26 to 50 of 513 ISO/IEC 27001 Jobs in England

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST 800-53 or OWASP … Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa More ❯

Access Control (RBAC) policies to ensure users receive appropriate access based on defined roles. Enforce access control standards and ensure alignment with organisational and regulatory requirements (e.g. GDPR, ISO 27001). Monitor IDAM systems for security incidents, vulnerabilities, and compliance risks, responding promptly to mitigate threats. Manage identity provisioning, de-provisioning and entitlement reviews across cloud … excellent documentation and communication skills. Relevant certifications (e.g. CISSP, CIAM, CISM) or equivalent experience. A proactive, collaborative approach and commitment to continuous improvement. Core Skills Identity & Access Management (IAM / IDAM) Azure Active Directory / Entra ID Role-Based Access Control (RBAC) Multi-Factor Authentication (MFA) Single Sign-On (SSO) Privileged Access Management (PAM) Authentication & Authorisation Security Administration … IT Governance & Compliance Cybersecurity / ISO 27001 / GDPR Active Directory Cloud Security (Microsoft 365 / Azure) Why Join? Work within a respected global organisation investing heavily in digital transformation and cyber resilience. Opportunity to lead on IDAM improvement projects and shape access governance strategy. Flexible hybrid working environment with excellent benefits. Ongoing More ❯

Access Control (RBAC) policies to ensure users receive appropriate access based on defined roles. Enforce access control standards and ensure alignment with organisational and regulatory requirements (e.g. GDPR, ISO 27001). Monitor IDAM systems for security incidents, vulnerabilities, and compliance risks, responding promptly to mitigate threats. Manage identity provisioning, de-provisioning and entitlement reviews across cloud … excellent documentation and communication skills. Relevant certifications (e.g. CISSP, CIAM, CISM) or equivalent experience. A proactive, collaborative approach and commitment to continuous improvement. Core Skills Identity & Access Management (IAM / IDAM) Azure Active Directory / Entra ID Role-Based Access Control (RBAC) Multi-Factor Authentication (MFA) Single Sign-On (SSO) Privileged Access Management (PAM) Authentication & Authorisation Security Administration … IT Governance & Compliance Cybersecurity / ISO 27001 / GDPR Active Directory Cloud Security (Microsoft 365 / Azure) Why Join? Work within a respected global organisation investing heavily in digital transformation and cyber resilience. Opportunity to lead on IDAM improvement projects and shape access governance strategy. Flexible hybrid working environment with excellent benefits. Ongoing More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external … audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across … both written and verbal * Ability to build effective working relationships and influence at all levels * Comfortable working independently and proactively across teams Desirable: * Experience in supplier risk management and / or tender processes * ISO 27001 Lead Auditor / Implementer, PCIP, CISM, CompTIA Security+, or CISMP certification What you get in return: * Up to More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

and others), report issues, and ensure compliance with governance and legislation. Own your automations, code, databases, and lists. Ensure adherence to ISO 27001, DCB 0129 / 0160, and Trust policies. Complete governance documentation to required standards and stay updated on changes. Participate in internal and external audits. Understand stakeholder needs and support them during automation … design and build. Help identify new automation opportunities across the Trust. Action break / fix requests within agreed timelines. Attend IA team and project meetings. Maintain strong knowledge of Intelligent Automation and Power Platform technologies to support evolving business priorities. About us Berkshire Healthcare NHS Foundation Trust is a specialist mental health and community health services trust. Rated 'outstanding … receive a high number of applications, we may close this role earlier than the advertised closing date, so please submit your application as soon as possible. Person Specification Education / Qualifications / Training Essential Educated to degree level in a subject relevant to the post or with relevant experience working within an automation or citizen developer environment. Desirable More ❯

legal and regulatory requirements. Deliver cybersecurity audits for client organisations in line with UK regulations. Assess compliance with: UK GDPR & Data Protection Act 2018 NIS Regulations ISO / IEC 27001 Cyber Essentials / Plus Telecommunications (Security) Act 2021 Identify risks and provide actionable recommendations. Produce clear audit reports and present findings to … standards. Proven experience in cybersecurity auditing, ideally in a consultancy or client-facing role. Strong knowledge of UK legal frameworks and compliance standards. Relevant certifications (e.g. CISA, CISSP, ISO 27001 Lead Auditor). Excellent communication and stakeholder engagement skills. Ability to work independently and manage multiple client engagements. This is an interim opportunity ideal for professionals More ❯

