51 to 75 of 682 Permanent ISO/IEC 27001 Jobs

This job is brought to you by Jobs / Redefined, the UK's leading over-50s age inclusive jobs board. Sonata One is a rapidly scaling, regulated fund services and technology (fintech) business. We're The Private Funds Clearinghouse, connecting more than 53,000 investors with 6,500 funds and 180 fund managers around the globe. Our vision is … from a seamless, one & done experience across the fund lifecycle (from fund selection and subscription through to settlement and reporting) underpinned by a globally compliant KYC passport and 24 / 7 support. Fund managers can raise capital faster at a lower cost from a wider pool of pre-approved investors. Founded in 2015, Sonata One has a presence in … endpoint protection, DLP, etc.). Oversee the organization's incident response and business continuity plans, including simulations and real-time responses. Conduct regular security audits and work with internal / external auditors to support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements More ❯

Job Title: Head of Information Security Reporting To: Chief Technology Officer Location: Bournemouth / Hybrid Working Salary: Competitive Job Type: Full Time 37.5 hours a week Our Purpose Nourish Care is the UK market leader in digital social care planning. Our SaaS platform empowers care providers to deliver more transparent, coordinated, and person-centred care. With thousands of care … Trust Centre, whitepapers, and customer-facing documentation Product & Platform Security Champion secure-by-design principles across the software development lifecycle Own DevSecOps processes: shift-left security, secrets management, CI / CD hardening, container security, vulnerability scanning Collaborate with Product and Engineering teams on threat modelling, penetration testing, and remediation efforts Select, implement, and manage key SaaS security tooling (e.g. … SAST / DAST, SIEM, CSPM, endpoint protection, IAM) Ensure alignment with cloud-native architecture and tooling (we primarily use AWS, GitHub Actions, and Terraform) Compliance & Assurance Lead ongoing readiness and evidence for ISO 27001, SOC 2 Type I & II , and Cyber Essentials Plus Maintain and evolve the ISMS in line with business growth and operational More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

zones and geographies is a key part of our culture and success. How will you contribute? ISMS Governance & Controls Assurance Lead the maintenance and continuous improvement of Smarshs ISO 27001-aligned ISMS. Oversee the control assurance programme, ensuring robust evidence collection, control testing, and continuous monitoring. Own key internal and external audit workstreams, including SOC … ISO 27001, FedRAMP and customer audits. Cybersecurity Risk Management Drive the risk assessment lifecycle, embedding business, technical, and supply chain risk perspectives. Enhance risk methodologies and tools, integrating real-time risk metrics into dashboards and governance forums. Support risk acceptance processes and facilitate cross-functional remediation plans. Regulatory, Contractual & Client Assurance Monitor emerging regulations (e.g. DORA … at the heart of everything we do. We work closely with the most popular communications platforms and the worlds leading cloud infrastructure platforms. We use the latest in AI / ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be More ❯

governance of AI and emerging technologies, and embedding secure-by-design and privacy-by-design principles. Operating as a trusted partner to customers, regulators, and the Board, the CISO / CPO safeguards IT systems, cloud services, products, and data while enabling digital transformation and innovation. The role is accountable for all security activities, with operational security and SOC services … Embed secure-by-design and privacy-by-design principles across IT and product teams; oversee SDLC, penetration testing, and coordinated disclosure. Direct 24 7 SOC operations, threat hunting, red / blue teaming, and crisis response through internal and external teams. Collaborate with data and legal teams to ensure alignment on data lifecycle, classification, and retention policies. Sponsor security in … record of defining and delivering security and privacy strategies, target operating models, and building high-performing teams. Strong knowledge of security and privacy frameworks, including NIST, ISO / IEC 27001, Cyber Essentials, and applicable data protection legislation UK Data Privacy, GDPR, etc. Proven experience in leading enterprise-wide risk management, incident response, and More ❯

continual learning, collaboration, and innovation. We don't just support businesses - we shape how they stay secure, agile, and competitive. We are now looking for a talented Cybersecurity Lead / Specialist to join our growing team and take ownership of our cybersecurity offering. This is a hybrid, hands-on role that blends strategy with technical implementation - ideal for someone … Analyse alerts, threat intelligence, and forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are … clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM / SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding More ❯

continual learning, collaboration, and innovation. We don't just support businesses - we shape how they stay secure, agile, and competitive. We are now looking for a talented Cybersecurity Lead / Specialist to join our growing team and take ownership of our cybersecurity offering. This is a hybrid, hands-on role that blends strategy with technical implementation - ideal for someone … Analyse alerts, threat intelligence, and forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are … clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM / SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding More ❯

