101 to 125 of 368 ISO/IEC 27001 Jobs in London

robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable, production-ready … data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile methodologies, DevSecOps More ❯

robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable, production-ready … data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile methodologies, DevSecOps More ❯

todeliver against agreed targets. Who we're looking for Ideally, you'll have experience leading within a risk management role and havea good knowledge of methodologies such as IEC 62443 and ISO 27005. Knowledge ofcontrol frameworks such as NIST, IEC 62443, ISO 27001, ITIL (InformationTechnology Infrastructure Library), and SABSA is More ❯

through mentoring, training, and creating reusable artifacts A day in the life Working with customers to understand their business challenges around security "in" the cloud and to help design / architect technical solutions to address those business needs. Support Amazonians and customers across ASEAN region in ongoing projects as the field security SME to consult with and provide prescriptive … s Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work / Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as … in the workplace and at home, there's nothing we can't achieve in the cloud. BASIC QUALIFICATIONS - 10 years' experience in IT security, compliance, or risk management. - BA / BS degree or equivalent experience. - Hands-on technical expertise in technology automation, implementation, integration, and / or deployment. PREFERRED QUALIFICATIONS - AWS experience preferred, with proficiency in a wide More ❯

management. Stay updated on emerging IT risks, technologies, and regulatory changes. Provide guidance and training to junior audit staff on IT audit methodologies. Qualifications: Traditional accounting qualifications i.e. ACA / ACCA / CIMA or CISA, CISSP, or other relevant certification preferred. Minimum of 3 years of experience in IT auditing or a related field. Strong understanding of IT … Unix environments. Database Management: Knowledge of SQL, Oracle, and other database management systems. Cybersecurity: Experience with vulnerability assessments, penetration testing, and incident response. IT Governance: Knowledge of ITIL, ISO 27001, and other IT governance frameworks. Software Development: Understanding of SDLC, DevOps practices, and application security. Data Analytics: Proficiency in data analytics … tools and techniques to enhance audit processes. For example: Excel: Advanced skills in data manipulation, pivot tables, and data visualisation. SQL: Ability to query and analyse large datasets. Python / R: Experience with programming languages for data analysis and automation. Tableau / Power BI: Expertise in creating interactive dashboards and visualisations. ACL / Galvanize: Familiarity with audit More ❯

and dashboards. Collaborate with data analysts, business intelligence teams, and stakeholders to understand data requirements and translate them into technical specifications. Optimize and tune existing Power BI data models / datasets for performance and scalability. Troubleshoot and resolve backend issues related to data connectivity, refresh failures, and performance bottlenecks. Implement security measures to ensure data privacy and compliance with … leading store chains, fast-growth fintech firms, and multiple Silicon Valley startups. What makes Confiz stand out is our focus on processes and culture. Confiz is certified under ISO 9001:2015 (QMS), ISO 27001:2022 (ISMS), ISO 20000-1:2018 (ITSM), and ISO 14001:2015 (EMS). We foster a More ❯

trends and escalate risks promptly. Ensure compliance with relevant industry regulations and standards (e.g., GDPR, ISO 27001). Manage security systems, including firewalls, intrusion detection / prevention systems, and antivirus software, in collaboration with GT. Develop and test incident response plans and coordinate responses to security incidents and breaches. Raise cybersecurity awareness among bank employees … through annual training / workshops. Other Duties Maintain professional and technical knowledge by attending workshops, reading publications, and benchmarking practices. Collaborate with stakeholders to handle backlogs and new requirements, resolve conflicts, and monitor deliverables. Serve as the point of contact for external communications and facilitate internal collaboration on IT matters. Ensure compliance with policies and regulatory requirements. Maintain quality … service by establishing and enforcing standards. Act as second / third level support with GT for support issues. Comply with FCA / PRA conduct rules and mandatory training requirements. Technical / Functional Skills Proficient in Windows 10, Windows Server 2018+, Redhat Linux OS. Experience with VMWare v6.7+, Veeam Backup, Symantec Endpoint Protection, ManageEngine Patch Manager, Microsoft Office More ❯

response, and promote security awareness. Identify and manage risks, contribute to the Security Risk Register, and implement risk treatments. Drive continuous security improvements, maintain industry best practices, and support ISO27001 compliance. Skills required Essential Experience in cyber security with focus on infrastructure, cloud, and identity management. Certifications such as AZ-500, SC-300, CISSP, CEH, Security+. Hands-on experience with … Intune. Knowledge of web application firewalls and vulnerability management. Understanding of Zero Trust principles and Privileged Access Management tools. Desirable Experience with ISO 27001, scripting / automation, insider threat detection, or security in regulated sectors. To apply, submit your CV and cover letter via our online portal. The selection process includes initial interviews in August More ❯

