Experience: Minimum 8 years of information security experience, with at least 3 years in aerospace, aviation, or highly regulated industries Proven experience implementing and managing ISMS frameworks, preferably ISO27001 certification Deep understanding of aviation cybersecurity regulations, including EASA requirements, CAA frameworks, or similar aviation security standards Experience with industrial control systems security, particularly in safety … critical environments Demonstrated expertise in cybersecurity risk assessment and management methodologies specific to engineering and manufacturing environments Technical Expertise: Strong knowledge of cybersecurity frameworks (NIST, ISO27001, aviation-specific standards) Experience with security architecture design for complex technical systems Understanding of aviation safety management systems and their integration with cybersecurity programmes Familiarity with certification processes and … for presenting security strategies to technical and executive audiences Experience building security teams and developing cybersecurity culture within engineering organisations Preferred Qualifications: Professional certifications such as CISSP, CISM, ISO27001 Lead Auditor, or aviation security qualifications Experience with hydrogen infrastructure, electric propulsion systems, or clean energy technologies Knowledge of aviation certification processes (FAA, EASA, CAA) Background More ❯
principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO27001/ 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication and … space system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯
Gloucestershire, United Kingdom Hybrid / WFH Options
SSR General & Management
security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO27001, NIST 800-30 / 53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138 / 139). Proficiency in security threat More ❯
Bristol, Kendleshire, Gloucestershire, United Kingdom Hybrid / WFH Options
SSR General & Management
security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO27001, NIST 800-30 / 53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138 / 139). Proficiency in security threat More ❯
Cheltenham, Gloucestershire, England, United Kingdom
Oscar Technology
not limited to requirements such as GDPR & ISO 27001. Collaborating with other areas within the company such as the Infrastructure & DevOps teams to integrate virtualisation with CI / CD pipelines and other automation frameworks. Skills: VMWare - vSphere Hyper-V Strong knowledge with automation and scripting technologies such as Python, PowerShell or Ansible. Cloud-based virtualisation (e.g., Azure … GCP, AWS) Knowledge around relevant industry standards such as ISO27001 & GDPR. Benefits Healthcare package Life Works Gym Allowance Cycle to Work Long-Term Sickness Insurance Employee Assistance Programme Discretionary Bonus Infrastructure Engineer (eDV Cleared) | £70,000-£100,000 | VMware | Hyper-V Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this More ❯
Cheltenham, Gloucestershire, England, United Kingdom Hybrid / WFH Options
IMT Resourcing Solutions
in enterprise-level cloud and hosting environments Strong knowledge of Azure IaaS / PaaS, EntraID, networking, and virtualisation Experience with Infrastructure as Code (IaC) and ITIL /ISO27001 environments Excellent communication skills, able to engage technical and business stakeholders Why join? Work with cutting-edge Azure cloud technologies Opportunity to influence long-term IT strategy Supportive, collaborative culture More ❯
SIEM, and threat detection Compliance frameworks (e.g. NIST, ISO27001, CIS Controls) Security automation and scripting Producing security artefacts and documentation Experience within Operational Technology / IoT-rich environments would be an added bonus If this sounds like a role you would be interested in, please apply online ASAP - Shortlisted applicants will be contacted within More ❯
Gloucestershire, England, United Kingdom Hybrid / WFH Options
Hays Specialist Recruitment Limited
global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others.Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. … Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of … years experience.Skills Required: Proven experience in information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical More ❯
fast-growing consultancy. Key Responsibilities of the IT Technical Lead: Define and maintain TwinStream s IT strategy in partnership with leadership. Take ownership of our IT estate, from AWS / M365 accounts to endpoint management. Provide technical leadership and mentoring to the IT team. Drive incident resolution and problem management when needed. Partner with stakeholders across Delivery, InfoSec, Finance … Infrastructure as Code (Terraform, Microsoft365DSC, etc.). Backup & Disaster Recovery planning and execution. SaaS deployment and support, ensuring compliance. Engaging with stakeholders at all levels. Desirable extras: Knowledge of ISO27001, Cyber Essentials Plus, and information security tooling. Public sector client experience. Linux and Windows system administration. Why Join Us? Generous Pension 8% employer contribution Private Medical Healthcare including dental & optical More ❯
to the team. Key Responsibilities of the Lead Infrastructure Engineer: Define and maintain TwinStream s corporate IT strategy with senior leadership. Own and manage the IT estate from AWS / M365 accounts to mobile devices and laptops. Provide technical leadership, mentoring, and guidance to the IT team. Work with our Service Manager to continuously improve IT capabilities as an … monitoring). Infrastructure as Code (Terraform, Microsoft365DSC). Backup & Disaster Recovery planning and execution. SaaS deployment and integration. Strong stakeholder engagement and communication skills. Nice to Have: Knowledge of ISO27001, Cyber Essentials Plus, and InfoSec tooling. Experience working with public sector customers. Linux and Windows system administration. Why Join Us? Pension Plan 8% employer contribution. Private Medical Healthcare including dental More ❯
Stoke Gifford, Gloucestershire, United Kingdom Hybrid / WFH Options
