376 to 400 of 796 Permanent ISO/IEC 27001 Jobs

needs of the audience. Ability to work with others effectively, with 3rd parties, internal teams, promoting knowledge sharing within and across teams. A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10. Have or be working towards relevant industry certification such as CISSP, CISM, CRISC or More ❯

HQ Permanent, Full-time Monday to Friday: 37.5 hours per week You will lead technical discovery sessions, design scalable solutions across Microsoft 365, Azure, Microsoft Sentinel, Intune, and network / firewall infrastructure, and support the sales team with pre-sales input and client proposals. You will also guide project delivery, ensuring solutions are implemented to a high standard with … queries. Understanding incident response, security event correlation, and automation via Logic Apps. Solid understanding of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune / Endpoint Management: Deployment and configuration of Intune, AutoPilot, configuration profiles, compliance and security policies. Experience with application deployment, device encryption, and monitoring / reporting. Integration with Defender for … subnets, VLANs, NAT, DNS, DHCP. Configuration and deployment of firewalls (e.g., Cisco ASA, Fortinet, Ubiquiti), including site-to-site VPNs, remote access VPNs, and secure segmentation. DNS and SSL / TLS certificate management. Ability to engage with clients during scoping calls, solution workshops, and technical reviews. Experience creating proposals, high-level designs (HLD), low-level designs (LLD), and cost More ❯

and analytical skills. Ability to work autonomously in a standalone role, managing multiple priorities simultaneously. Proficiency with compliance management tools and MS Office Suite. Desirable Skills Knowledge of ISO standards such as ISO 27001 (Information Security Management). Experience with privacy-by-design and data protection impact assessments (DPIAs). Familiarity with contract review More ❯

tools including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). Collaborate with development teams to integrate security testing seamlessly into CI / CD pipelines, enabling early detection and continuous monitoring of vulnerabilities. Drive the creation of custom security automation scripts and tools to enhance scanning coverage, improve detection accuracy, and streamline … practices to reduce vulnerabilities proactively. Governance, Compliance & Training Ensure that application security architecture and practices comply with relevant regulatory and industry standards such as PCI-DSS, SOC 2, ISO 27001, and GDPR. Lead efforts to prepare for and support external and internal audits by providing comprehensive documentation, risk assessments, and remediation evidence. Develop and deliver targeted … as Certified Secure Software Lifecycle Professional (CSSLP), GIAC Web Application Penetration Tester (GWAPT), or Google Professional Cloud Security Engineer. Experience securing containerized environments and orchestration platforms such as Kubernetes / GKE. Knowledge of DevSecOps tooling and automation frameworks (Jenkins, GitLab CI / CD, Terraform). Familiarity with API security gateways, Web Application Firewalls (WAFs), and Runtime Application Self More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

mentor and develop the skills of a small team of engineers, fostering technical growth and knowledge sharing. Ensure high availability, performance and security across the Puppet infrastructure in Test / Dev, Pre-Prod, and Live environments. Develop infrastructure-as-code solutions to support automated software deployments and configuration management at scale. Implement and manage secure and repeatable automation across … Linux (primarily Oracle / RHEL) and Windows platforms. Deliver new capabilities and features across the tooling landscape, integrating with platforms like OLAM. Resolve complex deployment and infrastructure issues, including module / package development and troubleshooting. Maintain accurate and clear documentation such as runbooks, install / config guides, and operating procedures. Drive alignment with internal controls and compliance … for automation and infrastructure management. Exposure to security compliance frameworks (ISO 27001, CIS benchmarks, NIST). Experience with monitoring and observability tools (Prometheus, Grafana, ELK / EFK stacks). Integration of automation platforms with ticketing systems (ServiceNow, Jira). Hands-on work with container security scanning and remediation processes. Experience in disaster recovery automation and More ❯

mentor and develop the skills of a small team of engineers, fostering technical growth and knowledge sharing. Ensure high availability, performance and security across the Puppet infrastructure in Test / Dev, Pre-Prod, and Live environments. Develop infrastructure-as-code solutions to support automated software deployments and configuration management at scale. Implement and manage secure and repeatable automation across … Linux (primarily Oracle / RHEL) and Windows platforms. Deliver new capabilities and features across the tooling landscape, integrating with platforms like OLAM. Resolve complex deployment and infrastructure issues, including module / package development and troubleshooting. Maintain accurate and clear documentation such as runbooks, install / config guides, and operating procedures. Drive alignment with internal controls and compliance … for automation and infrastructure management. Exposure to security compliance frameworks (ISO 27001, CIS benchmarks, NIST). Experience with monitoring and observability tools (Prometheus, Grafana, ELK / EFK stacks). Integration of automation platforms with ticketing systems (ServiceNow, Jira). Hands-on work with container security scanning and remediation processes. Experience in disaster recovery automation and More ❯

