26 to 50 of 80 Permanent ISO 27001 Lead Implementer Jobs

approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

Join to apply for the Group IT Risk Security Lead role at Finsbury Food Group 1 day ago Be among the first 25 applicants Join to apply for the Group IT Risk Security Lead role at Finsbury Food Group Location: UK (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) Shift: Monday to Friday Salary: Competitive + … Benefits We have an opportunity for a Group IT Risk Security Lead to join our IT Team. Finsbury Food Group is a leading speciality bakery manufacturer. We constantly raise quality and efficiency standards, and build long-term relationships with major multiple retailers and the foodservice channel. The bread for your morning toast, ready for butter-spreading or … party cakes like Caterpillar cakes This is what we do, and why we’re in business. Baking brilliance makes every day special. As our Group IT Risk Security Lead they will be our dedicated cybersecurity specialist responsible for strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The More ❯

to entities of the Proximus Group to assist with the overall reinforcement of their security posture. Help them in maintaining their ISO27001 certification or in preparing for an ISO 27001 certification and achieving NIS2 compliance. Perform cybersecurity assessments (NIS2, ISO27001, security maturity, risk) to identify gaps in the security program, define a baseline, As … security or computer science. 5+ years of experience in a combination of audit, risk management, information security and IT jobs. Knowledge of information security management frameworks, such as ISO 27000 series, NIST, ISF, CIS and NIS2 Directive. Experience in multiple security domains (Risk Management, Governance, Network and Application security, Vulnerability Management, IAM ) and experience with various security … technologies and tools. Experience with ISMS ISO 27001 implementations, conducting or supporting audits, risk assessments. Certified ISO 27001 Lead Auditor / Implementer and other certifications, such as ISO 9001 LA / LI, CISSP, CISM or willingness to get certified. More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

Client: Expleo Location: London, United Kingdom Job Category: Other - EU work permit required: Yes Job Reference: c9b40ca495cb Job Views: 4 Posted: 29.06.2025 Expiry Date: 13.08.2025 Job Description: Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential skills Strong understanding of cybersecurity assurance principles, risk management More ❯

standards. The role offers the opportunity to influence mission-critical projects within the marine and defence domain, applying structured cybersecurity assurance approaches to complex, multidisciplinary delivery environments. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential skills Strong understanding of cybersecurity assurance principles, risk management More ❯

standards. The role offers the opportunity to influence mission-critical projects within the marine and defence domain, applying structured cybersecurity assurance approaches to complex, multidisciplinary delivery environments. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential Skills Strong understanding of cybersecurity assurance principles, risk management More ❯

Cyber Essentials Plus and IT risk frameworks Excellent problem-solving and analytical skills Able to work independently and cross-functionally Strong written and verbal communication Desirable Qualifications: ISO27001 Lead Auditor / Implementer Certification Certified Information Systems Auditor (CISA) or equivalent Degree in IT, Computer Science, or a related field Understanding of cloud and infrastructure More ❯

Security Manager - ABDO 2019 & ISO / IEC 27001 Expertise Location: Netherlands Full-time Permanent Are you a skilled Security Manager with a deep understanding of ABDO 2019 regulations and ISO / IEC 27001 standards ? We are looking for a proactive and detail-oriented individual to lead … for developing, implementing, and maintaining a robust security management framework that aligns with the Assets Baseline Data Objective (ABDO) 2019 regulation and ISO / IEC 27001 information security standards. You will play a pivotal role in safeguarding our infrastructure, data, and operational integrity across the organization. Key Responsibilities Lead the … implementation and management of ISO / IEC 27001-aligned Information Security Management Systems (ISMS). Ensure compliance with ABDO 2019 regulatory requirements. Conduct security risk assessments and audits across physical, digital, and procedural domains. Develop, maintain, and test security policies, procedures, and incident response plans. Liaise with internal stakeholders, government bodies, and external More ❯

network you want to login / join with: Head of Information Security Required for an online retail business. The role will initially focus on ISO27001 & ISO9001 recertifications. Responsibilities Lead on information security strategy and implementation of security roadmap. Develop security KPIs and track their progress. Advise senior management on risk levels and any changes impacting security posture … including emerging threats. Create, maintain, and implement information security policies. Continuously validate the firm against policies and procedures to ensure compliance with ISO 27001, ISO 9001, Cyber Essentials+, and GDPR. Manage and continuously improve the firm's Information Security Management System. Oversee the information security training and awareness program. Lead … enhance security procedures to mitigate potential threats. Ensure cybersecurity requirements are embedded into new programs of work. Provide management and mentorship to security teams and staff. Create and lead the Security Operations Centre (SOC), ensuring real-time monitoring and incident response. Drive security awareness training and GRC initiatives. Report to senior stakeholders on threats, compliance gaps, and More ❯