Synoptix
and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯
Bristol, Stoke Gifford, Gloucestershire, United Kingdom Hybrid / WFH Options
Synoptix
and retention policies Manage documentation and change control processes for, servers, and applications Contribute to strategic planning for future IT requirements aligned with company growth and compliance needs (e.g. ISO27001, GDPR, DCC) Actively promote team values and adhere to all relevant company policies Essential Skills: Strong knowledge of IT infrastructure, networking, security and compliance frameworks Experience in managing, servers, systems … Jenkins Docker, Kubernetes Terraform, Ansible Additional tools as required Benefits: Annual Company Bonus – Based on company performance 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Flexible hybrid working arrangements Continuous professional development including incentives Access to online Udemy training facility to support grade specific learning pathways Electric car scheme More ❯
Cheltenham, Gloucestershire, South West, United Kingdom
Sanderson Government and Defence
Accurately delivering high quality work to agreed timelines. Taking the initiative on project work, and knowing how to jump straight in. Supporting client engagements, including pitches and presentations. Skills / Knowledge You have relevant and recent experience working within the cyber security industry. You have experience in a consulting or customer facing role. You have worked in technical client … with security controls within cloud-based infrastructure (e.g Azure, AWS, GCP). This may include design, configuration, or protective monitoring. You have experience working with security control frameworks e.g. ISO27001, NIST, CAF or others. You have demonstrable continuous personal development with relevant certifications and accreditations. You have strong interpersonal skills You have UK security clearance at SC or above or More ❯
Cheltenham, Gloucestershire, United Kingdom Hybrid / WFH Options
fortice
PING ID specialist Location: Cheltenham | Hybrid - 30% office 70% home Duration: 31 / 12 / 2025 - possible extension MUST BE PAYE THROUGH UMBRELLA We are heading up a recruitment drive for a global consultancy that require a SC Cleared PING ID specialist to join them on a major government project that's based Cheltenham 2 days per week. … Role Description: IAM SME with experience of Web SSO / MFA and Application integration, based upon Ping Directory, Ping Federate and PingOne MFA. Ping Federate with Radius. Upgrade experience on Linux. Also experience of working in a Secure Client environment. Demonstratable experience in Ping Directory, Ping Federate, PingOne MFA, Ping Fed Radius, configuration, migration and Application onboarding using SAML … and MFA for existing applications. Working with client project manager and support planning work breakdown steps Proficient in stakeholder management. Knowledge of government security standards and processes such as ISO27001 standards, NNPPI, NIST & Cyber Essentials Plus & GDPR. More ❯
Cheltenham, Gloucestershire, South West, United Kingdom
Sanderson Government and Defence
Ping ID Specialist / IAM Consultant - SC Clearance Location: Cheltenham Road, Bishops Cleeve Work Type: 70% Remote, 30% Office Length: Initial Short Term Contract, c.2 months with scope for extensions Rate: £450 - £500 (Inside) Clearance: Must have active SC Clearance Role Description: IAMSME with experience of Web SSO / MFA and Application integration, based upon Ping Directory, Ping … and MFA for existing applications. Working with client project manager and support planning work breakdown steps Proficient in stakeholder management. Knowledge of government security standards and processes such as ISO27001 standards, NNPPI, NIST & Cyber Essentials Plus & GDPR. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
Twinstream Limited
looking for an experienced Governance, Risk & Compliance (GRC) Project Manager to lead and deliver key compliance and accreditation programmes across the business. This role will focus on maintaining our ISO27001 and Defence Cyber Protection Partnership (DCPP) accreditations, while driving projects to achieve new certifications in ISO9001, ISO20000, and ISO14005. You ll play a pivotal role in shaping and embedding governance … stakeholders to ensure policies, processes, and controls are aligned with compliance standards, and ensuring projects are delivered on time and to scope. What You ll Do: Manage and maintain ISO27001 & Cyber Essentials+ accreditations Ensure compliance with DCPP requirements Lead accreditation projects for ISO9001, ISO20000, and ISO14005 Work with auditors, certification bodies, and key stakeholders Develop and embed governance policies, processes … senior management Deliver project plans, timelines, and reports for compliance initiatives What You ll Bring: Proven track record as a GRC, Compliance, or IT Project Manager Strong knowledge of ISO27001 (implementation & certification) Hands-on experience leading accreditation or certification programmes Excellent understanding of governance, risk, and compliance frameworks Strong stakeholder management and communication skills Detail-oriented, organised, and able to More ❯
ready for operational handover. Manage risks associated with installation or decommissioning, communicating with project managers and other stakeholders, and adopting measures to reduce risks. Plan, estimate, and schedule installation / decommissioning work, minimizing disruption and seeking necessary approvals for changes. Maintain high levels of IT security by implementing security baselines and configuration hardening in collaboration with cyber security engineers. … relevant infrastructure experience in an IT Engineer role. Strong experience with Microsoft environments and implementing security best practices. Knowledge of network security principles, IAM, and compliance frameworks like ISO 27001. Proficiency in virtualisation technologies, public cloud platforms, and hybrid environments. Excellent communication skills, able to act as a bridge between technical and non-technical stakeholders. If you are More ❯