mentor and develop the skills of a small team of engineers, fostering technical growth and knowledge sharing. Ensure high availability, performance and security across the Puppet infrastructure in Test / Dev, Pre-Prod, and Live environments. Develop infrastructure-as-code solutions to support automated software deployments and configuration management at scale. Implement and manage secure and repeatable automation across … Linux (primarily Oracle / RHEL) and Windows platforms. Deliver new capabilities and features across the tooling landscape, integrating with platforms like OLAM. Resolve complex deployment and infrastructure issues, including module / package development and troubleshooting. Maintain accurate and clear documentation such as runbooks, install / config guides, and operating procedures. Drive alignment with internal controls and compliance … for automation and infrastructure management. Exposure to security compliance frameworks (ISO 27001, CIS benchmarks, NIST). Experience with monitoring and observability tools (Prometheus, Grafana, ELK / EFK stacks). Integration of automation platforms with ticketing systems (ServiceNow, Jira). Hands-on work with container security scanning and remediation processes. Experience in disaster recovery automation and More ❯

Supply Chain, Legal, Compliance, HR, Finance, Manufacturing, Commercial, R&D IT) and external partners (e.g., regulatory bodies, auditors, technology vendors, cloud providers). Navigate key challenges, including complex hybrid / multi-cloud environments, evolving cybersecurity regulations, budget constraints, and cultural transformation toward agile, product-oriented IT. About You Minimum 10 years of leadership experience in IT infrastructure and cybersecurity … FMCG or manufacturing environments. Master's degree in IT, Computer Science, or a related field is preferred. Experience with SAP, ERP integration, and enterprise platforms (e.g., CRM, CMS, SFA / DMS). Strong knowledge of cybersecurity frameworks and compliance standards (e.g., ISO 27001, NIS2). Proven track record in managing complex IT ecosystems and cross More ❯

engineering studies & cyber design documentation. Resolve engineering issues by applying standards and best practices. Skills & Qualifications: Minimum BSc degree or equivalent experience. Certifications such as CCNA, CCNP, CWNP, ISA / IEC 62443, or GICSP are highly desirable. Experience in Control System Network Design Engineering. Understanding of IEC62443 Cyber Security standards. Knowledge of IEC27001 / 2 Information … Security Management. Familiarity with industrial communication protocols (e.g., Modbus, DNP3, OPC) & their security implications. Experience with multiple system implementations & control platforms. Experience in brownfield upgrades / replacements. Strong knowledge of engineering practices, standards, and codes. Understanding of automation & control applications and tools. Knowledge of physical security & cybersecurity interplay in OT environments. Good awareness of safety standards & regulations for OT. … Proficiency with current industry technologies & software tools. Detail-oriented, organized, inquisitive. Desirable: Experience with Rockwell, Honeywell, Schneider PLC / SCADA systems. Familiarity with telecom protocols, satellite, & radio-link technologies. Experience with OT Intrusion Detection Systems. With over 90 years of combined experience, NES Fircroft is a leading engineering staffing provider across multiple sectors worldwide. We support contractors with visas More ❯

technology risk, technology audit, within a financial institution, licensed money transmitter, or payments related e-commerce function. - A good understanding of IT risk and control frameworks: COBIT, NIST, ISO 27001, ITIL or equivalent. - Understanding of SDLC. PREFERRED QUALIFICATIONS - Certified Information Systems Auditor (CISA) or equivalent IT auditing and risk certification. - Certified Information Security Manager (CISM), Certified … and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country / region you're applying in isn't listed, please contact your Recruiting Partner. Posted: May 14, 2025 (Updated 10 days ago) Posted: February 7, 2025 (Updated 10 days ago More ❯

the key trends shaping the cybersecurity conversation this year. Ransomware remains a major threat Attackers are becoming more targeted, more professional and more damaging, according to the Nash Squared / Harvey Nash Digital Leadership Report organised crime remains the biggest concern for digital leaders. Public services, councils and healthcare providers continue to be high-profile victims. This is driving … Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO 27001 Cloud security credentials (e.g. AWS or Azure certification) Soft skills are playing a bigger role too: Strong communication, especially with non-technical stakeholders Problem-solving in More ❯

expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting More ❯

and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. Qualifications The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting More ❯

within a complex or globally distributed environment. In-depth knowledge of infrastructure, networks, and cloud technologies (e.g. Azure, AWS). Experience with security frameworks and regulatory compliance, including ISO 27001 and GDPR. Demonstrated ability to lead, coach, and develop high-performing technical teams. Track record of managing incident response and conducting technical investigations. Confident multitasker with More ❯

Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks, including Secure by Design, ISO 27001, NIST or similar Understanding of security architecture patterns, methodologies, and best practices. Strong analytical and problem-solving skills, with a focus on innovation and efficiency. Strong More ❯

Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks, including Secure by Design, ISO 27001, NIST or similar Understanding of security architecture patterns, methodologies, and best practices. Strong analytical and problem-solving skills, with a focus on innovation and efficiency. Strong More ❯

security services (security operations and offensive security testing) Experience of strategic planning and oversight of cyber incident response and crisis management Strong understanding of cybersecurity standards and frameworks (e.g. ISO27001, NIST, CIS) and their application in strategic planning and policy development Ability to collaborate business leadership to operationalise strategic decisions, ensuring alignment with organizational resilience goals. Understanding of regulatory requirements More ❯

Specification: Degree in Cybersecurity, Computer Science, Information Systems, or a related field. Demonstrable interest in information security (e.g. coursework, certifications, personal projects). Familiarity with security frameworks such as ISO27001, NIST, or CIS Controls. Basic understanding of networking, operating systems, and cloud environments. Awareness of common threat vectors, controls and basic incident response principles. Basic knowledge of Windows operating systems More ❯

opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

our dynamic team in person. Responsibilities Design, implement, and lead Remepy's security practice and enterprise cybersecurity program Own security compliance with HIPAA, 21 CFR Part 11, FDA pre / postmarket cybersecurity guidance, and related frameworks Collaborate with Product, Engineering, and Compliance to embed security-by-design across our software lifecycle Lead enterprise risk assessments, incident response, disaster recovery … and business continuity planning Oversee security architecture across cloud infrastructure, mobile apps, and data pipelines Represent security matters to the executive team, Board of Directors, and external auditors / regulators Drive internal security awareness and training across the organization Support FDA submissions and security documentation for regulated products Qualifications Experience 7+ years of experience in information security, including 3+ … ability to scale and lead a high-performing cybersecurity team Executive presence and comfort engaging with regulatory bodies and strategic partners Nice to Have Certifications: CISSP, CISM, HCISPP, CIPP / US, or similar Experience in fast-paced startup environments or venture-backed digital health companies Familiarity with software as a medical device (SaMD) or digital therapeutics Leadership Abilities Ability More ❯

SDLC Define and govern secure architecture and ensure alignment with enterprise policies and industry frameworks (e.g. OWASP, NIST, ISO 27001) Drive DevSecOps integration into CI / CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best … maturity Act as the senior escalation point for clients and internal teams, ensuring delivery excellence What You'll Bring: 10+ years in secure software development, with 5+ in senior / director-level roles Proven experience leading complex security transformation programmes Strong understanding of modern software pipelines and cloud-native security tooling Demonstrable experience of integrating security controls into CI … / CD workflows Certifications such as CISSP, CSSLP, CEH, or equivalent Excellent stakeholder engagement and pre-sales capability Strong commercial awareness and budgeting experience Right to work in the UK and eligibility for SC clearance Outstanding communication skills-both technical and client-facing Key Details: Location: London or Birmingham (Hybrid, with occasional travel) Salary: Up to £135,000 + More ❯

rapidly growing ecommerce channel. We are seeking an experienced, forward-thinking IT Director to lead and evolve our technology function. This role is central to ensuring our SAP S / 4HANA platform continues to support our business needs, while developing our analytics and data capabilities and embracing the transformative potential of AI. The ideal candidate will be a strategic … shaping and delivery of the Joseph Joseph strategic plan. Technology Leadership & Strategy: Define and deliver the IT strategy aligned with business goals and growth plans. Ensure the SAP S / 4HANA platform is optimized and continuously aligned with operational and strategic needs. Lead the technology roadmap to ensure infrastructure, applications, and systems are scalable, secure, and future-proof. Data … at a senior level handling integration and transformation activity and working as part of a business senior leadership team (working with functional Chief Officers) Proven experience managing SAP S / 4HANA in a production setting. Strong track record in delivering analytics platforms (e.g., Power BI, SAP Analytics Cloud). Solid understanding of AI technologies, data platforms, and emerging tech More ❯