13 of 13 Remote ISO/IEC 27001 Jobs in Bristol

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

Required Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05 139). An understanding of MOD ISN 23 / 09 Secure by Design. Knowledge of security frameworks, such as ISO / IEC 27001, NIST … NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good … salary & benefits . The client offers flexible working options, with some hybrid / remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Information Security Engineer Hybrid: Remote / Bristol Reporting to: Joe Mathews - VP of Technology Salary: £45,000 - £50,000 About Us Duel is a SaaS company on a mission to make Brand Advocacy the industry standard playbook for building brilliant retail brands. It was founded by world record breaking … a timely manner. Learn and implement security monitoring and automation solutions to detect and respond to threats. Help manage security tooling, including SIEM, IDS / IPS, and vulnerability scanning solutions. Work closely with engineers to support secure coding practices and help embed security considerations early in the development process. … as Secureframe, Drata, or Vanta. Experience working with pen testing and bug bounties a plus. Basic understanding of security tools such as SIEM, IDS / IPS, and vulnerability management solutions. Experience or knowledge of cloud security (AWS, GCP, or Azure). Awareness of security best practices in application and More ❯

knowledge sharing across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO / IEC 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53. Strong understanding of security … standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138 / 139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute More ❯

developing mitigation strategies. Conducting security code reviews and offering guidance to ensure a secure-by-design approach. Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans). Authoring vital security documentation, including RMADS and Security Assurance Documents. … Performing penetration testing and coordinating remediation efforts. What You Bring: A solid understanding of security frameworks such as ISO 27001 / 2, ISO 31000, NIST 800-30 / 37 / 53. Hands-on experience with Defence Standards (JSPs, HMG, Def Stan … / 139). Strong knowledge of security testing tools and techniques. Excellent communication skills — able to explain complex risks and solutions clearly. A proactive, problem-solving mindset with a high level of personal integrity and professional ethics. Experience with NIST standards. (this is an absolute must) You'll Succeed More ❯

reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents … vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP, CEH More ❯

Social network you want to login / join with: IT Director (Head of Software Engineering background), Bristol col-narrow-left Client: Robert Half Location: Bristol, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: 2ef02aa82f7f Job Views: 4 Posted: 02.05.2025 Expiry Date: 16.06.2025 … strategic capacity planning. Ensuring compliance with internal and external requirements, conducting internal control testing, and ensuring security of our IT infrastructure and data protection (ISO27001 / SOX). Developing standard operating procedures allied to best practice, and ensuring written protocols and guidelines are provided for IT staff and end … agreements. Ensure personal training and competency requirements are in line and up to date with company policy and Senior Management Certification requirements Key Skills / Experience: You will currently be serving as a senior Software Engineering Manager or IT Director with a heavy focus on internal software development in More ❯

vital role in safeguarding our cloud infrastructure and applications. - If you have expertise in AWS security, a strong understanding of security frameworks like ISO or NIST, and the ability to drive secure coding practices, we want to hear from you! The role. As an Application Security Engineer, you … such as ISO 27001, NIST, and CIS benchmarks. Collaborate with development teams to enhance secure coding practices and strengthen CI / CD pipeline security. Oversee and improve cloud security in AWS, leveraging tools such as AWS Security Hub, AWS Shield, and AWS IAM. Manage the … Familiarity with OWASP Top 10, CWE, and secure coding practices. Proficiency in using security tools such as static and dynamic analysis tools. Basic coding / scripting skills in Python, JavaScript, or similar. Strong communication skills with the ability to engage technical and non-technical stakeholders. Desirable Skills: Experience working More ❯

or equivalent) e.g. CISSP. In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, CIS, DSPT / CAF). Experience as a Security Architect or in a similar role, with a strong track record of designing and implementing security controls and … / or solutions and leading technical teams. Experience with architecture methodology such as TOGAF or SABSA. Experience of threat and risk modeling. Strong understanding of network security, encryption, authentication, and access control mechanisms. Experience with security technologies such as firewalls, intrusion detection / prevention systems, security information and … Google). Experience of DevSecOps. Experience of research in technology trends and ways to secure those technologies. Experience with automated deployment techniques and CI / CD pipelines. Experience working in or with Government organizations, especially within a Health and Social Care setting, including the handling of assets subject to More ❯

integration of identity services across all domains. A key focus will be maturing identity governance, automating processes, managing Segregation of Duties (SoD), enhancing RBAC / PBAC frameworks, and ensuring compliance with IAM policies. Qualifications You are an experienced leader in Identity Governance & Administration (IGA), with a passion for developing … our time between working on-site at our offices, and at home, remotely within the UK. We believe hybrid working achieves a good work / life balance for our colleagues, allowing us to connect with each other, collaborate on important work, and perform together to deliver for our customers. … option to purchase and sell days Free fresh fruit and snacks in the office 1 day for volunteering Funded Private Medical Insurance cover Electric / Hybrid Car Salary Sacrifice Scheme and Cycle to Work Scheme Life assurance at 4 times your basic salary to give you a peace of More ❯

from day one. What You'll Do As a DevSecOps Engineer, you'll be embedded in a fully agile team focused on secure CI / CD pipeline delivery, automated testing, and infrastructure as code. You'll bring security left, ensure functional integrity, and automate relentlessly. You Will Build and … maintain secure, scalable CI / CD pipelines Integrate functional and automation testing into every phase of delivery Embed security practices across all engineering stages Work cross-functionally with developers, testers, and architects Help define best practices and tooling for a high-stakes healthcare environment Technical Experience Proven experience in … roles Strong grasp of functional and automation testing (e.g., Selenium, JMeter, Cypress, Postman, etc.) Cloud-native tooling and containerization (Docker, Kubernetes, Terraform, etc.) CI / CD systems like GitLab CI, Jenkins, Azure DevOps Scripting skills (Bash, Python, or similar) Security mindset: static / dynamic code analysis, vulnerability scanning More ❯

maintained. Implement solutions in line with overall strategy and architecture. Take operational ownership of all information security management processes across projects. Ensure certification and / or network accreditation to required standards. Work closely with delivery partners and client / business stakeholders to understand their needs. Roadmap solutions to … ability to convey complex technical details to clients in a straightforward manner. Strong background in security architectures, processes and both industry and government compliances (ISO27001, CES, CES+ in particular). Background in Microsoft, AWS and / or Cloudflare security technology would be beneficial. Good knowledge of security standards, legislation More ❯

This role is to provide Quality Assurance support to the Defence Information program. This is a key role in providing quality assurance against ISO9001, ISO27001, ISO20000 and ISO44001 standards. The client’s Quality Management System is certified to ISO9001:2015, ISO27001 and ISO44001 as well as AS9100D and AS9110C. The … perspective. Preferred Skills, Qualifications, and Experience: • An understanding and previous experience of Quality Assurance Management. • A basic Engineering Lifecycle knowledge. • HNC in an Aerospace / Engineering discipline. • An experience in Aerospace / Defence background is highly desirable. • Lead / Internal Auditor AS9100 / ISO9001. • Knowledge of … MAA Regulations. • An understanding / experience of conforming to the Defence Standards. • Have a good understanding of Quality Management techniques. • Continuous Improvement Techniques and Management. • Computer literate. Minimum 2 days in office, rest working from home. If this of interest please apply today, or alternatively contact Kaisey Linscott on More ❯