Experience: Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries Proven experience implementing and managing ISMS frameworks, preferably ISO 27001 certification Deep understanding of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards Experience with industrial control systems security, particularly in safety … critical environments Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments Technical Expertise: Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, aviation-specific standards) Experience with security architecture design for complex technical systems Understanding of aviation safety management systems and their integration with cybersecurity programmes Familiarity with certification processes and … for presenting security strategies to technical and executive audiences Experience building security teams and developing cybersecurity culture within engineering organisations Preferred Qualifications: Professional certifications such as CISSP, CISM, ISO 27001 Lead Auditor, or aviation security qualifications Experience with hydrogen infrastructure, electric propulsion systems, or clean energy technologies Knowledge of aviation certification processes (FAA, EASA, CAA) Background More ❯

of professional experience in information security. Certification such as Certified Information Systems Security Professional (CISSP) strongly preferred. Deep understanding of cybersecurity principles, frameworks (such as NIST, ISO / IEC 27001), and compliance standards. Experience with financial service regulations and regulations such as FCA, SEC, MAS, DORA. Proficient knowledge of network security principles and … controls such as Firewalls, IPS / IPD, TCP / IP, DHCP, and DNS Extensive experience in securing Operating Systems such as Windows, UNIX / Linux and Mac systems. This includes security access rights, implementing configuration best practices Knowledge of cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid, community) and experience in implementing and … access and experience with Single Sign-On (SSO), Multi-Factor Authentication (MFA), and role-based access control (RBAC) systems to enhance security and operational efficiency. Understanding of Secure DevOps / CI / CD pipeline governance Supervisory responsibilities No You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and More ❯

Information Security Manager (3 days / week, permanent pro-rata) Location: Leeds-hybrid (on-site 1-2 day / week, typically Mon / Tue) Reports to: VP, Information Security Team: 5 in security (within a wider UK tech org of ~25, multi-region) We’re looking for a hands-on InfoSec Manager to take pressure off the … shape the control environment, and keep the security operations and compliance moving at speed. You’ll blend GRC and technical oversight , working closely with two security engineers (vuln scanning / IDS, external pen-test liaison) and two GRC specialists. What you’ll do Drive and extend ISO 27001 implementation / maintenance (UK certified; expanding … to Madrid and Manila ). Support SOC 2 Type 2 maintenance (already accredited)—expert level not required. Oversee SIEM operations with the tech team: ensure log ingestion / coverage , daily monitoring, and follow-up. Guide vulnerability management, alert triage (Alert Logic), and external pen-test cycles. Keep evidence flows tight: client questionnaires, audit responses, security awareness, and user access More ❯

Facilities Building Supervisor / Manager - Data centre The Facilities Buildings Supervisor is responsible for all Data Centre buildings. This is a pivotal role within a 5* DC campus The key objective of the role is to work with the team to take ownership of the DC’s (excluding critical plant) and drive towards operational excellence. Ownership encompasses everything from … and enhancement of the buildings, including efficiency, quality and fabric across the site, ensuring that all buildings are maintained in compliance with industry best practice, legislation and relevant ISO standards, that they are energy efficient and serve our teams and customers perfectly. The role takes ownership of delivering building management projects aiming at continuous improvement of service quality … generator power, etc. • Ensure Business Continuity and disaster recovery plans are documented, tested, implemented and maintained with the DC Buildings Manager. Previous experience of working to and within ISO regulated processes and procedures like • ISO 9001, ISO 27001, ISO 22301, BS OHSAS 18001 H&S, ISO 50001, ISO More ❯

Facilities Building Supervisor / Manager - Data centre The Facilities Buildings Supervisor is responsible for all Data Centre buildings. This is a pivotal role within a 5* DC campus The key objective of the role is to work with the team to take ownership of the DC’s (excluding critical plant) and drive towards operational excellence. Ownership encompasses everything from … and enhancement of the buildings, including efficiency, quality and fabric across the site, ensuring that all buildings are maintained in compliance with industry best practice, legislation and relevant ISO standards, that they are energy efficient and serve our teams and customers perfectly. The role takes ownership of delivering building management projects aiming at continuous improvement of service quality … generator power, etc. • Ensure Business Continuity and disaster recovery plans are documented, tested, implemented and maintained with the DC Buildings Manager. Previous experience of working to and within ISO regulated processes and procedures like • ISO 9001, ISO 27001, ISO 22301, BS OHSAS 18001 H&S, ISO 50001, ISO More ❯

security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data … Protection teams on policy alignment and compliance. Technical Review and Oversight Lead or oversee reviews of system architectures, applications, cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM / PAM implementations and M365 / Azure / Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution … security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track More ❯

with 2-4 days per week on-site. You will assist the Cyber & Information Security Specialist in ensuring our firm adheres to governance and assurance obligations, such as ISO 27001:22. You will also collaborate closely with the Information Security Technology Manager to safeguard the company using the latest and most advanced security tools. This multifaceted … Key Skills: Highly experienced in information security governance, risk management, and compliance. Demonstrated experience with developing and implementing information security policies, procedures, and standards. Experience with SOC 2, ISO 27001, NIST 800-53 and GDPR compliance frameworks is highly preferred. Strong understanding of security risk management principles and methodologies. Excellent communication, collaboration, and interpersonal skills. Ability … personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http: / / proactive.it / privacy-notice / More ❯