RoboShadow, Microsoft Defender, and ThreatLocker Assist with incident response playbook development and execution, analysing alerts and threat intelligence for effective remediation Contribute to client compliance guidance across Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Provide technical support for pre-sales activities and deliver cybersecurity awareness training to clients Support internal knowledge sharing … environments, or strong development motivation Technical familiarity with security tools including CrowdStrike Falcon, Microsoft Defender, Conditional Access, and MFA Understanding of compliance frameworks such as Cyber Essentials Plus, ISO 27001, and PCI DSS Interest in incident response and real-world security investigations Foundational knowledge of identity security, patch management, and user awareness training Strong written and … Skills you'll gain or strengthen Industry certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, or PCIP Penetration testing or red teaming exposure SIEM / SOAR platform experience, particularly Microsoft Sentinel MSP toolset familiarity, including Autotask, IT Glue, or Rewst Career Development Opportunities. This role offers clear advancement potential within our expanding cybersecurity practice. More ❯

Job Title: IT Security Manager Location: Hybrid in Buckinghamshire (2 days on-site) Job Type: Full-time, Permanent Salary: £60,000 - £67,000 + benefits Industry: Media / Broadcasting A leading Media / Broadcasting company based in Buckinghamshire are seeking an experienced IT Security Manager to join the Cyber Security team where you’ll mature the development of … Microsoft Security solutions, including Defender, Sentinel, Entra ID, and Microsoft Purview. Deep knowledge and practical application of security frameworks and standards including CIS, ISO 27001 / 27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing and running … and risk-based security metrics. Ability to bridge security and IT operations teams, with effective stakeholder communication and collaboration. Security certifications such as CISSP, CISM, Microsoft Security (SC-100 / SC-200 / SC-300), or equivalent are highly desirable. Apply directly to learn more about this exciting opportunity or connect with me on LinkedIn to stay updated More ❯

JUser: :_load: Unable to load user with ID: 994 Job Summary Infrastructure Architect / Permanent / Worcestershire Country: United Kingdom Location: Malvern Sector: Architect Job Type: Permanent Technologies: infrastructure architecture Cyber Security Windows Servers 2012 Microsoft Active Directory LAN WAN office365 VPN Security Cleared Infrastructure Architect / Permanent / Worcestershire Infrastructure Architect / Permanent / … security clearance. • Infrastructure auditing and record keeping. • Design and implementation of ISO 27001 policies and procedures. • Experience of IASME Cyber Essentials. • Evaluation of candidate hardware / software solutions in a formal manner, involving requirements definition, evaluation, and presentation of recommendations. • Cloud technology including AWS and Azure. • Microsoft SharePoint and Dynamics CRM. • Docker or other lightweight More ❯

technical expertise across a wide range of both security and IT technologies & services Lead the technical cyber security design of systems and services across multiple PNT programmes and projects / technologies, up to an organisational or inter-organisational level Make and influence important business and architectural decisions Research, identify, validate and adopt new security technologies and methodologies that help … provide mitigation against those threats Maintain an understanding of the emerging threat profile, work with the wider team to contextualise this threat in terms of NPL's own business / delivered programmes and ultimately develop a prioritised mitigation strategy.Develop a security posture which delivers this this mitigation through both technical implementation, operating procedures and business processes. Referenceable, in-depth … service. Ability to design and build practical security infrastructure within this environment based on a contextualised understanding of the risk.Proven ability to work with Enterprise Security Architecture frameworks (SABSA / TOGAF)Demonstrable experience of leading and mentoring colleagues, encouraging the application of architectural expertise in all areas of Cyber SecurityThorough understanding of designing and constructing business processes, functions and More ❯

help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and … roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS / NIS2, DORA, UK CNI / OT / IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance More ❯

manage responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security, Legal, IT … a related field. Experience supporting sales processes, including responding to RFx security assessments. Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.). Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences. Strong organizational skills with the ability to … attention to detail. Experience working in a SaaS, cloud, or technology-driven company is preferred. Professional certifications (such as CISM, CRISC, ISO 27001 Lead Implementer / Auditor, or similar) are a plus Additional Information We are proud to foster a diverse and inclusive workplace, where every individual's unique background, perspective, and contribution is celebrated. More ❯

client engagements. Essential Skills Demonstrable track record in technology risk, digital resilience, IT audit or cyber-resilience within financial services (in-house or consulting). Deep understanding of UK / EU regulatory drivers (e.g., FCA / PRA Operational Resilience Policy, DORA, SYSC 8, PS 21 / 3, CP4 / 24) and relevant industry frameworks (COBIT, ITIL … ISO 27001 / 22301, NIST CSF). Strong analytical skills with the ability to translate complex technical issues into clear, business-focused recommendations. Possession of strong team working and leadership skills, including the ability to work as a team and under your own initiative. Ability to communicate clearly with colleagues and clients at all levels. … Preferred Skills Professional certifications: CRISC, CISA, CISM, CISSP, CBCI, ISO 22301 Lead Implementer / Auditor, PRINCE2 / AgilePM. Prior involvement in regulatory remediation Technical financial services knowledge, including an understanding of the Insurance, Asset Management and Banking industries. Commercial acumen and an interest in how complex organisations operate. More ❯

