151 to 175 of 362 ISO/IEC 27001 Jobs in London

with business travel to the Middle East . Job Type: Full-Time, Permanent Location: London, UK (with travel to the Middle East) Sector: Energy & Utilities Experience Level: Senior Manager / Director Role Overview This role is pivotal to the growth of our Cyber Security Services, providing technical and advisory expertise to help clients securely design and deploy industrial control … PLC, EMS, and related technologies Familiarity with protocols like TCP / IP, Modbus, IEC 61850, OPC UA, PROFINET Knowledge of security standards such as NIST CSF, ISO27001, IEC 62443, and NIS regulations Ability to develop pragmatic solutions to address cyber risks in OT environments More ❯

and functions; enabling organizations to more quickly and widely adopt emerging technologies while ensuring the integrity of their intellectual property; information flow during disaster response scenarios, and zero-trust / least-privilege environments for M&A, attorney-client privileged communications, etc. And we've only scratched the surface. At our core, we're driven by a shared mission and … and the ability to gracefully handle node failures. • Guarantee 99.9% uptime for the platform's control plane and deployment management. Design and implement a disaster recovery plan with active / passive deployments and seamless failover capabilities. • Architect and implement a highly available deployment setup for applications within the Acra platform. This will involve designing and building the infrastructure and … Bash, Python. •Deep experience with Kubernetes security: RBAC, PodSecurityPolicies (or their replacements), Admission Controllers and Kubernetes network policies. •Proficiency in secure networking practices, including TLS, mutual TLS (mTLS), ingress / egress controls and VPN tunneling configurations. •Proven experience operating and securing service mesh technologies (e.g. Istio, Linkerd, or Consul Connect). •Hands on experience with HashiCorp Vault in production More ❯

Threat Modelling Conduct comprehensive threat modelling and risk assessments, especially around distributed or high-value transaction systems. Define controls for securing sensitive operations such as wallet integrations, off-chain / on-chain data flows, and internal tooling. Develop and manage internal threat intelligence processes to proactively identify and mitigate emerging risks. Security Operations & Incident Response Lead response to advanced … and fraud detection. Governance, Compliance & Best Practices Help define internal standards for security development practices, secrets management, and infrastructure hardening. Maintain compliance with relevant frameworks (e.g., SOC 2, ISO 27001, GDPR), and support any industry-specific due diligence. Cross-Functional Collaboration Partner with engineering, product, and infrastructure teams to embed security best practices into all stages More ❯

threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI / CD pipelines, cloud-native services, and on-prem platforms to enforce security-by-design principles. Deliver security capabilities that support modern work scenarios, remote access, zero-trust networking, and … AI / ML workloads. Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of … security controls, implementing zero-trust models, and supporting 24x7 security operations. Strong understanding of compliance frameworks and risk management strategies. Preferred Qualifications: Certifications such as CISSP, CCSP, CISM, AWS / Azure Security Specialty, or equivalent. Experience with tools like Okta, Azure AD, CrowdStrike, Tanium, Zscaler, Vault, and other modern security platforms. Familiarity with DevSecOps principles, Infrastructure as Code, and More ❯

and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving … to work every day. And you'll never stop growing, whatever your level . Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers More ❯

services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you More ❯

organisation who is experiencing a level of growth and are leaders in their industry. Responsible for managing externally appointed auditors and for the maintenance of a variety of ISO standards. Responsible for the adherence to and continued certification of the following standards: ISO 9001 Quality Management System ISO 27001 Information Security Management … System PCI-DSS Payment Card Industry Data Security Standard ISO 22301 Business Continuity GDPR and Data Protection Laws Conduct regular internal audits in line with the requirements of the standards. Implement compliance initiatives, identify and assess corporate risk, investigate customer and corporate incidents, monitor continuous improvement, recommend effective controls and processes, and integrate specific compliance objectives within business … management in identifying compliance risks and provide appropriate commercial solutions. Monitor industry, regulatory and corporate developments in order to identify areas of vulnerability and risk. Develop and implement corrective / preventative action plans for the resolution of compliance issues and provide guidance and coaching on how to avoid future incidents. Communicate the compliance programme to all employees. Prepare and More ❯

including Microsoft security, compliance and identity services. Managed SOC Managed XDR Cloud Security (M365, Azure, AWS) Managed SIEM (Sentinel + multi vendor) Security Professional Services Pen Testing Red Teaming ISO27001 / Cyber Essential Plus Apps / Infra testing You role will be to drive sales across through a mix of marketing campaigns, events and direct selling to create More ❯

incident management post-mortems. Infrastructure Automation, Management, and Security: Contribute to automating infrastructure provisioning, configuration, and deployment processes with a focus on security. Assist in implementing and managing CI / CD pipelines to streamline software delivery while adhering to security best practices. Support infrastructure security and compliance efforts. Secrets Management: Assist in the implementation and management of secrets management … Linux environments. Cyber Security: Basic understanding of cyber security principles and best practices. Interest in learning about and working with secrets management solutions. Awareness of security frameworks (NIST, ISO 27001). Problem-Solving and Analytical Skills: Good problem-solving and analytical skills to identify and resolve issues. Ability to identify potential security threats and vulnerabilities. Communication More ❯

