376 to 400 of 450 ISO/IEC 27001 Jobs in London

managing relationships with Third Parties, ensuring they meet contractual obligations related to national Policing services Essential: A minimum of 3 years of proven IT / Information security and risk consulting experience in large organisations with complex security and compliance requirements. Experience in the production of or input to process … or more of the following cloud service provider environments: Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP). Experience in defining and / or implementing security controls across multiple layers of the IT architecture stack. Experience in the production of or input to design documentation (HLDs, LLDs … and ability to demonstrate the use of the NIST Cyber Security Framework, mapping and translating NIST Cyber Security Controls to other frameworks such as ISO27001 and CIS Top 20 controls, including understanding of the Azure Cloud Adoption Framework. For a full list of responsibilities and criteria, please refer to the More ❯

and automating IT systems. What you’ll do Manage and maintain Cogna's IT infrastructure and InfoSec practices. Ensure Cogna's compliance with GDPR, ISO27001:2022, Cyber Essentials, and SOC2 Type II standards, and prepare evidence for audits, coordinate with auditors, and identify any risks Work with engineering and platform … teams to ensure secure coding practices and resolve vulnerabilities. Respond to security audits, security assessment requests, and security incidents. Manage periodic penetration tests, BCP / DR simulation scenarios, and security training. Provide guidance and advice to Business Operational functions on compliance standards and practices. Manage on- and offboarding requests … information security or similar relevant experience; B2B, SaaS, and / or startup environments preferred Strong understanding of IT security and compliance, including GDPR, ISO27001, CyberEssentials, and SOC2 Type II, both from the technical as well as corporate side. Strong understanding of (third-party) risk management principles, incident management and More ❯

and automating IT systems. What you’ll do Manage and maintain Cogna's IT infrastructure and InfoSec practices. Ensure Cogna's compliance with GDPR, ISO27001:2022, Cyber Essentials, and SOC2 Type II standards, and prepare evidence for audits, coordinate with auditors, and identify any risks Work with engineering and platform … teams to ensure secure coding practices and resolve vulnerabilities. Respond to security audits, security assessment requests, and security incidents. Manage periodic penetration tests, BCP / DR simulation scenarios, and security training. Provide guidance and advice to Business Operational functions on compliance standards and practices. Manage on- and offboarding requests … information security or similar relevant experience; B2B, SaaS, and / or startup environments preferred Strong understanding of IT security and compliance, including GDPR, ISO27001, CyberEssentials, and SOC2 Type II, both from the technical as well as corporate side. Strong understanding of (third-party) risk management principles, incident management and More ❯

and automating IT systems. What you’ll do Manage and maintain Cogna's IT infrastructure and InfoSec practices. Ensure Cogna's compliance with GDPR, ISO27001:2022, Cyber Essentials, and SOC2 Type II standards, and prepare evidence for audits, coordinate with auditors, and identify any risks Work with engineering and platform … teams to ensure secure coding practices and resolve vulnerabilities. Respond to security audits, security assessment requests, and security incidents. Manage periodic penetration tests, BCP / DR simulation scenarios, and security training. Provide guidance and advice to Business Operational functions on compliance standards and practices. Manage on- and offboarding requests … information security or similar relevant experience; B2B, SaaS, and / or startup environments preferred Strong understanding of IT security and compliance, including GDPR, ISO27001, CyberEssentials, and SOC2 Type II, both from the technical as well as corporate side. Strong understanding of (third-party) risk management principles, incident management and More ❯

This involves developing a comprehensive cyber security capability framework, assessing the maturity of individual train operating companies (TOCs) against this framework, and creating investment / programme plans to uplift their capabilities to appropriate levels. The role also encompasses traditional cyber security functions, such as incident management, and a focus … the group's overall cyber security strategy and comprehensive capability framework. TOC Maturity Assessment & Uplift: Assess TOC cyber security maturity, identify gaps, and develop / oversee implementation of tailored uplift programmes. Develop core cyber capabilities: Including robust cyber incident management (with executive reporting) and comprehensive threat intelligence / … Strategy & Risk Management: Extensive experience developing and implementing cyber security strategies, frameworks (including maturity models), and risk management methodologies in complex organisations. Accredited in ISO27001 or similar. Threat Landscape & Incident Response: Deep understanding of modern cyber threats and attack vectors, coupled with proven experience in developing and managing effective incident More ❯

