, and more A formal mentorship program Job shadowing and cross training opportunities Brand More ❯

System Engineer Automation (DCS & Safety) Runcorn 26550 / 534 £51,000 plus car allowance, medical insurance and more. What is on offer? A starting salary of up to £45,000 Car allowance - minimum of £515 per month. 25 days holiday, plus bank holidays Private medical insurance and healthcare scheme Pension with company contribution up to 12.5% Flexible working hours … the cause and effects; hardware interface and graphic screen interface Modify existing safety systems and impact analysis Knowledge, Skills & Experience: Experience in a similar role within the oil & gas / petrochemical / Industrial Automation environment Minimum HNC qualification in an engineering or process related subject Ideally hold a TUV Functional Safety Certificate or have demonstrable knowledge of Have … practical knowledge of Management Systems such as ISO9001, ISO 14001, ISO 27001 and ISO45001 To apply please email your CV / resume to If you are interested in this position please click 'apply'. Hunter Selection Limited is a recruitment consultancy with offices UK wide, specialising in permanent & contract roles within Engineering & Manufacturing More ❯

standards and product specifications, especially regarding regulatory compliance and Cyber security. Ensure compliance with industry standards and regulatory requirements specific to fire alarm and life safety devices (EN54\UL864\ISO27001\CE). Implement best practices in coding, testing, and documentation. Develop and refine measurable software development processes to enhance efficiency and quality. Collaborate with R&D team section managers to … Degree level in Engineering, preferably with a Software focus. Experience Considerable proven experience managing development teams of 10-15 engineers within an electronic product segment, ideally regulatory controlled. Knowledge / Skills Management Proven experience leading and managing software development teams of various sizes, with a track record as an exceptional people manager. Ability to mentor, coach, motivate, and develop … design documents that comprehensively describe the product design and functionality. Certification Experience in designing products for a regulatory controlled market and ensuring compliance with those standards including ISO9001 and ISO27001 / NIST or other relevant security frameworks. This is an excellent opportunity to become part of the key engineering team within a developing business with its culture shaped by More ❯

and talented team, and while some have prior security experience, many have been successful at Vanta without it. As Vanta's Customer Success Manager, in the Upmarket space (Enterprise / Mid-Market), you will play a pivotal role in guiding customers through their security and compliance journeys with Vanta's specialised solutions. By combining your customer-centric approach with … business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to achieve … trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a point-in-time More ❯

vendor services. Track vendor spend and ensure alignment with financial goals. Risk & Compliance Management Ensure vendors comply with regulatory, security, and data protection requirements (e.g., PCI DSS, GDPR, ISO 27001). Conduct regular vendor risk assessments and monitor any security or compliance concerns. Partner with Security and Compliance teams to ensure third-party risk is actively … cost optimization, and risk assessment. Ability to lead Quarterly Business Reviews (QBRs) and drive service improvements. Understanding of regulatory requirements relevant to vendor management (e.g., PCI DSS, GDPR, ISO 27001). Excellent stakeholder management, communication, and negotiation skills. Strong analytical mindset with experience using data to assess vendor performance and impact. ?Education & Experience: Bachelors degree in More ❯

computing. You have Excellent experience in cyber security and in particular IT and OT cyber security and risk management and strong understanding of cyber security frameworks (e.g., NIST, ISO 27001, IEC 62443, CIS Controls) and NIS Regulations. In-depth understanding of cyber security products, services, systems and solutions and exposure to multiple, diverse technologies … and analytics, cyber security and more. Flexible benefits to fit your life Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24 / 7 counselling service. Interest-free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. As well as generous family entitlements such More ❯

solid technical understanding are essential. Responsibilities: Regulatory Compliance & Framework Development: Support the implementation of a comprehensive business resilience framework aligned with DORA and other regulatory requirements (e.g., NIST, ISO 22301, ISO 27001). Develop training materials, policies, controls, and risk assessment methodologies to ensure adherence to regulatory standards. Support key pillars of the DORA … operational resilience, systems architecture, or related fields, with extensive exposure to Operational Resilience, particularly DORA . Strong understanding of UK regulatory requirements and frameworks such as DORA, NIST, ISO 22301, and ISO 27001. Proven experience conducting risk assessments, regulatory compliance reviews, and resilience testing . Ability to translate regulatory requirements into actionable plans and track them More ❯

role is key in building and improving Primark's Cyber Security posture. Duties & Responsibilities Actively progress and improve Primark's cyber security posture with the delivery of agreed projects / initiatives aligned with industry best practice. Ensure project deliverables are aligned with the Cyber Roadmap with outcomes directly addressing strategic objectives / maturity gaps / audit points. … Advise and lead on solutions with our internal teams / outsourced partners, having a 'hands on approach' including the construction of business cases and contractual arrangements. Have a metric based approach with a structure to enable auditing and managing vendor performance. Coordinating resources, preparing delivery teams for kick-off and ensure effective completion of milestones, controlling scope and mitigating … defining, developing and managing implementation schedules Maintaining a roadmap of future initiatives, that effectively facilitates the prioritisation of delivery plans. Ensuring an ongoing focus on delivering the required quality / value for money and compliance with published standards and guidelines. Co-ordinates cross-functional team members, identifies resources needed, assigns and prioritises tasks / responsibilities and ensures deadlines More ❯

within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice on … restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a point-in-time More ❯