126 to 150 of 926 ISO/IEC 27001 Jobs in England

for identified deficiencies and assist with implementing corrective actions. Improve IT Controls and Process documentation (i.e., work with process owners to refine risk control matrix, improve process flows, refine / develop test procedures, propose control language and associated risks etc.) Maintain up-to-date knowledge of regulatory requirements and best practices in IT controls and SOX compliance. Assist with … ITGCs). Excellent knowledge of a wide range of technology (infrastructure, applications, networking, cyber security, IT governance). Familiarity with IT control frameworks such as COBIT, NIST or ISO 27001. Experience with auditing tools and techniques, and proficiency in Microsoft Excel, Word, Outlook, Visio, PowerPoint, Access. Excellent analytical, problem-solving, verbal and written communication skills with the ability More ❯

of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI / CD and backlog management Prepare and present regular security reports to senior management More ❯

strong projects delivery and change processes to ensure a robust and safe IT Infrastructure meets business needs. This role is a hands-on position designing and provisioning new systems / platforms within a controlled project environment. Ensure that the IT strategy for infrastructure and security requirements is adhered to and continuously improved, supporting the business in its day-to … that support them, including the interfaces between systems. Sharing equally with other members of the team, the responsibility of responding to out of hours calls and patching. What skills / experience do you need to be successful in the role? We are looking for IT Infrastructure Professionals with a minimum of 3 years level 2 experience in a commercial … holiday per year (pro rata) plus bank holidays Free health cash plan so you can claim back cash for a range of medical expenses. Wellbeing support - including a 24 / 7 employee assistance programme (EAP) for you and your nearest and dearest. More ❯

Information Security / Information Privacy SME (Contract) Location: Central London (Hybrid - 2 days onsite per week) Contract: Inside IR35 or Umbrella Engagement Duration: 6-12 months (with potential extension) Industry: Private Banking / Wealth Management Role Overview: We are seeking a highly experienced Information Security / Information Privacy Subject Matter Expert (SME) to support a leading private … and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management … sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP, CISM, CISA, ISO 27001 Lead Implementer / Auditor, CIPM, or similar. Excellent written and verbal communication skills. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community More ❯

strong specialisation in Artificial Intelligence (AI) and Machine Learning (ML) security. The role involves significant influence across the organisation, with customers and peers, regarding the strategic contribution of AI / ML security to business objectives. The post holder will apply a wide range of complex technical and professional security activities in diverse AI / ML contexts, driving the … development and execution of AI / ML security strategies. A key aspect of the role is contributing to the formulation of AI / ML security policies, standards and strategies, ensuring alignment with overall business and technology strategies. Key Accountabilities / Responsibilities: AI / ML Security Strategy and Architecture: • Strategically define and implement AI / ML … security strategies, policies, and standards. • Develop and lead enterprise security architecture for AI / ML systems and pipelines. • Design secure architectures for complex AI / ML models and infrastructure. • Establish and maintain AI / ML architecture patterns and reference architectures. • Direct AI / ML architecture standards development, ensuring best practices. • Evaluate and select security tools for More ❯

Information Security Analyst - 6-Month FTC Governance, Risk and Compliance Location: London / Hybrid Contract Type: Fixed Term (6 months) Salary: Competitive A global professional services firm is seeking a proactive Information Security Analyst to support the delivery of robust security and privacy policies across its global operation. This role is ideal for someone with hands-on experience in … information risk management, policy compliance, ISO 27001 , and client security due diligence . Key Responsibilities: Maintain and evolve the firm’s Information Security Management System (ISMS) and associated documentation Support audits and ensure security practices align with industry standards (e.g., ISO 27001, Cyber Essentials) Assist with Business Continuity Management (BCM) - including BIAs … cyber team in aligning security measures with application and infrastructure development What We’re Looking For: Demonstrable experience in information security and privacy risk management Working knowledge of ISO 27001 , Cyber Essentials , and CIS Controls frameworks Ability to articulate security risks and controls clearly to technical and non-technical stakeholders Strong analytical and written communication skills More ❯

in IT security, with a focus on product and cyber security design Strong understanding of industry standards and frameworks (e.g., NIST 800-53, NIST CSF, NIST 800-171, IEC 62443, ISO 27001) Proficiency in network, application, and database security architecture Hands-on experience with vulnerability … testing and threat analysis In-depth knowledge of OS and network security (including virtual and cloud-based environments such as AWS) Familiarity with security systems: endpoint protection, firewalls, IDS / IPS, wireless security, authentication, encryption, and log management Experience in application and database security design Governance and risk management expertise, particularly in vulnerability assessment Proven ability to lead technical More ❯