solutions, including all the 3rd party managed services Maintain the overall security of Company network, systems, and data Monitor security access and manage IDS / IPS configurations Establishing and implementing security 'best-practice' standards as well as departmental policies and procedures Responsible for Security scanning and the efficient remediation … Developing and managing security plans with vendors Audit activities of administrators and conduct Security awareness training Must have: Bachelor's Degree in Computer Science / … Information Technology or equivalent experience Demonstrable skills and capability in Security leadership and 3rd party management experience CISSP certification preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA More ❯

daily basis will include: Designing all IAM frameworks aligning to industry best practices User access management – overseeing user provision Security compliance to regulatory requirements – ISO27001, GDPR, SOX Role based access control assessment (RBAC) oversight Stakeholder engagement at all levels Reporting and documentation – user access policies and audit logs Cross team … or policy violations. Training and user awareness In order to be suitable you will need the following background: Experience in a similar IAM management / SME role Understanding if IAM tooling (SailPoint, OKTA, Azure AD), MFA and RBAC. We … are not seeking candidates with an SME focus on one tool, but SME experience within IAM and PAM concepts Strong understanding of security compliance – ISO27001, SOX (highly desirable), NIST Experience of managing IAM projects from design to implementation to monitoring Demonstrable experience of managing stakeholders at all levels Problem solving More ❯

daily basis will include: Designing all IAM frameworks aligning to industry best practices User access management – overseeing user provision Security compliance to regulatory requirements – ISO27001, GDPR, SOX Role based access control assessment (RBAC) oversight Stakeholder engagement at all levels Reporting and documentation – user access policies and audit logs Cross team … or policy violations. Training and user awareness In order to be suitable you will need the following background: Experience in a similar IAM management / SME role Understanding if IAM tooling (SailPoint, OKTA, Azure AD), MFA and RBAC. We … are not seeking candidates with an SME focus on one tool, but SME experience within IAM and PAM concepts Strong understanding of security compliance – ISO27001, SOX (highly desirable), NIST Experience of managing IAM projects from design to implementation to monitoring Demonstrable experience of managing stakeholders at all levels Problem solving More ❯

daily basis will include: Designing all IAM frameworks aligning to industry best practices User access management – overseeing user provision Security compliance to regulatory requirements – ISO27001, GDPR, SOX Role based access control assessment (RBAC) oversight Stakeholder engagement at all levels Reporting and documentation – user access policies and audit logs Cross team … or policy violations. Training and user awareness In order to be suitable you will need the following background: Experience in a similar IAM management / SME role Understanding if IAM tooling (SailPoint, OKTA, Azure AD), MFA and RBAC. We … are not seeking candidates with an SME focus on one tool, but SME experience within IAM and PAM concepts Strong understanding of security compliance – ISO27001, SOX (highly desirable), NIST Experience of managing IAM projects from design to implementation to monitoring Demonstrable experience of managing stakeholders at all levels Problem solving More ❯

representatives of PDS and National policing in line with the demands of the Strategic Portfolio Essential: A minimum of 3 years of proven IT / Information security and risk consulting experience in large organisations with complex security and compliance requirements. Proven experience of delivering security in one or more … of the following cloud service provider environments: Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP). Experience in defining and / or implementing security controls across multiple layers of the IT architecture stack. Experience in the production of or input to design documentation (HLDs, LLDs, blueprints etc. … and ability to demonstrate the use of the NIST Cyber Security Framework, mapping and translating NIST Cyber Security Controls to other frameworks such as ISO27001 and CIS Top 20 controls, including understanding of the Azure Cloud Adoption Framework. Experience in defining, designing and / or implementing security controls across More ❯

in a cyber risk, GRC, or security operations role Strong understanding of risk management practices and third-party risk assessments Familiarity with frameworks like ISO27001, NIST CSF, PCI DSS, and GDPR Clear, confident communication - especially when summarising technical info for non-technical colleagues Hands-on experience with tools like Excel … other promotions) when you shop at H&B on anything that you buy. We all need a little help sometimes, so weoffer Free 24 / 7 Confidential Advice & Colleague Welfare . Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your … our EPIC values regardless of background, culture, disability, ethnicity, gender identity or sexual orientation Holland & Barrett does not accept unsolicited resumes from search firms / recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be More ❯