designing and implementing hybrid multi cloud solutions including appropriate Identity and Access Management options Experience of TOGAF and Zachman methodologies Knowledge of Infrastructure as Code tools (e.g. Terraform, ARM / Bicep, etc.) Knowledge of cloud security best practices and compliance standards (e.g. ISO 27001, SOC2, GDPR) Experience with containerisation and orchestration technologies (e.g. Docker, OpenShift … Kubernetes) Knowledge of ECB / DORA standards applicable to financial institutions. Daily Rate: 1150 per day inside IR35 via an umbrella company Tenure: Up to 30 / 05 / 2026, extendable Hybrid: 3 days a week onsite in City of London; 2 days remote More ❯

designing and implementing hybrid multi cloud solutions including appropriate Identity and Access Management options Experience of TOGAF and Zachman methodologies Knowledge of Infrastructure as Code tools (e.g. Terraform, ARM / Bicep, etc.) Knowledge of cloud security best practices and compliance standards (e.g. ISO 27001, SOC2, GDPR) Experience with containerisation and orchestration technologies (e.g. Docker, OpenShift … Kubernetes) Knowledge of ECB / DORA standards applicable to financial institutions. Daily Rate: £1150 per day inside IR35 via an umbrella company Tenure: Up to 30 / 05 / 2026, extendable Hybrid: 3 days a week onsite in City of London; 2 days remote Keywords: Enterprise Architect, Azure, TOGAF, DORA, ECB, Zachman, cloud, Google Cloud platform, GCP More ❯

a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection / prevention systems (IDS / IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security … certifications, such as Security+, IAT II / III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP / … social office in Shoreditch Deliveroo for working late in the office Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf More ❯

London, United Kingdom Posted on 01 / 07 / 2025 Scrumconnect is a trusted digital delivery partner to UK government departments and public sector bodies. We specialise in building user-centred digital services that improve lives. Our multidisciplinary teams bring together experienced technologists, designers, researchers, and strategists to solve complex challenges and drive meaningful impact in the public … or case management platforms Knowledge of GDPR, Cyber Essentials, ISO 27001, and public sector security best practices Experience with Agile and DevOps practices, including CI / CD, Kubernetes, Terraform, and IaC Understanding of data modelling and AI-driven process automation Why Join Scrumconnect This role offers a unique opportunity to drive digital innovation and improve More ❯

the spirit of regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management More ❯

best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static / dynamic analysis, container and IaC scanning, SBOM management, and supply-chain security; automate enforcement through CI / CD pipelines. Cloud & Infrastructure Security - Design and implement robust controls for … AWS (primary) and Azure / GCP (secondary): IAM, network segmentation, KMS, secrets management, WAF, EDR, and zero-trust patterns. Identity & Access Management (IAM) - Own enterprise IAM strategy, including RBAC, least-privilege provisioning, SSO, federation (OIDC / SAML), and privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM / SOAR to … can be an enabler to success as an engineer. Experience working within high-sensitivity data environments Strong awareness of compliance standards and the requirements on software teams, especially for ISO27001 and SOC2. FedRAMP experience advantageous. Demonstrated experience performing threat modelling, penetration test scoping, and vulnerability management. Deep understanding of IAM concepts, encryption / key-management, and secure network design. More ❯

ownership of your work - through the software development lifecycle. Analyse, plan, design, implement, test, deploy, monitor. Follow the team's guidelines - deliver high-quality software. Working with others - provide / receive guidance, pair program, provide feedback or opinion on subjects, advise or be advised by other team members. Work as a part of a team - and work productively with … the wider company. Awareness of the sensitive nature of our data - following our data protection guidelines. Being fully aware of our ways of working - within our regulatory standards (ISO 13485, ISO 27001). ️ We want to hear from … you if you Have experience in the following tech stack: Frontend: React, State Management, React Native (optional but advantageous) Backend: Node, JavaScript, TypeScript Databases: MySQL Infrastructure: AWS (EC2, SNS / SQS, RDS, ES), Linux Docker Have experience in: Familiarity with Publish-Subscribe pattern Experience of working with Jira, BitBucket and Git Experience in working within a regulated SDLC process More ❯

assessments and audits of cloud infrastructure and applications. Respond to security incidents and vulnerabilities in the cloud. Collaborate with DevOps and IT teams to integrate security controls into CI / CD pipelines and cloud deployments. Manage output from cloud-native security tools (e.g., AWS GuardDuty, Azure Defender). Ensure compliance with industry regulations and standards (e.g., ISO … skills with the ability to explain complex security issues to non-technical stakeholders. Knowledge of Zero Trust architecture and security frameworks (e.g., MITRE ATT&CK). Experience in red / blue team exercises. Familiarity with cloud-native security tools and infrastructure-as-code (e.g., Azure Policy, ARM / Bicep, Terraform). Experience of the Specialty and Lloyd's … / Companies market insurance industry Experience in regulated industries. Qualifications Education & Certifications: Bachelor's degree in computer science, Information Security, or a related field. Relevant certifications such as: Certified Cloud Security Professional (CCSP) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate CISSP, CISM, or equivalent What We Offer The Tokio Marine HCC Group of Companies offers a More ❯