if IT Responsibilities Include: Design and deliver our IT strategy and infrastructure Manage cloud platforms, ELNs, LIMS, data storage, and collaboration tools Lead security, risk assessments, compliance (e.g. ISO 27001, GDPR) Oversee device management, access control, and incident response Build and scale an internal IT & security team What we're looking for: 5+ years in IT … 27001, NIST, GDPR, and SaaS risk management Strong communication and stakeholder management skills Bonus points for: life sciences experience, HPC familiarity, or certifications like CISSP / CISM. Bond Williams Professional Recruitment are an equal opportunity employer and operate as an Employment Business and Recruitment Agency #J-18808-Ljbffr More ❯

Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience … endpoint, and cloud security. - Ability to assess and communicate technical vulnerabilities in business terms. - Experience working with or within a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and … You will always however hear from us by phone if we are able to take your CV forward to the next stage. You can also follow us at Twitter / Facebook / LinkedIn or via our website . More ❯

strategy development Lead efforts to assess and mature security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security … to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including: Holiday - UK / Asia: 25 holiday days and 3 'life days' (in addition to bank holidays). US: 23 holiday days. 2 paid volunteer days so that you can actively support causes … Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I. Hybrid working to promote a healthy work / life balance, enabling employees to work collaboratively in the office when needed and work from home when they don't. Active support of flexible working for all employees where More ❯

strategy development Lead efforts to assess and mature security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security … to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including: Holiday - UK / Asia: 25 holiday days and 3 'life days' (in addition to bank holidays). US: 23 holiday days. 2 paid volunteer days so that you can actively support causes … Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I. Hybrid working to promote a healthy work / life balance, enabling employees to work collaboratively in the office when needed and work from home when they don't. Active support of flexible working for all employees where More ❯

and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other standards Help identify and assess information security risks, working closely with the Cyber Risk Manager Provide guidance to colleagues on basic security best practices and requirements Contribute to … to confidentiality and professionalism Qualifications A bachelor's degree in computer science, information technology, cyber security, or a related field Experience and knowledge Familiarity with information security frameworks, especially ISO27001 (2013 or 2022) Basic understanding of risk management principles and security controls Interest in developing expertise in auditing, compliance, and risk Desirable (nice to have) Knowledge of other standards or … to become a specialist in your field or climb to the top, we'll support you every step of the way. Job Info Job Identification 23936 Posting Date 07 / 01 / 2025, 09:07 AM Job Schedule Full time Locations 64 Newman Street, London, GT LON, W1T 3EF, GB Crawley Court, Winchester, HANTS, SO21 2QA, GB More ❯

and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external audits to maintain compliance with ISO27001 and other standards Help identify and assess information security risks, working closely with the Cyber Risk Manager Provide guidance to colleagues on basic security best practices and requirements Contribute to … to confidentiality and professionalism Qualifications A bachelor's degree in computer science, information technology, cyber security, or a related field Experience and knowledge Familiarity with information security frameworks, especially ISO27001 (2013 or 2022) Basic understanding of risk management principles and security controls Interest in developing expertise in auditing, compliance, and risk Desirable (nice to have) Knowledge of other standards or … to become a specialist in your field or climb to the top, we'll support you every step of the way. Job Info Job Identification 23936 Posting Date 07 / 01 / 2025, 09:07 AM Job Schedule Full time Locations 64 Newman Street, London, GT LON, W1T 3EF, GB Crawley Court, Winchester, HANTS, SO21 2QA, GB More ❯

grow. This is a cross-functional, hands-on role with a strong strategic lens -you'll own our information security posture end-to-end, ensuring we maintain our ISO 27001 accreditation, while preparing for other relevant accreditations (such as SOC2 and Cyber Essentials). You'll proactively manage risks and help create a secure environment where … ll Do Information Security Leadership Own and evolve our ISMS (Information Security Management System), ensuring it remains fit for purpose as we scale. Maintain and advance compliance across ISO 27001, SOC2, Cyber Essentials, GDPR, and any emerging frameworks (e.g. PCI DSS, AI governance), ensuring we are audit-ready. Identify, assess, and mitigate security risks across infrastructure … handling. Secure Tooling and IT Ops Oversight Guide secure configuration and ongoing management of tools like Kandji, Twingate, and 1Password. Oversee secure onboarding and offboarding workflows from a systems / access perspective, reducing risk during personnel changes. Partner with internal stakeholders to manage vendor selection and SaaS procurement, balancing usability, security and cost. Proactively monitor access controls, audit trails More ❯