Quality Compliance Executive, ISO, Secuirty, SaaS, Cloud £50-60k Our client , a trusted and fast-growing leader in the [industry Saas / digital infrastructure / professional services / Cloud, is looking for a Quality Compliance Executive to join their team. This is a key role within the business, ensuring their internal systems, policies, and … accreditations not only meet regulatory expectations but set the benchmark for excellence. This is a brilliant opportunity for someone who thrives in process, governance and ISO compliance, and is ready to take ownership of end-to-end quality and regulatory functions across the business. What you’ll be doing: As a Quality Compliance Executive Policies, Procedures & Process Governance … Supporting the delivery of strategic management plans that align with the company’s ISO and regulatory obligations. Managing the Compliance & Regulatory Calendar—ensuring each department knows what's needed and when. Helping teams build out, document and follow clear procedures, tracking evidence to demonstrate compliance. Coordinating audits and keeping records of key business processes. Driving awareness and training More ❯

pivotal role in managing and maintaining their IT infrastructure, ensuring the continuous operation of critical systems both on-premises and in their data centres. You will lead a 24 / 7 NOC team and work closely with our outsourced SOC to guarantee the security and reliability of their services. This role requires a hands-on approach to technical support … Bank Holidays Enhanced Pension Death in service Main duties and responsibilities: Oversee IT systems at UK data Centres, ensuring reliable and robust service delivery. Manage a UK-based 24 / 7 NOC operation of Networks, IT systems, servers, switches, routers and resolve incidents or issues / actions. Ensuring adherence to Information Security Management, ISO 27001 … and UK legal standards, especially Nations Infrastructure (CNI) Manage recording and monitoring of Service Level Agreements(SLA) for all incidents / issues / changes in conjunction with the Services IT Head and NOC / SOC. Provide first-line technical support when required and support remote users for hardware and software issues / improvements / changes More ❯

in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 / +44 204 520 2575 with the subject line: “Application Support Request”. Role: DLP Support Specialist Location: London / Watford Mode of working: Hybrid (3 days) Careers at … and implement new DLP solutions, techniques, and updates to enhance protection. Support Integration – Assist in integrating DLP solutions with broader IT security measures and infrastructure. Your Profile Essential skills / knowledge / experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts … employees on data protection best practices and ensure compliance with DLP measures. Continuous Learning & Improvement – Commitment to staying updated on emerging DLP technologies, threats, and security trends. Desirable skills / knowledge / experience: Experience with Cloud Security – Exposure to cloud-based DLP solutions (e.g., Microsoft 365, AWS, Google Cloud). Forensic Investigation Skills – Ability to conduct forensic analysis More ❯

in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 / +44 204 520 2575 with the subject line: “Application Support Request”. Role: DLP Support Specialist Location: London / Watford Mode of working: Hybrid (3 days) Careers at … and implement new DLP solutions, techniques, and updates to enhance protection. Support Integration – Assist in integrating DLP solutions with broader IT security measures and infrastructure. Your Profile Essential skills / knowledge / experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts … employees on data protection best practices and ensure compliance with DLP measures. Continuous Learning & Improvement – Commitment to staying updated on emerging DLP technologies, threats, and security trends. Desirable skills / knowledge / experience: Experience with Cloud Security – Exposure to cloud-based DLP solutions (e.g., Microsoft 365, AWS, Google Cloud). Forensic Investigation Skills – Ability to conduct forensic analysis More ❯

Position: Security engineer with HSM / KMS (Utimaco, Thales, Entrust) Duration: 12 Month contract with Possible extension Location: Plano, TX / JACKSONVILLE, FL / Charlotte, NC / Chandler, AZ / Richmond, VA (Hybrid-3 Days Onsite) (Locals only) Description: Proficiency in key management systems and tools (e.g., HSMs, KMS, PKI) Strong understanding of cryptographic algorithms … experience with automation using Perl, python or PowerShell Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault) Use of monitoring tools i.e. Splunk, Elastic, Prometheus / Grafana stack, ELK, etc. Proficiency in at least one programming language (e.g., Java, Go) and experience with orchestration tools (e.g., Ansible, Terraform Experience using Utimaco, Thales, Entrust, etc. products … experience with automation using Perl, python or PowerShel Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault) Use of monitoring tools i.e. Splunk, Elastic, Prometheus / Grafana stack, ELK, etc. Proficiency in at least one programming language (e.g., Java, Go) and experience with orchestration tools (e.g., Ansible, Terraform Experience using Utimaco, Thales, Entrust, etc. products More ❯

