1 to 25 of 750 ISO/IEC 27001 Jobs in England

Location: London / Greater London / Home-based with regular travel Reports To: Certification Manager / Head of Audit and Compliance Department: Information Security Certification About Us We are a UKAS-accredited certification body delivering independent audit and certification services across multiple management system standards, including ISO 9001, ISO 14001, and ISO … Lead Auditor based in or around London to join our expanding audit team. Youll lead and conduct Information Security Management System (ISMS) audits in line with ISO / IEC 27001:2022 , ISO 17021 , and UKAS requirements. Key Responsibilities Plan, conduct, and report Stage 1, Stage 2, surveillance, and recertification audits for … ISO 27001. Assess client ISMS implementations for conformity and effectiveness against ISO / IEC 27001:2022. Lead audits independently or as part of a multi-standard team (e.g. ISO 9001, ISO 22301, ISO 27701). Produce clear, objective audit reports with evidence-based findings and More ❯

Objectives & Outcomes Define and socialise target state architectures across Azure / AWS / GCP (networking, identity, landing zones, operations). Deliver reference architectures and reusable patterns for containerised, serverless, and data workloads. Establish / extend Cloud Landing Zones (policy, guardrails, RBAC, tagging, network segmentation). Lead migration and modernisation (re‐host / re‐platform / re‐factor) for priority applications. Implement IaC at scale (Terraform preferred; standard modules; pipelines). Build observability (logs, metrics, traces, SLOs) and resilience (HA, DR, RTO / RPO). Drive FinOps —cost transparency, budgets, showback / chargeback, right‐sizing. Embed security‐by‐design and compliance (CIS, NIST, ISO 27001, FCA / NHS … / PCI as applicable). Key Responsibilities Architecture & Design Produce HLDs / LLDs, diagrams, ADRs, non‐functional requirements, and traceability to business goals. Select and justify cloud services (compute, storage, data, AI / ML, integration). Define multi‐cloud connectivity (hub‐and‐spoke, transit gateways, ExpressRoute / Direct Connect / Cloud Interconnect, SD‐WAN). More ❯

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

security certifications, audits, and assurance standards for a leading Security Operations Centre (SOC) environment. This role will focus on delivering and maintaining key certifications such as ISO / IEC 27001 , SOC 2 Type II , Cyber Essentials Plus , and CREST SOC accreditation , as well as supporting sector-specific frameworks including PCI DSS and NCSC … CIR / CHECK . The ideal candidate will have a strong background in cybersecurity assurance , experience engaging with external auditors and customers , and a proactive approach to maintaining compliance and continuous improvement within a global SOC function. Key Responsibilities Certification Delivery & Maintenance Lead the delivery and ongoing maintenance of SOC-related certifications including SOC 2 Type II , SOC … ISO / IEC 27001 , Cyber Essentials Plus , and CREST . Manage sector-specific compliance such as PCI DSS and NCSC CIR / CHECK . Ensure timely renewals and proactively address compliance gaps. Security Assurance for SOC Operations Integrate certification and assurance requirements into SOC governance, processes, and operations. Maintain evidence collection and More ❯

and leading high-performing technical presales or sales engineering teams Broad technical foundation across areas such as cloud infrastructure, security and compliance, APIs, integrations, and modern approaches to AI / ML Demonstrated success in supporting large enterprise opportunities, from proof-of-value through to close This company values a top academic history so are looking for a 2.1 or … on with critical opportunities Responsibilities for Technical Presales Team Leader You will start leading a team of 4 Junior Pre-Sales Engineers in a role with an 80% sales / 20% solutions engineering split supporting how the software is integrated with customers: Lead, mentor, and grow a team of Tech Sales Specialists and Solutions Engineers Define best practices, playbooks … SaaS Integrations / APIs / Security / Compliance / AWS / Azure / GCP / NLP / ML / ISO27001 / SOC2 / GDPR More ❯