security audits to evaluate and improve the effectiveness of risk management, control and governance processes. Independently deliver a wide range of GRC consultancy projects across client environments, including ISO 27001 implementation and maintenance, SOC 2 readiness assessments, GDPR compliance, and broader information security frameworks. Conduct comprehensive internal audits, gap analysis, and maturity assessments aligned … and develop actionable risk treatment plans tailored to client needs and business context. Design, write, and maintain information security policies, procedures, and documentation for clients across multiple sectors. Lead governance and compliance initiatives, including client-facing reporting, audit readiness support, and continual service improvement. Build trusted relationships with clients through consistent, expert guidance and support across security … and compliance engagements. Mentor and develop junior consultants, supporting their delivery quality and professional growth. Requirements Minimum five years of experience in a GRC consultancy or lead security role with significant client-facing responsibilities. Proven ability to independently deliver information security engagements across ISO 27001, SOC 2, GDPR, NIST, or similar More ❯

highly desirable. Experience of security transformation and delivery of security projects, particularly within a federated organisation. Desirable Skills Knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Good awareness of risk methodologies and ability … operating procedures. Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable What We Will Offer You Recognised and rewarded for a job well done More ❯

reviews related to InfoSec and privacy compliance. You will work closely with IT and business functions to identify risks, manage incidents, and advise on good practices aligned with ISO 27001 and / or NIST. Key Responsibilities Develop, review, and update the Bank's Information Security and Personal Data Protection (PDP) Frameworks (policies, directives, guidance … in IT, Security, Risk Management, or a related field (other fields will also be considered). Certifications : At least one recognised information security qualification (e.g., CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer). At least one data protection certification (e.g., EU-GDPR-P, CIPP / E More ❯

high–impact role where you'll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large–scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non–compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi–threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

high-impact role where you’ll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large-scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non-compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi-threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

high-impact role where you'll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large-scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non-compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi-threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

technology stack. What Excites You Help build world-class security practices and controls within a high-growth financial technology business shaping the future of payments. Conduct vulnerability assessments, lead external penetration testing, and risk analysis to identify weaknesses in applications, systems, and networks. Develop and maintain security policies, processes, procedures, and documentation. Champion security by design and … lead threat modelling across our products. Drive incident response planning and execution in collaboration with key stakeholders. Partner with Engineering, IT, and business teams to implement and enhance security measures. Work cross-functionally with engineers, designers, and commercial teams to support secure product development. Monitor, analyse, and respond to security events using advanced tools and techniques. Ensure … compliance with regulatory frameworks such as GDPR, ISO 27001, CCPA and other relevant frameworks. What Excites Us Experience in the Information and Cyber Security space with a focus on GRC, ideally within a high growth technology business. A breadth of experience across cloud & application security, infrastructure & network security especially AWS. Good understanding of AWS More ❯

Key Responsibilities Act as the Bank's IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Conduct security assessments and technical risk evaluations. Liaise with IT and MSSP teams to identify and remediate security risks … / incidents. Draft reports, risk register updates, and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business … What We're Looking For A Bachelor's or Master's degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in More ❯

Key Responsibilities Act as the Bank’s IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Conduct security assessments and technical risk evaluations. Liaise with IT and MSSP teams to identify and remediate security risks … / incidents. Draft reports, risk register updates, and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business … What We’re Looking For A Bachelor’s or Master’s degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in More ❯

and maturity. Stay updated on relevant frameworks and regulatory requirements. Required Skills, Qualifications, and Experience Bachelor’s degree in Information Security or related field; relevant certifications (e.g., ISO27001 Lead Implementer, CIPP, CRISC) are a plus. At least 2-3 years of experience in GRC, Information Security, or related fields. Experience with GRC platforms like … OneTrust is advantageous. Knowledge of risk management methodologies and frameworks such as CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2. Experience with audits, privacy breach investigations, and legal / regulatory interpretation. Ability to guide teams on privacy standards and compliance. Exposure to cloud environments and AI systems risk controls is a bonus. Strong understanding More ❯

Stay up-to-date with relevant frameworks and regulatory requirements. Required Skills, Qualifications, and Experience Bachelor’s degree in Information Security, or related field. Relevant certifications (., ISO27001 Lead Implementer, CIPP, CRISC are a plus. At least 2-3 years of experience in GRC, Information Security, or related fields. Hands-on experience with GRC … platforms, OneTrust is a bonus. Experience with risk management and risk assessment methodologies. Knowledge of frameworks like CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2, or similar. Experience in auditing, reporting, and investigating privacy breaches. Ability to interpret and apply complex legal and regulatory requirements. Experience working with cross-functional teams to implement privacy More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA) One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA). One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

leading to nationally recognised qualifications, such as chartered or principal status with the UK Cyber Security Council, or certifications such as CompTIA, NIST, PCiIAA, CISMP, CISSP, CREST, ISO27001 Lead Implementer / Auditor, SABSA, and TOGAF. A Mentor will be on hand to provide support and guidance throughout your journey with Actica. You will also More ❯