1 to 25 of 219 ISO/IEC 27001 Jobs in London

Senior ISO27001 Consultant Location: Hybrid (75% remote) with on-site presence as required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Senior ISO27001 Consultant, you will lead client engagements to design, implement, and maintain ISO frameworks, supporting clients through gap analysis, remediation, certification readiness, and continual improvement. You'll collaborate with senior … through Stage 1 and Stage 2 certification audits Establish ISMS performance monitoring and reporting mechanisms Provide targeted training to embed a security-first culture Experience Required Proven experience in ISO27001 implementation and auditing Strong understanding of ISMS frameworks and private sector regulatory requirements Excellent communication and client-facing consultancy skills Relevant certifications such as ISO27001 Lead Auditor / Implementor … CISSP, CISM, CRISC, CISA Experience with additional standards (ISO / IEC27701, ISO / IEC29100, ISO / IEC42001, ISO / IEC22301) is a plus What's in it for You Flexible Working: Remote-first with travel as needed. Career Development: Continuous learning and professional growth. Benefits Package: Includes Private More ❯

the status of all mitigating controls to both Business and Technology risk committees as appropriate.The scope of this role covers all Technology Risks; IT Strategy and Architecture, Service Management / Stability, Capacity / Capability Management, Disaster Recovery and Crisis Management. This role will also integrate the output from the Information Security Risk and Transformation Risk teams into the … overall risk reporting for each Business Unit. You'll help us make health happen through: Interpreting and communicating to the Business Unit changes to Risk Polices, Business / IT Strategy, legislation that impact the existing Risk and Control Framework. Identifying and assessing Technology Management and Information Security issues so that control environments are properly defined and residual risk regularly … essential. Demonstrable experience in Information Technology audits or IT Assurance (e.g., CISSP, CISM, CISA, CRISC, CCAK) A sound understanding of British and International Security Standards (e.g., ISO / IEC 27001, ISO / IEC 27002, NIST, CIS-20, PCIDSS) and the UK regulatory environment (e.g., ICO, FCA, PRA and More ❯

Overview London - UK / IT / Navro - Pioneering the Future of Payments Architecting Trust: Information Security Manager This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. You won't have layers of approval slowing you down. You will have the … Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture. Successfully lead internal and external security audits - ISO 27001 / SOC2 Type II / PCI-DSS. Champion a company-wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security … other key stakeholders on implementing and maintaining security policies and standards including disaster recovery and business continuity testing. Work with Sales and Operations on business critical procedures for onboarding / offboarding clients and vendors. Act as primary contact for security due diligence and assessments. Project manage initiatives with product and engineering teams to embed "security by design" into products More ❯

SDLC practices across product teams, from design to release. Perform threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI / LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure strong access … you'll bring: Hands-on experience in information security, ideally within a SaaS or product-led environment. Proven success leading or supporting ISO 27001 and / or SOC 2 Type I / II compliance programs. Deep understanding of secure SDLC practices, including threat modelling and design reviews for security impact. Experience securing AI / … s Degree in Computer Science, Information Security, or a related field. Hands-on experience with IT operations in a scaling business (e.g., device management, MDM solutions, SaaS administration, SSO / identity tools). What We Offer: Competitive Compensation: A salary package aligned with your experience and impact. Meaningful Stock Options: Be rewarded for growing with the company Annual Bonus More ❯

audit training combined with on-site, technical auditing experience Good knowledge and practical experience of developing, implementing, maintaining and improving Quality Management Systems to the standard BS EN ISO 9001:2015. Experience in leading all the quality management aspects of a construction project, including independent verification processes. Managed quality system in large construction project Member of IRCA or … CQI Knowledge of other Management Systems (ISO 14001:2015, ISO 27001:2013, OHSAS 18001:2007, ISO 44001:2017 etc.) About the Company The role will work on the HS2 project. HS2 is the UK's new high speed rail network. It will be a catalyst for economic growth across Britain, freeing up … Quality Management System, ISO 14001:2015 Environmental Management System with guidance for use, OHSAS 18001:2017 Occupational Health and Safety Management Systems and ISO / IEC 27001:2013 Information Security Management System, Policies, Plans, Procedures and Processes, and statutory requirements as they affect the Joint Venture's operations and ensure that More ❯