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information More ❯

now on an accelerated journey of innovation and international expansion-a rocket ship we’d love for you to be part of! Joblogic provides an all-in-one SaaS / CRM platform for field service businesses across industries such as HVACR, Plumbing & Heating, and Electrical Contracting & Maintenance. Our world-class software streamlines operations, boosts profitability, ensures compliance, and drives … across global operations, while enabling business growth and innovation. The SISL will build and mature Joblogic’s Information Security Management System (ISMS), maintain certifications such as ISO / IEC 27001:2022 certification and Cyber Essentials Plus, ensure compliance with UK GDPR and international regulations, and strengthen Joblogic’s resilience to cyber threats. Key … strategies. Support Sales and Customer Success in security assurance and due diligence processes for example InfoSec questionnaires. 2. Governance & Compliance Maintain and continually mature Joblogic’s ISO / IEC 27001:2022 certification, ensuring audit readiness. Ensure compliance with UK GDPR, Pakistan’s PECA, Vietnam’s Cybersecurity Law, and other applicable regulations. Lead policy More ❯

on AWS; drive standards, patterns, and guardrails, including Android & applications Lead an effective blended development model with clear SOWs, SLAs, quality gates, secure access, and code ownership. Manage engineering / infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering … execution across distributed in-house and outsourced teams. Champion 24 / 7 / 365 platform operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency / risk management, quality gates). Establish and enforce best … in-class DevOps, trunk-based, CI / CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity / authorisation, privacy by design; ISO27001 / 9001, security posture and customer due diligence. Cross-functional leadership Partner closely with Product leaders to ensure product discovery, prioritisation, and delivery processes are respected and aligned. Work More ❯

on AWS; drive standards, patterns, and guardrails, including Android & applications Lead an effective blended development model with clear SOWs, SLAs, quality gates, secure access, and code ownership. Manage engineering / infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering … execution across distributed in-house and outsourced teams. Champion 24 / 7 / 365 platform operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency / risk management, quality gates). Establish and enforce best … in-class DevOps, trunk-based, CI / CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity / authorisation, privacy by design; ISO27001 / 9001, security posture and customer due diligence. Cross-functional leadership Partner closely with Product leaders to ensure product discovery, prioritisation, and delivery processes are respected and aligned. Work More ❯

Looking for a strong Network Security professional responsible for Designing / Architecting / Implementing / Maintaining enterprise Network Security Infrastructure. Location: Warwick / Wokingham Mode: Hybrid (3-days work from Office) Experience Required: 8–10 Years Must Have / Mandatory Skills Palo Alto Networks – Firewalls (MUST) Network Security Architecture IAM, MFA, AAA, RBAC, Privilege Access … Cloud Security (OCI / Azure / AWS) SIEM / Vulnerability Management / PKI / Cryptography LAN / WAN / DMZ / Routing / Switching / Subnetting Key Responsibilities Design / Architect network security infra solutions like Firewalls, IDPS, Proxy, Load Balancers, VPN, WAF Build and optimize firewall policies + … network access controls Ensure compliance alignment (GDPR / PCI DSS / HIPAA etc.) Perform regular audits + risk assessments, close compliance gaps Evaluate / Recommend new security tools & methodologies Monitor network traffic & identify operational security threats Work closely with Network, Infra, Cloud & Engineering teams Communicate complex technical security topics to non-technical audience Provide guidance / More ❯

communication while driving compliance excellence, this opportunity is for you! What We're Looking For: Qualifications and Experience: Proven experience delivering and managing cybersecurity certifications (e.g., ISO / IEC 27001, SOC2 Type II, Cyber Essentials Plus, CREST). A strong understanding of SOC operations and security assurance frameworks. Experience engaging with customers during … audits and RFP / RFI processes, showcasing security-driven solutions. Familiarity with regulatory frameworks such as NIST CSF, GDPR, and UK NCSC guidance. Experience liaising with external auditors and certification bodies. Skills: Exceptional documentation and evidence collection capabilities. Strong communication skills to articulate technical assurance challenges to leadership and customers. Analytical and detail-oriented with a systematic approach to … Superb collaboration and stakeholder management abilities. Highly organised, able to manage multiple certifications and assurance projects simultaneously. Key Responsibilities Certification Leadership: Deliver and maintaincertifications such as ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST accreditation. Manage sector-specific frameworks, like PCI DSS for payment card data and NCSC More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About … the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant … audit readiness, evidence gathering, and control implementation. Excellent attention to detail, analytical thinking, and confident stakeholder communication. Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP / E, GDPR Practitioner, CISM, or CISA. Why Apply? Join a modern, compliance-driven business where security and governance are at the heart of operations. Visible More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