high-growth SaaS environment. Strong software engineering background with hands-on knowledge of modern web technologies, cloud infrastructure (AWS, Azure, or GCP), and best practices in DevOps and CI / CD. Deep understanding of scalable architecture, security, and system design. Track record of hiring and leading high-performing technical teams in a fast-paced environment. Commercial acumen and the … the ability to influence both technical and non-technical stakeholders. Company Rapidly growing SaaS organisation with offices in London On site required Outside IR35 Salary & Benefits The salary range / rates of pay is dependent upon your experience, qualifications or training . Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb / en / privacy-notice. More ❯

organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information … Governance: Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and risk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer requirements, relevant legislation, and application security best practices. Communication: Develop and maintain an organization-wide security culture. Build and implement a company-wide communication strategy to promote information security … posture, including application security vulnerabilities and risks, risks, and compliance status to the Trayport Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance: Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and More ❯

organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information … Governance : Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and risk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer requirements, relevant legislation, and application security best practices. Communication : Develop and maintain an organization-wide security culture. Build and implement a company-wide communication strategy to promote information security … posture, including application security vulnerabilities and risks, risks, and compliance status to the Trayport Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and More ❯

organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information … Governance : Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and risk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer requirements, relevant legislation, and application security best practices. Communication : Develop and maintain an organization-wide security culture. Build and implement a company-wide communication strategy to promote information security … posture, including application security vulnerabilities and risks, risks, and compliance status to the Trayport Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance : Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and More ❯

facing role where you'll lead the design and delivery of scalable, secure cloud and infrastructure solutions. You'll work across Microsoft 365, Azure, Microsoft Sentinel, Intune, and network / firewall technologies - playing a key role from pre-sales and technical discovery through to project delivery. The Role: You'll engage directly with clients to scope, design, and deliver … ensure delivery is aligned to security, compliance, and performance standards. Key Responsibilities: Lead discovery sessions and solution design workshops with clients Create high-level and low-level designs (HLDs / LLDs) for cloud infrastructure projects Provide pre-sales support and write technical proposals Oversee project delivery, ensuring best practice implementation Communicate technical solutions clearly to both technical and non … you based ? Rates depend on experience and client requirements Job Information Job Reference: JO-93 Salary: £55000.00 - £58000.00 per annum Salary per: annum Job Duration: Job Start Date: 01 / 09 / 2025 Job Industries: Data Job Locations: Greater London Job Types: Permanent Apply for this Job Name Please enter your full name. Email Enter a valid email More ❯

Sentinel - essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell … scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500 / SC-400 / SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. Senior Cloud Security Engineer, Azure Security Engineer, Azure Security Consultant, Cloud Security More ❯

Sentinel - essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell … scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working towards) One or more of MS-500 / SC-400 / SC-900 The following are desired: CISSP, CISM, CCSP Interested? Please apply below. Senior Cloud Security Engineer, Azure Security Engineer, Azure Security Consultant, Cloud Security More ❯

Role type: Perm, FT / PT Location: London Preferred start date: ASAP LIFE AS A SATALIAN As an organisation, we push the boundaries of data science, optimisation and artificial intelligence to solve the most complex problems in industry. Satalia, a Wunderman Thompson Company, is a community of individuals devoted to working on diverse and challenging projects, allowing you to … multiple groups of users with differing requirements, e.g. Business IT users, Cloud Developers, Data Scientists. Support the sales teams by providing content to RFP and RFI processes. MINIMUM QUALIFICATIONS / SKILLS Education & Experience: 7+ years of progressive experience in IT / IS management, with at least 3 years in a leadership role. Proven experience in managing IT infrastructure … Ability to work independently and as part of a team in a fast-paced environment. Have run small teams. Excellent organisational and time management skills. NICE TO HAVE QUALIFICATIONS / SKILLS Bachelor's degree in Computer Science, Information Technology, or a related field. Experience running both Microsoft O365 and Google Workspace solutions. Understanding of AI solutions. Interest in modern More ❯

address, and continuously improve security control effectiveness. Oversee the management of external security assessments and ensure remediation plans are executed effectively. Maintain relevant security certifications such as Cyber Essentials / Plus and support the business in aligning with broader security frameworks (e.g., NIST CSF, CIS Controls). Awareness & Security Culture Lead internal training, briefings and onboarding sessions to build … experience in a technical security role, ideally within complex or high-risk operational environments. Practical experience with cloud platforms (e.g. AWS, Azure), endpoint protection, IAM, vulnerability management, and SIEM / logging tools. Strong understanding of cyber threats, insider risk, security engineering principles and network security. Demonstrated experience managing the response to cyber incidents. Familiar with automating tasks with Python … 27001 beneficial but not essential. Understanding of UK data protection law and its practical application within a security programme. Security certifications (e.g. CISSP, CISM, CCSP, GIAC / SANS, AWS Security Specialty, or similar) are a plus. Ability to build effective working relationships across technical and non-technical stakeholders. Strong analytical, communication, and problem-solving skills. Experience More ❯