22 of 22 ISO 27001 Lead Auditor Jobs in England

LEAD AUDITOR, ISO- UK BASED, REMOTE At Prescient Security, we are on a mission to simplify security and compliance. Our core values are: Bring Order to Chaos Be Accountable & See it Through 1000% With You Support & Collaborate Think Outside the Box Summary: We are seeking an experienced ISO 27001 Auditor to lead and execute comprehensive information security audits for clients across diverse industries. This role involves planning and conducting remote audits, evaluating ISMS documentation, identifying gaps, and ensuring compliance with ISO 27001 standards. The auditor will prepare … provide ongoing guidance to clients. Strong collaboration with internal teams and clear communication of findings to stakeholders is essential. The ideal candidate is detail-oriented, well-versed in ISO 27001, and committed to continual improvement and client success. EssentialDutiesandResponsibilities: Audit Planning and Preparation Developing Audit Plans:Create detailed audit plans, including scope, objectives, and More ❯

ISO Consultant – SC Cleared - £50,000 to £60,000 per year – Remote with limited travel to Midlands area FryerMiles are delighted to be working with a leading Consultancy to assist with their recruitment of an ISO Consultant to join their team on a permanent basis working with a wide range of public and private … sector clients from all sectors on exciting projects. The successful candidate will have significant experience in Information Security and ISO 27001 and be willing to attain further qualifications and experience with other ISO Standards. Ideal candidates will also be able to ensure clients achieve and maintain certification to other ISO Standards such as ISO 27701, ISO 9001 and ISO 22301 Key Responsibilities: Develop and implement comprehensive management systems aligned with relevant standards – ISO 27001, ISO 27701, ISO 22301, ISO 9001. Conduct audits of More ❯

local, growing and forward thinking organising in Bristol. This role will be tolead their information security compliance efforts, specifically in line with ISO / IEC 27001 , ISO / IEC 42001 and Cyber Essentials PLUS standards. In this role you will be responsible for maintaining, auditing, and continuously improving their … of a new Team to deliver CaaS and supporting services. Develop, implement, and maintain the Information Security Management System (ISMS) aligned with ISO / IEC 27001 and Cyber Essentials PLUS standards. Lead internal audits, gap assessments, and risk assessments for ISO 27001 and Cyber … organisation and are keen to progress your career. The following experience is also key in order to be successful in this role. ISO / IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO / IEC 42001or More ❯

So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for … owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials, ISO, and regulatory frameworks and ensure internal alignment. Control Documentation: Develop … the tracking and remediation of vulnerabilities in coordination with IT and Security Operations teams. Have you got what it takes? Strong expertise in audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus. Familiarity with CSOC tools such as More ❯

delivery managers to embed security controls from day one Review and guide third-party risk assessments and product security compliance Support DPIAs and ensure alignment with Cyber Essentials, ISO 27001, and NIST frameworks Lead threat modelling, risk assessments, and support documentation of potential vulnerabilities Influence strategic investment decisions based on risk … Need: Proven experience advising on security across the full project lifecycle Deep knowledge of Secure by Design principles and data protection best practices Strong familiarity with Cyber Essentials, ISO 27001, NIST, and other regulatory frameworks Hands-on experience supporting DPIAs and third-party risk reviews Ability to clearly communicate cyber risks to both technical … and non-technical stakeholders Previous experience working in Agile or change-heavy delivery environments Relevant certifications such as CISSP, CISM, SABSA, or ISO 27001 Lead Auditor Our client is looking to fill this position as a matter of urgency, so if you're interested please apply to this More ❯

manage responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security … a related field. Experience supporting sales processes, including responding to RFx security assessments. Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.). Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences. Strong organizational skills with the … a proactive approach to problem-solving and attention to detail. Experience working in a SaaS, cloud, or technology-driven company is preferred. Professional certifications (such as CISM, CRISC, ISO 27001 Lead Implementer / Auditor, or similar) are a plus Additional Information We are proud to foster a diverse More ❯

strategies. Identify, assess, and mitigate information security risks within Heat UK Work as part of the BA Customers & Solutions Security & Resilience team to implement policies, standards, and controls. Lead security risk assessments, audits, and compliance initiatives and promote security awareness and training programs tailored to business needs. Support business continuity planning and incident response, including participation in … translate security policies into actionable controls for IT / OT environments. Drive cybersecurity awareness and training tailored to business and OT users. Ensure compliance with industry regulations (e.g. ISO / IEC 62443, GDPR, etc). Company Description Vattenfall is a European energy company with approximately employees. For more than 100 years we have electrified industries, supplied … the fields of computer science, engineering or business informatics. Strong understanding of industrial control systems (ICS), SCADA, and business IT systems. Familiarity with cybersecurity frameworks (e.g., NIST CSF, ISO 27001, IEC 62443). Relevant certificates for proof of competence are an advantage: CISSP, GICSO, CRISC CISM, CISA, ISO 27001 More ❯