SOC Tier 3 Analyst 6 Month contract initially Based: Remote / Reading - Hybrid. Max 3 days p / w onsite. Rate: Market rates p / d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where … actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o … methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection / response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified Forensic Computer Examiner (CFCE) o GIAC Certified Forensic More ❯

Active Directory, and Azure AD Ability to understand and articulate interoperability between technologies and design pragmatic security solutions for the bank Effective collaboration with internal and external SMEs / partner organizations Experience with frameworks such as ISO 27001 / 2, SOC, NIST, or COBIT About You Skills Recognized leading security qualification or working towards More ❯

understanding of both traditional security principles and the unique challenges posed by AI technologies. What you'll be doing: AI Security Architecture: Design and implement secure architectures for AI / ML models, data pipelines, and related infrastructure. Develop security policies and procedures specific to AI systems. Evaluate and select security tools and technologies for AI environments. Risk Assessment and … integrated throughout the AI lifecycle. Communicate security risks and recommendations effectively to both technical and non-technical audiences. What experience you'll bring: 7+ Years experience in a Cyber / Information Security Role. Hold a current and relevant Security Certifications (e.g., CISSP, CISM). Extensive knowledge of security best practices, frameworks, and standards (e.g., NIST, ISO 27001 … . Proven experience as a Security Architect, with a strong focus on AI security. Deep understanding of AI / ML concepts, including model development, data pipelines, and deployment. Strong understanding of ethical AI principles and practices. Experience with AI security tools and technologies. Knowledge of adversarial machine learning techniques. Familiarity with AI governance frameworks. Experience with data security and More ❯

of experience in GRC within cybersecurity, ideally in financial services or highly regulated environments. Proven capability in third-party risk management, client due diligence, and compliance frameworks (NIST, ISO 27001, DORA, etc.). Experience in managing audits and regulatory engagements across multiple jurisdictions. Excellent communication skills - able to translate complex technical concepts to non-technical stakeholders. … the ability to influence how cyber risk is managed across a major financial institution. If you would like to discuss this role in confidence reach out to Javed Hussain / More ❯

and own risk assessments to identify vulnerabilities and recommend appropriate controls and solutions. Develop and implement relevant IT policies, processes, and procedures in line with client requirements and industry / compliance best practices. Support clients in navigating regulatory requirements and compliance audits, including risk mitigation strategies for digital technologies. Analyse and drive digital risk data and insights to drive … requirements and translate them into actionable business strategies for IT risks and opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and / or optimizing these solutions. Experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem-solving skills with experience in data-driven decision-making. … of a growing team, who embrace diversity and inclusion and who are market-oriented and ready to help our clients solve and control their biggest issues, risks and regulatory / compliance requirements. What we offer EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance More ❯

details About the role Are you driven by a strong sense of integrity and a passion for safeguarding digital infrastructure? We are looking for a proactive and experienced Cyber / Information Security Lead to join our 3C ICT Shared Services team. In this pivotal role, you will uphold the highest standards of confidentiality, integrity, and availability across our IT … 27001, Cyber Essentials Plus, and risk mitigation Relevant qualifications such as CISSP, CISM, Security+, or equivalent Strong technical understanding of network and application security, anti-virus / EDR, SIEM solutions, and vulnerability testing tools Excellent communication skills with the ability to explain complex technical issues to non-technical audiences A collaborative, analytical and proactive approach to More ❯

cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, NIST). Experience with security tools and technologies (e.g., firewalls, IDS / IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with cloud and internet security. More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

follow security protocols. Reporting & Documentation: Create and maintain clear, concise reports, metrics, and documentation related to security incidents, risks, and controls. What we need from you; Practical experience of ISO27001 / 27004 / 27005 and NIST Risk Management Framework (RMF) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation … benefits: Access to private healthcare, dental schemes, Workplace ISA, Go Green Car Scheme, technology and lifestyle options (£500 annual allowance) Holidays: 25 days plus bank holidays, option to buy / sell leave and to accrue up to 12 additional flexi leave days per year Pension: Award winning pension scheme (up to 15% employer contribution) Wellbeing: Employee Assistance Programme with … follow security protocols. Reporting & Documentation: Create and maintain clear, concise reports, metrics, and documentation related to security incidents, risks, and controls. What we need from you; Practical experience of ISO27001 / 27004 / 27005 and NIST Risk Management Framework (RMF) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments . click apply for More ❯