2 of 2 Part-Time ISO/IEC 27001 Jobs in Bristol

build and operate the Azure-based Internal Developer Platform as a product, enabling self-service environment provisioning and repeatable golden paths. Develop and maintain Infrastructure as Code (Terraform and / or Bicep) modules and reusable templates for AKS, networking, storage, databases, and app runtimes. Implement and evolve CI / CD pipelines (HL version control set) with quality gates … testing, security scanning, and progressive delivery. Introduce and run GitOps for Kubernetes (AKS preferred), patterns and multi-environment promotions. Own platform observability: metrics, logs and traces using Azure Monitor / Log Analytics / Application Insights, plus Datadog / Grafana where appropriate. Embed security by design: Azure Policy, Defender for Cloud, secrets management with Key Vault, SBOM and … image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs / SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform enhancements. Implement cost visibility and optimisation (FinOps More ❯

high performing Security team Leading by example to create a culture of continuous service improvements About you Experience in a regulated environment, preferably Financial Services. Previous experience in Information / Cyber Security, with demonstrable experience of Cloud Security tooling, to reduce risks and maintain strong controls in a DevSecOps cloud context Highly organised with the ability to prioritise workload … for example CCSK, CCSP, CISSP, CRISC Hands on demonstratable experience and knowledge of: Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017 / 27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF Atlassian, IAAC Terraform, Merge Requests, GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal … / Purview, Microsoft Information Protection (AIP), Azure Security Centre. Strong experience with DevOps practices, continuous integration / continuous deployment (CI / CD) pipelines, and related tools Ability to evaluate the adequacy of cloud security controls, and how they are applied in a business context. Interview process The interview process for this role will be in two stages. More ❯