and performance Ensure high levels of performance, availability, sustainability and security Analyse, solve, and correct issues in real time Ensure reviews are conducted on a regular basis to improve / enhance the database, and that the improvements are consistent with the departmental guidelines (working closely with other members of the DB team). Where no formal guidelines exist, work … on agreed product deliverables. Database Troubleshooting and Maintenance Maintain data integrity and security (manage roles and permissions of database users). Generate traces, execution plans, identify performance issues, deadlocks / contention and resolve them. Keep abreast of technology trends and how they apply to your area. Put forward suggestions for improvement to processes or tools where applicable. Develop a … level of product expertise across the solution architecture. Skills and experience BSc or equivalent in a software engineering / DB discipline and / or Professional qualifications appropriate to DB engineering roles. Experience of large transactional databases (100GB+) Excellent knowledge of the SQL Database Engine Excellent performance tuning skills (experience of Query Tuning, Indexing, Locking etc). Excellent communication More ❯

Safety Accreditation Scheme for Traffic Management CSAS is preferable. Current Construction Skills Certification Scheme card (CSCS). Able to work in a high-pressured environment. Working knowledge of FORS / CLOCS. Experience in construction site logistics is preferable. Experience in delivering excellent customer service is preferable. Knowledge and practical use of Excel and PowerPoint packages is preferable. Experience of … and will be reported to HS2. It is an SCSJV requirement that all employees, Design House, and Supply Chains must implement and comply with the requirements of ISO … Quality Management System, ISO 14001:2015 Environmental Management System with guidance for use", OHSAS 18001:2017 Occupational Health and Safety Management Systems and ISO / IEC 27001:2013 Information Security Management System, Policies, Plans, Procedures and Processes, and statutory requirements as they affect the Joint Venture 's operations and ensure that More ❯

fostering a culture of security awareness throughout the organisation. Security Strategy Development: Design and implement a comprehensive information security strategy that aligns with business objectives and complies with ISO 27001 standards. Microsoft 365 Expertise: Leverage Microsoft 365 tools to enhance security measures, ensuring optimal configuration and deployment to protect data and information assets. Data and Information … s security posture. Requirements Bachelor's degree in Information Security, Computer Science, or a related field. 5+ years of experience in information security management, with a focus on ISO 27001 and compliance. Strong expertise in Microsoft 365 security features and configurations. Proven background in cybersecurity, risk management, and data governance. Excellent analytical and problem-solving skills … with the ability to think strategically. Strong communication and interpersonal skills, with a focus on collaboration and teamwork. Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable. Other information Your package and perks At M247, we go beyond the pay check to bring you a package of perks that truly enrich your journey More ❯

strategy development Lead efforts to assess and mature security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security … to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including: Holiday - UK / Asia: 25 holiday days and 3 'life days' (in addition to bank holidays). US: 23 holiday days. 2 paid volunteer days so that you can actively support causes … Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I. Hybrid working to promote a healthy work / life balance, enabling employees to work collaboratively in the office when needed and work from home when they don't. Active support of flexible working for all employees where More ❯

consultancy enables quantifiable compliance with key information security legislation, regulations, and industry standards, including PCI DSS, the UK Data Protection Act 2018 (DPA 2018), GDPR, and ISO / IEC 27001. If you would like to learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Conduct web, mobile, API, infrastructure, cloud … wireless penetration testing. Create detailed technical reports and deliver test findings directly to clients. Provide remediation advice and post-assessment consultancy. Contribute to internal testing methodologies and Red Team / social engineering activities. Mentor junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and articles. Skills / Must have: Strong knowledge of OWASP methodologies and offensive testing across black / grey / white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS, Azure, GCP). Understanding of mobile security (Android & iOS), networking protocols, and the OSI model. Excellent verbal and written communication skills More ❯

within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO / IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally and externally. Assist in remediation activities to resolve audit … logical reasoning and problem-solving abilities 2:1 degree in an IT or Science, Technology, Engineering or Mathematics (STEM) subject desired Knowledge of GDPR and Data Protection Knowledge of ISO27001 and other best practice security management frameworks Experience in third party security auditing Knowledge of cloud security controls Knowledge of the legal sector WHAT CAN YOU EXPECT WithAddleshawGoddard, youcanexpect asupportiveteam … year, with a review to increase in your second year (subject to performance). The team will also be supportive of the following courses for the graduate to complete: ISO27001:2022 Lead Auditor Course, CISSP (Certified Information System Security Professional), CompTIA Security+ and Soft skills courses. Corebenefitsinclude Life Assurance, Income Protection, Pension and Bonus schemes,withadditionalHealth & Wellbeingbenefitsand services, plus manyvoluntaryLifestylebenefits More ❯