risk evaluations. Act as the Bank's IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Liaise with IT and MSSP teams to identify and remediate security risks / incidents. Draft reports, risk register updates … and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business needs. What We're Looking For A … Bachelor's or Master's degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in the IS domain. Strong written and More ❯

we looking for? Strong experience delivering end-to-end security assurance in complex, fast-paced environments Broad knowledge of IT and security frameworks, regulations, and best practices (e.g., ISO 27001, DPA, GDPR) Familiarity with security tools such as vulnerability scanners, SIEM, DDoS protection, remote access, authentication / authorisation technologies, and data loss prevention Understanding … risk to technical and non-technical stakeholders Self-driven, collaborative, and confident operating both independently and within teams Desirable Qualifications & Experience: Certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Auditor / Implementer Knowledge of the NIST Cybersecurity Framework Experience with Smart Metering or highly regulated environments … and Public Key Infrastructure (PKI) Understanding of Hardware Security Modules (HSMs) About the DCC: At the DCC, we believe in making Britain more connected, so we can all lead smarter, greener lives. That desire to make a difference is what drives us every day and it wouldn't be possible without our people. Each person at the More ❯

performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical … analysis, and interpretation. Experience Researching and applying latest technologies. Experience with Agile methodology. Big 4 accounting experience. Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent. Additional Information This is a permanent hybrid role in Costa Rica. No relocation available. More ❯

performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical … analysis, and interpretation. Experience Researching and applying latest technologies. Experience with Agile methodology. Big 4 accounting experience. Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent. Additional Information This is a permanent hybrid role in Costa Rica. No relocation available. More ❯

Are you ready to lead the evolution of cyber defence at one of the UK's leading Universities? Your leadership will be instrumental as Man Met embarks on a major security and risk transformation programme-building a resilient, agile, and forward-looking security capability that supports innovation across the University. Manchester Metropolitan University is seeking an experienced … and motivated Head of Security Architecture and Compliance to lead and develop a new function. In this pivotal role, you'll guide a talented team to design and implement the protections required to counter threats across a diverse and complex digital estate. You'll shape the direction of our security framework, ensuring that guidance, policy and reference … also take ownership of our security assurance testing programme, working with internal and external partners to validate the security of our most critical systems and processes. You will lead on internal and supply chain compliance ensuring that university-wide processes, teams, and systems operate within defined security policies, standards, and procedures to meet internal requirements and partner More ❯

risks arising from third parties are mitigated. Maintain awareness of innovative thinking, industry practice and governance around data security risk operation programs as relevant to Visa. Support compliance lead with the EMV testing requirements waivers for payment terminals and cards including assessment and review prior to signoff. Support compliance lead with waiver and change … requests to Visa rules on behalf of Europe risk. Support compliance lead on regularly delivering reporting on the health of the compliance programs. Represent Visa in security-forums including PCI events. This is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager. Educated to degree level in a relevant discipline or … appropriate solutions and providing the leadership to effectively implement change. Self-driven, demonstrated excellence in leading risk and / or compliance programs. Preferred Qualifications Security certifications (CISSP, CISA, ISO 27001 Lead Auditor) Knowledge, understanding and experience of risk management practices in financial services Knowledge of the UK and More ❯

ll be responsible for developing and implementing Cancer Research UK's information security strategy, ensuring the protection of sensitive data, and maintaining compliance with relevant regulations. You'll lead a team of security professionals, manage security incidents, and foster a culture of security across the organisation, working very closely with CRUK's Cyber programme. In a supportive … Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. Represent CRUK in external security networks. Lead and develop a growing team of information security specialists (7+ FTE). What skills are we looking for? Significant experience of senior information security leadership in a multisite … and a willingness to challenge conventional thinking by the development of alternative solutions. Highly organised with excellent project, service and supplier management skills. Certifications: CISSP, CISM, CCSP, or ISO 27001 Lead Auditor / Implementer. What will I gain? Each and every one of our employees contributes to our More ❯

ll be responsible for developing and implementing Cancer Research UK's information security strategy, ensuring the protection of sensitive data, and maintaining compliance with relevant regulations. You'll lead a team of security professionals, manage security incidents, and foster a culture of security across the organisation, working very closely with CRUK's Cyber programme. In a supportive … Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. Represent CRUK in external security networks. Lead and develop a growing team of information security specialists (7+ FTE). What skills are we looking for? Significant experience of senior information security leadership in a multisite … and a willingness to challenge conventional thinking by the development of alternative solutions. Highly organised with excellent project, service and supplier management skills. Certifications: CISSP, CISM, CCSP, or ISO 27001 Lead Auditor / Implementer. What will I gain? Each and every one of our employees contributes to our More ❯