role with a strong emphasis on risk analysis, threat detection, and architectural review Proven expertise in conducting threat modelling and security design reviews for complex, cloud-native applications (AWS / GCP, Kubernetes) Deep understanding of common application and infrastructure vulnerabilities (OWASP Top 10, MITRE ATT&CK) and their mitigation Experience managing penetration testing engagements and working with development teams … or PCI DSS Experience in automating security controls and compliance checks against standards and frameworks which include SOC 2, ISO 27001, PCI DSS / 3DS Experience performing secure code reviews and using SAST / DAST tools for security approvals Expertise in Kubernetes, securing clusters and meshes (Cilium is preferable), networking best practices and RBAC … a plus) Container security knowledge including container image provenance (e.g. Sigstore, Notary) with an in-depth knowledge of container runtimes Strong understanding of network protocols & practices, firewalls, intrusion detection / prevention systems and WAFs Understanding of integrating security into the software development lifecycle Experience performing secure code reviews and security approvals including the use of static and dynamic application More ❯

and improving our security posture in tandem with GRC practices and policies as they evolve to align with current and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing … reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but experience of having delivered security change projects / programmes Experience with GDPR / UK Data Protection, Cyber Essentials and ISO 27001 frameworks Azure security tooling including Security Centre, Defender, Sentinel, Intune, AWS … Admin Day), closure of office over Christmas (plus Bank Holidays) Discretionary Bonus based on company performance Performance Reviews every 6 months with discretionary salary increases Private healthcare (Vitality) and / or Health Care Plan (Medicash More ❯

assurance, or information security , this position provides exposure to high-impact projects within a collaborative, forward-thinking environment. Key Responsibilities Governance & Compliance: Support and maintain compliance frameworks, including ISO 27001, CAF, and other relevant standards. Risk Management: Identify, assess, and monitor security risks, ensuring effective mitigation and continuous improvement within the ISMS. Audit & Assurance: Plan, conduct … functions to support security governance objectives. Skills & Experience Essential: Experience within GRC, assurance, risk management , or information security . Understanding of risk assessment methodologies and compliance frameworks (e.g. ISO 27001, CAF, NIST). Strong communication and reporting skills, with the ability to produce clear, concise documentation. Excellent organisation and prioritisation skills with attention to detail. Confident … or similar legislation. Degree in Cybersecurity, Information Security, or a related field . Professional certifications such as CISA , CISM , CISSP , or ISO 27001 Lead Implementer / Auditor . Benefits Competitive salary and comprehensive benefits package. Flexible hybrid working arrangements. Access to professional development and certification support . Inclusive and supportive culture focused on collaboration and More ❯

assurance, or information security , this position provides exposure to high-impact projects within a collaborative, forward-thinking environment. Key Responsibilities Governance & Compliance: Support and maintain compliance frameworks, including ISO 27001, CAF, and other relevant standards. Risk Management: Identify, assess, and monitor security risks, ensuring effective mitigation and continuous improvement within the ISMS. Audit & Assurance: Plan, conduct … functions to support security governance objectives. Skills & Experience Essential: Experience within GRC, assurance, risk management , or information security . Understanding of risk assessment methodologies and compliance frameworks (e.g. ISO 27001, CAF, NIST). Strong communication and reporting skills, with the ability to produce clear, concise documentation. Excellent organisation and prioritisation skills with attention to detail. Confident … or similar legislation. Degree in Cybersecurity, Information Security, or a related field . Professional certifications such as CISA , CISM , CISSP , or ISO 27001 Lead Implementer / Auditor . Benefits Competitive salary and comprehensive benefits package. Flexible hybrid working arrangements. Access to professional development and certification support . Inclusive and supportive culture focused on collaboration and More ❯

you will have a proven track record of delivering GRC consultancy across sectors. You will demonstrate strong knowledge of frameworks such as ISO, ISF, NIST CSF, NIS / NIS2, DORA, CIS, and Cyber Essentials, and the ability to explain complex requirements clearly to both technical and non-technical audiences. You will have experience engaging with enterprise clients … the opportunity to work on high-impact projects within a forward-thinking, supportive environment that values expertise, innovation, and growth. KEY RESPONSIBILITIES: Deliver high-quality GRC services, including: ISO 27001 NIST Gap Analysis CAF Assessments PCI DSS CSMA, ISF, and CIS Assessments Develop and maintain in-house methodologies, templates, and delivery playbooks for core GRC services. … 27001 Lead Auditor or Lead Implementer certification PCI DSS Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) NIST Cybersecurity Framework or CAF-related training / accreditation Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Years of Experience Minimum More ❯

I and EU regulations. You will chair status review sessions, maintain accreditation tracking systems, and provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials / Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid … Nottingham-based role reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials / Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance … Partner with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001 / 2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows / More ❯