1 to 25 of 41 ISO/IEC 27001 Jobs in Central London

Information and Cyber Security within EMEA. Manage the intragroup relationships across AD and EMEA for Information and Cyber Security, ensuring service levels are met for all services received and / or provided. Accountabilities & Responsibilities : Define intra group security governance and service management framework Enhance and embed the operating / engagement model and service level agreement to ensure continuous … depth knowledge of third-party regulations across UK and EU such as ECB's EBA, DORA and related standards Information and Cyber Security Frameworks and industry Standards (e.g., NIST / ISO 27001 / COBIT / ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

is hiring for Security Audit Analyst for London, UK location, Job: Security Audit Analyst Job Type: Open for both Permanent and Fixed Term Contract Location: London, UK(3 Days / Week onsite) Job Description: Overview The Third-Party Audit Consultant is responsible for conducting customer audits, managing short-term projects, and assessing third-party security compliance. This role requires … ISO 27001 Lead Auditor certification and a solid understanding of risk management principles. Requirements Certification as an ISO 27001 Lead Auditor, with hands-on experience conducting audits and managing audit processes. Ability to manage short-term projects independently, from planning to execution, including audit preparation and report generation. Familiarity with technology systems … of third-party vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing More ❯

Technical Expertise * Strong understanding of cyber security principles and risk management. * Hands-on experience with cloud security, particularly Azure services and tools. * Familiarity with security frameworks such as ISO 27001, NIST, or CIS. * Knowledge of security technologies (firewalls, remote access, ZTNA). * Exposure to threat modelling and cyber threat intelligence is advantageous. Core Skills * Excellent communication … be treated in the strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

strategic and operational decisions, supporting the business in managing risk appropriately. Maintain legal risk register and contribute to companywide risk review. Policy Oversight and Monitoring Where relevant implement and / or maintain key corporate policies owned by the legal team, including but not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and … in or leading the design and implementation of compliance frameworks, policies, and legal risk controls across multiple jurisdictions. Familiarity with international compliance standards and regulations. Working knowledge of ISO standards such as ISO 27001 (information security), ISO … compliance management), or ISO 9001 (quality management), and their practical application within business operations. Understanding of internal control design, maintenance of compliance registers, and participation in internal / external audits. Proficient in using legal research tools, compliance management platforms, and document control systems. Skilled in drafting and managing corporate policies and procedures to support legal, regulatory, and More ❯

Sentinel - essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell … scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500 / SC-400 / SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. M365 Consultant, M365 Engineer, Senior Cloud Security Engineer, Infrastructure Engineer, Azure Security More ❯

integrate with LLM APIs (e.g., Gemini, Azure OpenAI) and internal systems. Implement advanced front-end security features including token handling, session management, data masking, and audit logging. Translate UX / UI designs into modular, reusable components aligned with enterprise design systems. Integrate front-end applications with REST / GraphQL APIs, WebSockets, and backend services. Collaborate with AI engineers … Ensure compliance with cybersecurity and data privacy standards through secure coding practices and regular code reviews. Deploy applications to GCP (Firebase, Cloud Run) and Azure App Services using CI / CD pipelines hardened for security and compliance. Participate in code reviews, technical design discussions, and architecture planning sessions. Required Knowledge, Skills & Experience Proven experience building secure, production-grade front … end applications in regulated environments (e.g., finance, healthcare, government). Strong proficiency in modern JavaScript / TypeScript frameworks (React, Next.js) and responsive UI development. Demonstrated ability to build front-end applications from scratch in greenfield or innovation lab settings. Experience developing interactive UIs, dashboards, chat interfaces, and data visualizations for AI-powered tools. Skilled in integrating front-end applications More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

A leading Fintech / Payments company is looking for a proactive and technically skilled Application Security Engineer / DevSecOps to champion secure development practices across our software delivery lifecycle. In this role, youll play a key part in identifying and reducing application-layer risks, integrating security into the development pipeline, and ensuring that security considerations are embedded throughout … to have set them up, you should have collaborated with developers to ensure code is scanned and critical vulnerabilities are blocked in the pipeline. Integrate security controls into CI / CD pipelines and development workflows. Manage and monitor SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle. Conduct secure code reviews and support remediation efforts. Threat … of OWASP Top 10, secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI / CD pipelines, and DevOps processes. Strong communication skills and the ability to collaborate effectively across teams. Understanding of regulatory and security standards (ISO 27001, FCA More ❯