and evaluate security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance … ensure compliance and governance. Continuously assess and improve processes, controls, and reporting to enable informed, risk-based decisions. What you'll bring: Strong knowledge of networking, cloud security (AWS / Azure), and modern security concepts. Familiarity with vulnerability management, penetration testing, and security frameworks. Experience with security standards (ISO 27001 / 27002 / 27017 / 27018). Minimum 5 years in cybersecurity, with certifications like CISSP, CISM, CCSP, or CRISC preferred. Eligible to work in the UK and have SC Security Clearance . Team-oriented, detail-focused, excellent communicator, self-motivated, and persuasive. Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates More ❯

mission. Here's how you will contribute Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001 / 2, and NIST-2. Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives. Training & Awareness Develop and maintain SGN's Information Security training and awareness materials. … Integrate lessons learned from incidents and address feedback from training delivery. Information Security Policy & ISMS Maintain a robust portfolio of security policies, standards, and procedures to support ISO27001, NIST, and NIS eCAF compliance. Ensure policies are current, reviewed regularly, and approved by key stakeholders. Manage SGN's Information Security Management System (ISMS) and policy exceptions. Compliance & Assurance Monitor and report … on compliance across SGN and third-party partners. Lead assurance reviews and support internal / external audits for ISO27001, NIST, and NIS. Own NIS submissions to OFGEM and support regulatory consultations and audits. Risk Management Oversee risk assessments and reporting across Cyber, OT, and Gas Control. Establish and enforce risk management processes and reporting to the CISO. Advisory & Stakeholder More ❯

a similar sized organisation. Knowledge of external certifications and the ability to audit the organisation’s conformance to those standards; Working experience within ISO 27001 / NIST standards Good level of experience and competency within an IT OPC and Governance environment. Personal experience of implementing high quality standards (ideally ISO etc.) within an … organisation and the ability to drive quality standards through the organisation. Desirable qualifications ITIL Life cycle / Capability certification ISACA Certificate in the Governance of Enterprise IT (CGEIT) CISA certification Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will … personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http: / / proactive.it / privacy-notice / More ❯

proactive role in shaping and delivering future security programmes as part of the Global IT Security Team. Key Responsibilities Lead and manage the IT security team, including outsourced SOC / MDR / DFIR providers. Maintain and enhance our ISMS, including policies, procedures, registers, and reports. Ensure compliance with ISO 27001, ISAE 3402 Type II … vulnerabilities. Respond to and manage security incidents, including investigation, mitigation, and reporting. Oversee user access controls, identity management, and data protection measures. Lead Business Continuity and Disaster Recovery (BC / DR) planning and testing. Manage and deliver IT security awareness training for staff and end users. Qualifications & Experience Bachelor's degree in Computer Science, Information Security, or related field. … or managerial role. Strong knowledge of ISO 27001, ISAE 3402, and related frameworks. Experience with security technologies such as XDR, MDR, EDR, SIEM, NAC, IDS / IPS, and SASE. Proven background in incident response, risk management, and ISMS operation. Essential Skills Demonstrated leadership and team management experience. Strong analytical and problem-solving skills. Excellent communication More ❯

Senior Control Assurance Assessor Location: Remote, UK Length: Asap – 31 / 03 / 2026 Rate: £450 per day (Inside IR35) Hours: 37.5 per week Role Overview: As a Senior Control Assurance Assessor, you will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premises and in the cloud, to ensure … computer science, management information systems, relevant field, or equivalent demonstrable experience. 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology Professional certification such as as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills Ability to work both independently and collaboratively within a team More ❯

Information and Cyber Security within EMEA. Manage the intragroup relationships across AD and EMEA for Information and Cyber Security, ensuring service levels are met for all services received and / or provided. Accountabilities & Responsibilities : Define intra group security governance and service management framework Enhance and embed the operating / engagement model and service level agreement to ensure continuous … depth knowledge of third-party regulations across UK and EU such as ECB's EBA, DORA and related standards Information and Cyber Security Frameworks and industry Standards (e.g., NIST / ISO 27001 / COBIT / ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management More ❯