the attack surface, and supports informed decision-making, helping the business stay ahead of emerging threats. Job Accountabilities Develop and implement a comprehensive vulnerability management program in alignment with ISO27001 standards. Lead the identification, assessment, and prioritization of security vulnerabilities across the organization's systems and networks. Coordinate with IT and security teams to remediate identified vulnerabilities in a timely … ability to produce clear, concise, and regular reporting on vulnerability management activities. Strong collaboration skills with cross-functional teams, including IT and security stakeholders In-depth understanding of ISO 27001 standards and industry best practices in vulnerability management Strong analytical and problem-solving abilities Excellent communication and interpersonal skills Proactive, results-driven, and highly self-motivated … based on individual and company performance against targets Opportunity to progress within your career both in-role and within the company FREE access to the Headspace App, a 24 / 7 Employee Assistance Helpline and Trained Physical & Mental Health First Aiders (On-Site) A variety of Employee Funded Benefits available to you via our Online Benefits Portal Plus, several More ❯

Security Architect Start: ASAP Duration: 6-12 months Location: Reading, Berkshire (3-4 days on site per week) Pay: INSIDE IR35, up to £775 / day We are seeking a highly experienced Security Architect to lead the design and assurance of robust, scalable, and compliant cloud security solutions within the financial services sector. This is a pivotal role supporting … and risk assessments across cloud platforms. - Ensure compliance with regulatory frameworks (PSD2, ISO 27001, PCI DSS, NIST CSF, CSA CCM). - Integrate security into CI / CD and Infrastructure-as-Code workflows (DevSecOps). - Design and guide implementation of secure cloud infrastructure and services. - Champion Zero Trust and secure-by-design principles across the SDLC. … in financial services and related European regulations (e.g., DORA, PSD2). - Hands-on expertise across IAM, network, application, data, and container security. - DevSecOps experience and strong understanding of CI / CD and cloud-native tooling. - Familiarity with multi-cloud security architecture (AWS, Azure, GCP). - Strong communication, strategic thinking, and stakeholder engagement skills. - Relevant certifications (e.g., CISSP, CCSP, AWS More ❯

either Croydon or Manchester. You should be self-motivated, a natural problem solver, and used to operating independently. How you will contribute at Janes: Responsible for delivering the annual ISO27001 & Cyber Essentials programmes Own and co-ordinate the security testing roadmap, and provide key support to the overall Security strategy Conduct regular risk assessments to identify potential security threats and … Tradecraft processes within our Single Intelligence Environment (SIE). Janes uses a multi-faceted approach to open-source intelligence, developed over 120 years, with all sources assessed for bias / objectivity, reliability, and level of certainty. We excel at capturing and making sense of open-source information to regularly reveal new and timely insights. We provide clients with a … with the ability for you to grow rapidly, both personally and professionally. Janes is an inclusive and equal opportunities employer and encourages applications regardless of age, race, disability, religion / belief, sexual orientation, gender reassignment, marriage or civil partnership, pregnancy / maternity, or gender. Although this role is advertised as full time, Janes believed that flexibility at work More ❯

more about this opportunity, feel free to reach out and apply today! Responsibilities: Lead full-scope, threat intelligence-led penetration testing across applications, infrastructure, cloud (AWS, Azure), APIs, OT / ICS, and O365. Develop sophisticated test plans and use cases based on emerging threats and attacker TTPs. Produce detailed, high-impact reports with clear technical findings and business-aligned … in threat-informed testing methodologies. Required Skills: 5+ years of professional experience in penetration testing, with a strong emphasis on threat intel and adversary emulation. Deep understanding of OT / IT systems, common vulnerabilities, network protocols, cryptography, and attack vectors. Proficiency in tools and frameworks used in both offensive security and threat intelligence. Proven ability to scope, manage, and … deliver complex engagements with excellent communication across technical and non-technical stakeholders. CREST CRT / CHECK (or higher) certification is essential. Must hold or be eligible for SC Clearance. Desirable Skills: Experience with Breach Attack Simulation tools and vulnerability management processes. Familiarity with ISO 27001, risk management frameworks, and compliance-oriented testing. Hands-on knowledge More ❯

needs of the audience. Ability to work with others effectively, with 3rd parties, internal teams, promoting knowledge sharing within and across teams. A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10. Have or be working towards relevant industry certification such as CISSP, CISM, CRISC or More ❯