Security Risk Analyst 6-month contract London / Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role … able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the … improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party / vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic More ❯

premises systems to validate secure configurations. Conducting general risk assessments of new applications or tools being used within the organisation. Experience in co-ordination of the requirements to meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience … administrating PAM solutions, such as CyberArk. Understanding of NCSC cyber security principles and good practice. Familiarity with change and configuration management from a cyber perspective. Working knowledge of ISO 27001 or NIST standards. Relevant certifications (e.g., Security+, CySA+, CISMP) are desirable. If you are interested, please apply at first instance More ❯

across the organisation Manage stakeholder relationships across IT, operations, and compliance teams Implement and optimise Microsoft security tools and frameworks Ensure alignment with regulatory and industry standards (e.g. ISO 27001, GDPR) Support the business in adopting secure-by-design and Zero Trust principles Tech Environment: Microsoft Sentinel Microsoft Defender (Cloud, Endpoint, Office 365) Microsoft Entra ID More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills, with the More ❯

stakeholders. Develop training and support materials for IT risk awareness. Contribute to enterprise risk planning and resolution strategy development. Experienced Required 10+ years of experience in IT Risk, Internal / External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to … work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA / FCA, BMA, CBI). Strong analytical, verbal, and written communication skills. Highly organised, emotionally intelligent, and proactive in navigating complex environments. If you are interested in exploring this further then please reach out to as@arthur.co.uk. More ❯

stakeholders. Develop training and support materials for IT risk awareness. Contribute to enterprise risk planning and resolution strategy development. Experienced Required 10+ years of experience in IT Risk, Internal / External Audit, or Risk Management (preferably within insurance). Strong understanding of industry frameworks such as NIST, ISO 27001, COBIT, or COSO. Proven ability to … work independently while managing senior-level stakeholder relationships. Demonstrable experience with global regulatory environments (e.g., PRA / FCA, BMA, CBI). Strong analytical, verbal, and written communication skills. Highly organised, emotionally intelligent, and proactive in navigating complex environments. If you are interested in exploring this further then please reach out to as@arthur.co.uk. More ❯

and other sources of information to remain up to date with technical issues affecting the ICT sector. Liaise with clients to analyse, review, identify and develop relationships that meet / exceed customer needs. Contribute to highest levels of prospect and customer satisfaction. Ensure that all company processes, procedures, and standards are adhered to at all times. Provide support for … Cisco CCIE Aruba CCCP Expert level Radius Experience, including Cisco ISE, Aruba ClearPass Process Management – ITIL is highly desirable Experience and Knowledge: A minimum of five years providing network / security solutions in a technical support role to a high technical level or have graduated in an IT related subject, complimented by a minimum of three years experience. Experience … opportunities and welcome all applications. As a specialist in secure technology solutions, all successful candidates will be subject to pre-employment checks, so we can ensure compliance with our ISO27001 (Information Security) and Cyber Essentials Plus certifications. We are committed to using any personal information you may give us in a secure and proper manner, for more information please see More ❯

domains. Industry and Market Awareness Stay informed of external trends, technologies, and regulatory developments to shape future integrated solution strategies. Requirements: Telecommunication Network Architecture Expertise- Deep knowhow of IP / MPLS, SDWAN, Radio access network, 3GPP standards and Core telecom network system Enterprise and Solution Architecture Expertise Deep understanding of architecture principles and frameworks (e.g. TOGAF), with the ability … solutions. Systems Integration Proficient in integrating diverse systems using APIs, middleware, messaging, and data transformation patterns across cloud and on-premises platforms with architecture experience of integration of OSS / BSS and customer interfaces. Cloud and Modern Infrastructure Architecture Skilled in solutions on public cloud platforms (e.g. AWS, Azure, GCP), including use of containers, serverless, and hybrid cloud strategies. … make sound architectural decisions. Security and Compliance by Design Knowledge of secure architecture practices and regulatory requirements, ensuring solutions protect sensitive data and meet compliance standards (e.g. GDPR, ISO 27001). Leadership and Mentoring Experience leading architecture teams, guiding junior architects, and building architectural maturity across delivery functions. Business and Commercial Acumen Ability to align technical More ❯

IT Security Engineer / Lead London - £75,000 - £85,000 pa + Bonus + Benefits JNC are working with a growing professional services company in London that are looking to bring on a talented IT Security Engineer who will help lead them into the next phase of their security operations journey. This is a really exciting opportunity for someone … ISO 27001 In line with the Conduct Regulations 2003, when advertising permanent vacancies JNC Recruitment are acting as an Employment Agency, and when advertising temporary / contract vacancies JNC Recruitment are acting as an Employment Business More ❯

Experience with firewalls, intrusion detection systems, antivirus software, authentication systems, content filtering, and log management. * Experience with network security and networking technologies. * Knowledge of security frameworks and certifications - NIST, ISO27001, Cyber Essentials etc * Tech stack experience: Extreme Networks Switches & Wireless, Silver Peak Aruba SD-WAN, Check Point firewalls, NetScaler load balancers, Tenable Nessus vulnerability scanner, Rapid7 SIEM, Forcepoint Stonesoft URL More ❯