Cyber Security Architect £60,000–£70,000 + bonus + excellent pension Hybrid | Coventry (3 days / week on average) We’re partnering with a leading UK utility provider to hire a Cyber Security Architect who’ll set the standard for “secure by design” across major change, safeguarding critical national infrastructure and millions of customers. The impact you’ll … make Lead security architecture across multiple programmes / Agile Release Trains; shape option reviews and high-level designs that deliver proportionate, effective controls. Act as Product Owner for a flagship cyber programme — owning epics / features, prioritisation and roadmaps to outcomes. Govern security by design, ensure compliance (ISO 27001, PCI DSS, GDPR / … and align to enterprise security strategy. Advise senior stakeholders; collaborate across architecture, engineering and suppliers to land pragmatic, secure solutions. What you’ll bring 5–10 years in technical / information security with 3–5 years in security architecture. Strong coverage across IAM / PAM, endpoint / EDR, network, O365 / email, app & cloud (Azure / More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / uk.linkedin.com / company / ryder-reid-legal More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / uk.linkedin.com / company / ryder-reid-legal More ❯

Cyber Security Engineer (Hedge Fund) - Python / Powershell / SQL / Tableau BI / NIST / CISSP / CISA - PERM We are seeking a Cyber Security Risk Engineer with a robust background in the full suite of modern technologies employed within an enterprise environment. This role requires a deep understanding of operating systems (Windows … risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications / Skills Required Demonstrated experience working with information technology, information security, compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk … express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client / third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and / … organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security … Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001 / 2, PCI, CIS 18, CMMC Principal Cloud Security: 4+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards Hands-on experience with a More ❯

ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO / IEC 27001, NIST 800-30 / 53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. … Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138 / 05-139, and ISN 23 / 09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation … the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001 / 2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities — able to assess complex data and provide actionable insights. A collaborative communicator who can balance More ❯

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies, balancing exceptional user experience with enterprise grade security. We operate under an ISO / IEC 27001 certified ISMS and an ITIL aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … plans, schedules, and resource models. Oversee functional, regression, integration, UAT, and performance testing. Manage test environments, data, automation frameworks, and tooling. Ensure coverage across EUC technologies including Windows 10 / 11, Microsoft 365, collaboration tools, and VDI platforms. Lead defect management, triage, and resolution processes. Provide clear reporting on test progress, risks, and issues to senior stakeholders. Ensure compliance … with ISO / IEC 27001, IT governance, and change management processes. Drive continuous improvement of testing methods, automation, and processes. This is a leadership role with real visibility, ensuring that secure, user-centric solutions are delivered consistently and effectively. What We’re Looking For We would love to hear from you if you More ❯

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies, balancing exceptional user experience with enterprise grade security. We operate under an ISO / IEC 27001 certified ISMS and an ITIL aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … plans, schedules, and resource models. Oversee functional, regression, integration, UAT, and performance testing. Manage test environments, data, automation frameworks, and tooling. Ensure coverage across EUC technologies including Windows 10 / 11, Microsoft 365, collaboration tools, and VDI platforms. Lead defect management, triage, and resolution processes. Provide clear reporting on test progress, risks, and issues to senior stakeholders. Ensure compliance … with ISO / IEC 27001, IT governance, and change management processes. Drive continuous improvement of testing methods, automation, and processes. This is a leadership role with real visibility, ensuring that secure, user-centric solutions are delivered consistently and effectively. What We’re Looking For We would love to hear from you if you More ❯