27001 compliance and accreditation effort Lead crisis management exercises at all levels of the organisation to maximise the firm's cyber readiness Chair Enterprise Information Security Forum / Council, and sit on Enterprise Risk Committee Provide the risk / security framework for the adoption of all new technologies Oversee the team of security employees and vendors … for the Information Security budget. What We’re Looking For: Proven experience in IT, including at leading an enterprise-level Infosec function. Proven leadership ability. Proven experience in implementation ISO27001 in one or several organisation. Experience in planning and executing security policies and standards development. Experience in creating and efficiently managing a backlog of security findings and remediation work. Excellent … knowledge of technology environments, including information security, building security, and defence solutions, backed by multiple industry certifications such as SANS / GIAC GSEC, ISC2 CISSP or SSCP, ISACA CISM or CISA. Considerable knowledge of business theory, business processes, management, budgeting, and business office operations. Excellent interpersonal, organisational and administrative skills, strong commitment to teamwork and collaborative problem solving, and More ❯

improvement Areas of Knowledge We are looking for people who have working experience or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS / IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital … Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security best practices) Application Security (e.g., OWASP Top 10) Compliance and Governance (e.g., GDPR, ISO 27001) Security Tools (e.g., Wireshark, Nmap, Metasploit, Kali Linux) Person Specification: Experience delivering cybersecurity training or mentoring professionals in a security capacity Strong ability to develop learners from intermediate to More ❯

the key trends shaping the cybersecurity conversation this year. Ransomware remains a major threat Attackers are becoming more targeted, more professional and more damaging, according to the Nash Squared / Harvey Nash Digital Leadership Report organised crime remains the biggest concern for digital leaders. Public services, councils and healthcare providers continue to be high-profile victims. This is driving … Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO 27001 Cloud security credentials (e.g. AWS or Azure certification) Soft skills are playing a bigger role too: Strong communication, especially with non-technical stakeholders Problem-solving in More ❯

forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience More ❯

expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting More ❯

and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. Qualifications The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting More ❯

Specification: Degree in Cybersecurity, Computer Science, Information Systems, or a related field. Demonstrable interest in information security (e.g. coursework, certifications, personal projects). Familiarity with security frameworks such as ISO27001, NIST, or CIS Controls. Basic understanding of networking, operating systems, and cloud environments. Awareness of common threat vectors, controls and basic incident response principles. Basic knowledge of Windows operating systems More ❯

knowledge: Broad knowledge of cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities and software security. Strong knowledge of regulatory requirements (e.g. GDPR, ISO27001, PCI-DSS) and experience in regulatory reporting. 3-5 years of experience in GRC, risk management, or compliance. A bachelor's degree in computer science, Cyber Security or similar disciplines. More ❯

our dynamic team in person. Responsibilities Design, implement, and lead Remepy's security practice and enterprise cybersecurity program Own security compliance with HIPAA, 21 CFR Part 11, FDA pre / postmarket cybersecurity guidance, and related frameworks Collaborate with Product, Engineering, and Compliance to embed security-by-design across our software lifecycle Lead enterprise risk assessments, incident response, disaster recovery … and business continuity planning Oversee security architecture across cloud infrastructure, mobile apps, and data pipelines Represent security matters to the executive team, Board of Directors, and external auditors / regulators Drive internal security awareness and training across the organization Support FDA submissions and security documentation for regulated products Qualifications Experience 7+ years of experience in information security, including 3+ … ability to scale and lead a high-performing cybersecurity team Executive presence and comfort engaging with regulatory bodies and strategic partners Nice to Have Certifications: CISSP, CISM, HCISPP, CIPP / US, or similar Experience in fast-paced startup environments or venture-backed digital health companies Familiarity with software as a medical device (SaMD) or digital therapeutics Leadership Abilities Ability More ❯

Social network you want to login / join with: Paymentology is the first truly global issuer-processor, giving banks and fintechs the technology, team and experience to rapidly issue and process Mastercard, Visa and UnionPay cards across more than 60 countries, at scale. Our advanced, multi-cloud platform, offering both shared and dedicated processing instances, vast global presence and … Experience: 7+ years of experience in designing, implementing, and managing cloud-based solutions across multiple cloud platforms Primary Expertise: Deep hands-on experience in Google Cloud (GCP) Basic knowledge / willing to learn AWS Proven experience in designing and implementing cloud architectures and solutions Experience with Apache Kafka , including setup, configuration, monitoring, and troubleshooting Proficiency in Kubernetes (GKE) , including … with container orchestration, Helm charts, and Kubernetes operators Hands-on experience with DevOps tools (e.g., GitLab, Jenkins, ArgoCD ) and Infrastructure-as-Code (IaC) (e.g., Terraform, Ansible ) Experience with CI / CD pipelines (Jenkins, GitLab CI, ArgoCD) and source control management (Git) Experience in automating infrastructure deployment using IaC tools such as Terraform, CloudFormation, and ARM templates Experience with Agile More ❯

to interpret IT Risk regulatory requirements and translate them into actionable sales opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and / or optimizing these solutions. Proven strategic experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem-solving skills with experience in data-driven … in risk management tools and frameworks, as well as development of IT methodologies and practices. Significant experience in driving regulatory compliance requirements (e.g., UK Corporate Reform, SOx, GDPR, ISO 27001) and industry best practices. What we look for We are interested to hear from people who are motivated to form a part … of a growing team, who embrace diversity and inclusion and who are market-oriented and ready to help our clients solve and control their biggest issues, risks and regulatory / compliance requirements. What we offer EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance More ❯