Information and Cyber Security within EMEA. Manage the intragroup relationships across AD and EMEA for Information and Cyber Security, ensuring service levels are met for all services received and / or provided. Accountabilities & Responsibilities : Define intra group security governance and service management framework Enhance and embed the operating / engagement model and service level agreement to ensure continuous … depth knowledge of third-party regulations across UK and EU such as ECB's EBA, DORA and related standards Information and Cyber Security Frameworks and industry Standards (e.g., NIST / ISO 27001 / COBIT / ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management More ❯

and improving our security posture in tandem with GRC practices and policies as they evolve to align with current and future standards and frameworks, such as SOC 2, ISO 27001, as well as applicable legislation, including GDPR and UK DPA, working closely with our Legal and Privacy as well as the wider Technology team. Internally-facing … reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but experience of having delivered security change projects / programmes Experience with GDPR / UK Data Protection, Cyber Essentials and ISO 27001 frameworks Azure security tooling including Security Centre, Defender, Sentinel, Intune, AWS … Admin Day), closure of office over Christmas (plus Bank Holidays) Discretionary Bonus based on company performance Performance Reviews every 6 months with discretionary salary increases Private healthcare (Vitality) and / or Health Care Plan (Medicash More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

the Associate Director, providing crucial administrative and compliance support. You will be instrumental in ensuring our business management systems are maintained and developed in line with all relevant ISO standards. Key Responsibilities Integrated Management Systems: Act as the primary administrator for our integrated management systems, ensuring they are maintained in line with ISO 9001, ISO … protected characteristics that fall under the Equality Act 2010. We encourage and welcome applications from all sections of society and are more than happy to discuss reasonable adjustments and / or additional arrangements as required to support your application. Candidates must be eligible to live and work in the UK. For the purposes of the Conduct Regulations 2003, when … advertising permanent vacancies we are acting as an Employment Agency, and when advertising temporary / contract vacancies we are acting as an Employment Business. More ❯

on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role working closely with senior … Opportunity to lead major security initiatives and strengthen overall cyber resilience. Exposure to a wide range of security tools and technologies, from CrowdStrike and Palo Alto firewalls to email / web gateways and NAC solutions. Career growth - mentor others, lead projects, and become a go-to technical expert. What you’ll be doing: Taking ownership of CrowdStrike EDR , including … NAC, and firewall controls . Leading on incident response , root cause analysis, and runbook development. Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email / web security, MFA, SSO, PAM, MDM / MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation More ❯

on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role working closely with senior … Opportunity to lead major security initiatives and strengthen overall cyber resilience. Exposure to a wide range of security tools and technologies, from CrowdStrike and Palo Alto firewalls to email / web gateways and NAC solutions. Career growth - mentor others, lead projects, and become a go-to technical expert. What you’ll be doing: Taking ownership of CrowdStrike EDR , including … NAC, and firewall controls . Leading on incident response , root cause analysis, and runbook development. Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email / web security, MFA, SSO, PAM, MDM / MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation More ❯

operations team. This role is central to maintaining uptime, monitoring critical systems, and responding to incidents in a high-availability environment. The successful candidate will work in a 24 / 7 control room environment, ensuring the smooth operation of electrical, mechanical, and IT infrastructure systems that support our data centre. Key Responsibilities Monitoring & Operations Monitor all Building Management Systems … as the first point of contact for incidents and outages. Coordinate communication between on-site engineers, external vendors, and management. Execute and document emergency procedures in line with SLA / OLA requirements. Reporting & Documentation Maintain accurate shift logs, incident reports, and escalation records. Support audit and compliance requirements (ISO 27001, ISO 22301, Uptime … or similar monitoring platforms. Strong technical awareness of HVAC, UPS, generators, fire systems, and networking fundamentals. Excellent communication skills for incident management and escalation. Ability to work rotating 24 / 7 shifts (including nights, weekends, and holidays). Desirable: Certifications: CompTIA Server+, CCNA, or equivalent facilities / technical qualifications. Familiarity with Uptime Institute Tier standards, ISO More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