ll be responsible for developing and implementing Cancer Research UK's information security strategy, ensuring the protection of sensitive data, and maintaining compliance with relevant regulations. You'll lead a team of security professionals, manage security incidents, and foster a culture of security across the organisation, working very closely with CRUK's Cyber programme. In a supportive … Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. Represent CRUK in external security networks. Lead and develop a growing team of information security specialists (7+ FTE). What skills are we looking for? Significant experience of senior information security leadership in a multisite … and a willingness to challenge conventional thinking by the development of alternative solutions. Highly organised with excellent project, service and supplier management skills. Certifications: CISSP, CISM, CCSP, or ISO 27001 Lead Auditor / Implementer. What will I gain? Each and every one of our employees contributes to our More ❯

and approachable and the ability to be able to evidence success in a senior manager position within a complex health care environment is essential. You'll take the lead on a number of key responsibilities including the below, as part of the Trust's new vision that is outlined within the job description: Data Protection (i.e. Data … Retention, Data Protection, Handling Information) Desirable Data Security / Information Security Qualification Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Certified Ethical Hacker (CEH) ISO27001 Lead Auditor Certification Formal management / leadership training / qualification Service Improvement training / qualification Experience Essential Significant operational management experience in leading a team in … such as the Local Authorities, Department of Health (DoH) Experience Integrated Care Boards (ICB), NHS England and National Cyber Security Centre (NCSC) Cyber Essentials Plus, Cyber Assessment Framework & ISO 27001 Experience of managing a demanding and expanding service creatively and efficient in an agile manner Awareness of corporate and records management requirements Reporting to More ❯

compliance , and remediation activities Background in regulated environments, preferably with experience in law enforcement , MOD , or Home Office programmes Desirable: Certifications such as CISSP , CISA , CISM , or ISO27001 Lead Auditor Experience engaging with senior stakeholders in public sector cyber or protective security roles More ❯

ability to implement solutions yourself Knowledge & experience working with ISO27001 and other relevant frameworks Organising and communicating, hit the ground running independent Desired Relevant certifications e.g. CISM, ISO27001 Lead Auditor / Implementer Benefits Join a company thriving in the media industry Have the freedom to shape your position as you see fit Work with More ❯

Central Bristol Job Type: Full-time, Hybrid (2 days per week in-office) Salary: £60,000 - £70,000 + Benefits We are recruiting an Information Security Manager to lead the operational and strategic security programme for a respected organisation headquartered in central Bristol. This hybrid role offers the opportunity to shape the company's approach to information … risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST … cloud services (AWS, SaaS, IaaS) . Strong communication skills and stakeholder management abilities. Experience in incident response and enterprise risk reporting. Professional certifications such as CISSP or ISO27001 Lead Implementer / Auditor (desirable). Benefits: Hybrid working (2 days per week in-office) Generous annual leave & pension contributions Life assurance and private health options More ❯

Central Bristol Job Type: Full-time, Hybrid (2 days per week in-office) Salary: 60,000 - 70,000 + Benefits We are recruiting an Information Security Manager to lead the operational and strategic security programme for a respected organisation headquartered in central Bristol. This hybrid role offers the opportunity to shape the company's approach to information … risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST … cloud services (AWS, SaaS, IaaS) . Strong communication skills and stakeholder management abilities. Experience in incident response and enterprise risk reporting. Professional certifications such as CISSP or ISO27001 Lead Implementer / Auditor (desirable). Benefits: Hybrid working (2 days per week in-office) Generous annual leave & pension contributions Life assurance and private health options More ❯

Central Bristol Job Type: Full-time, Hybrid (2 days per week in-office) Salary: £60,000 - £70,000 + Benefits We are recruiting an Information Security Manager to lead the operational and strategic security programme for a respected organisation headquartered in central Bristol. This hybrid role offers the opportunity to shape the company's approach to information … risk reduction across the business. You'll be responsible for maintaining ISO27001 compliance, overseeing risk assessment and mitigation, and supporting incident management across multi-entity operations. Key Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST … cloud services (AWS, SaaS, IaaS) . Strong communication skills and stakeholder management abilities. Experience in incident response and enterprise risk reporting. Professional certifications such as CISSP or ISO27001 Lead Implementer / Auditor (desirable). Benefits: Hybrid working (2 days per week in-office) Generous annual leave & pension contributions Life assurance and private health options More ❯