17 of 17 ISO 27001 Lead Implementer Jobs in England

dedicated Cyber Security? We have an exciting opportunity for an Information Security Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance Team's service offerings forward. Work with a innovative, industry-leading Cyber Security … to build relationships with internal and external stakeholders Hands-on experience in ISO27001 implementation and auditing Eligibility for Security Clearance Certifications Preferred: ISO / IEC 27001 Lead Implementer ISO / IEC 27001 Internal Auditor CISM / CISSP Salary & Benefits More ❯

information security , Risk Management, or Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / … Experience Requirements: 3-5+ years of experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and regulators. More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

Job Title: Cyber Security Lead Location: West Midlands, United Kingdom Salary: £62,000 - £73,000 (depending on experience) + Bonus + Excellent Benefits Clearance: Must be a British National and SC Cleared or Eligible ________________________________________ About the Role: We are seeking a proactive and experienced Cyber Security Lead to drive and enhance our organisation's … across the business. You will work closely with the Security Operations Centre (SOC), senior stakeholders, and cross-functional teams to maintain a secure and resilient environment. ________________________________________ Key Responsibilities: * Lead the response to cyber security incidents, ensuring timely resolution and root cause analysis. * Oversee the development and implementation of information security compliance and assurance programmes. * Ensure alignment with … ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the SOC to monitor, detect, and respond to cyber threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. * Promote a security-first culture through internal training and mentoring. * Communicate cyber risks, strategies, and progress effectively to stakeholders. * Stay informed More ❯

s Global Security Office is committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Information Security Risk Manager to lead on A&M wide information security risk management program and join our dynamic and growing team based in either our London or Tampa office. Position Summary: The Information … focused on managing and maintaining the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the OnSpring GRC Tool and can effectively assess and communicate technical security requirements to teams across the firm. Key Responsibilities … Risk Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the end-to-end information security risk management process, ensuring risks are proactively identified, assessed, recorded, and mitigated. Assess and prioritize security risks based on enterprise-wide impact, likelihood, and mitigation strategies. Act as a trusted security advisor, working cross-functionally with More ❯

GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System. This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business. Requirements … ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security More ❯

highly desirable. Experience of security transformation and delivery of security projects, particularly within a federated organisation. Desirable Skills Knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Good awareness of risk methodologies and ability … operating procedures. Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable What We Will Offer You Recognised and rewarded for a job well done More ❯

freedom, security, and efficiency, whether for personal finances, business operations, or global investments. What you will do: Drive the company's information security strategy, ensuring alignment with GDPR, ISO 27001, DORA, PSD2 / 3, and other relevant regulations Identify and address local and entity-specific security requirements to maintain rigorous standards Conduct regular risk … develop mitigation strategies across systems, processes, and vendors Develop and maintain security policies, standards, and incident response protocols Support business continuity and disaster recovery planning for seamless resilience Lead and oversee internal / external security audits to ensure transparency and accountability Partner with engineering and ICT teams to embed secure-by-design principles in products and infrastructure … role (ideally in payments or fintech), with proven Second Line of Defense responsibilities in InfoSec and IT Compliance & Frameworks : Demonstrated success meeting GDPR, EU NIS2, and familiarity with ISO 27001, NIST, and cybersecurity best practices Risk & Governance : Skilled in conducting risk assessments, defining mitigation strategies, and creating / enforcing security policies Good technical understanding More ❯

manage responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security … a related field. Experience supporting sales processes, including responding to RFx security assessments. Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.). Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences. Strong organizational skills with the … a proactive approach to problem-solving and attention to detail. Experience working in a SaaS, cloud, or technology-driven company is preferred. Professional certifications (such as CISM, CRISC, ISO 27001 Lead Implementer / Auditor, or similar) are a plus Additional Information We are proud to foster a diverse More ❯

the past 18 months. All four individuals are still with the company and really enjoying their roles! As an IT Systems Specialist, the role will ensure seamless onboarding, lead IT infrastructure projects, and support compliance initiatives (SOC2 Type II and ISO 27001 audits). You will manage our core tools (Google … access policies. Project Leadership: Migrate systems (e.g., email groups, Jira → HubSpot), implement SSO via JumpCloud, and manage tool integrations. Compliance Support: Partner with Vanta to maintain SOC2 / ISO 27001 readiness; document controls, remediate findings, and prepare audit materials. IT Operations: Troubleshoot issues, manage device inventory, and enforce security policies (MFA, endpoint protection). … IT support, systems administration, or compliance-focused roles. Hands-on experience with Google Workspace, Jira, SSO tools (e.g., JumpCloud), and MDM solutions. Familiarity with SOC2 Type II and ISO 27001 frameworks (audit processes, control implementation). Strong project management skills; ability to prioritize tasks across multiple stakeholders. Excellent communication skills for translating technical concepts More ❯