ownership of project documentation, including Scope of Work, timelines, resource planning, and reporting. Ensure the quality and security of all delivered solutions, adhering to ISO27001, ISO9001, and client-specific requirements. Contribute to internal knowledge sharing, mentoring junior team members and maintaining technical documentation and best practices. Key Skills: Strong hands … policy configuration Good working knowledge of networking fundamentals firewalls, VPNs, VLANs, DNS, DHCP, and routing Experience with virtualisation platforms such as Hyper-V and / or VMware Proven track record of delivering technical projects from planning through to implementation and support Comfortable leading on-site or remote client engagements … environment Excellent communication skills able to explain technical concepts clearly to both technical and non-technical stakeholders Awareness of information security standards such as ISO27001 and best practices around data protection Demonstrates initiative, accountability, and a proactive approach to problem solving If you're looking for your next challenge and More ❯

evolving regulatory frameworks (e.g., EU AI Act, GDPR). Security Architecture : Deliver secure enterprise and application architecture aligned with best practice standards (e.g., NIST, ISO27001, CIS). Operational Technology Security : Protect critical infrastructure through robust OT security assessments and frameworks (e.g., NIST SP 800-82, CAF). What We’re … and experience contributing to client delivery or business development. Any of the following certifications would be desirable: CompTIA+ Security, CISSP, CISM, CISA, CCSP, ISO 4201 Current or eligible for SC Clearance is essential. Why Apply? Join a fast-growing team with clear opportunities for career progression. Work on More ❯

evolving regulatory frameworks (e.g., EU AI Act, GDPR). Security Architecture : Deliver secure enterprise and application architecture aligned with best practice standards (e.g., NIST, ISO27001, CIS). Operational Technology Security : Protect critical infrastructure through robust OT security assessments and frameworks (e.g., NIST SP 800-82, CAF). What We’re … and experience contributing to client delivery or business development. Any of the following certifications would be desirable: CompTIA+ Security, CISSP, CISM, CISA, CCSP, ISO 4201 Current or eligible for SC Clearance is essential. Why Apply? Join a fast-growing team with clear opportunities for career progression. Work on More ❯

evolving regulatory frameworks (e.g., EU AI Act, GDPR). Security Architecture : Deliver secure enterprise and application architecture aligned with best practice standards (e.g., NIST, ISO27001, CIS). Operational Technology Security : Protect critical infrastructure through robust OT security assessments and frameworks (e.g., NIST SP 800-82, CAF). What We’re … and experience contributing to client delivery or business development. Any of the following certifications would be desirable: CompTIA+ Security, CISSP, CISM, CISA, CCSP, ISO 4201 Current or eligible for SC Clearance is essential. Why Apply? Join a fast-growing team with clear opportunities for career progression. Work on More ❯

on the resources of other teams in cyber. The GRC team especially need to assure the remediation activity conducted in response to findings. Technical / job functional knowledge Awareness and working knowledge of control frameworks based on industry standard methodologies such as NIST, COBIT, and ISO27001. Awareness of key … regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia. Cyber security qualification e.g. CISMP / Apprenticeship (desirable). Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity More ❯

and drive their technology platform forward. You will be responsible for implementing and maintaining robust Infrastructure as Code (IaaC) solutions while ensuring compliance with ISO27001 and medical device regulations. In this role, you will architect and maintain our cloud infrastructure on Azure, focusing on security, scalability, and automation. This includes … reliability. Key Responsibilities: Design and implement secure cloud infrastructure using Infrastructure as Code principles Establish and maintain security controls and monitoring systems aligned with ISO27001 requirements Build and maintain CI / CD pipelines with integrated security testing and compliance checks Implement automated security scanning and vulnerability management processes Develop … focusing on Web Apps and Functions Implement logging, monitoring, and alerting solutions for security events and system health Automate compliance checks and documentation for ISO27001 and ISO13485 requirements Collaborate with development teams to implement security best practices and DevSecOps processes Manage and maintain security protocols for handling sensitive healthcare data More ❯

and drive their technology platform forward. You will be responsible for implementing and maintaining robust Infrastructure as Code (IaaC) solutions while ensuring compliance with ISO27001 and medical device regulations. In this role, you will architect and maintain our cloud infrastructure on Azure, focusing on security, scalability, and automation. This includes … reliability. Key Responsibilities: Design and implement secure cloud infrastructure using Infrastructure as Code principles Establish and maintain security controls and monitoring systems aligned with ISO27001 requirements Build and maintain CI / CD pipelines with integrated security testing and compliance checks Implement automated security scanning and vulnerability management processes Develop … focusing on Web Apps and Functions Implement logging, monitoring, and alerting solutions for security events and system health Automate compliance checks and documentation for ISO27001 and ISO13485 requirements Collaborate with development teams to implement security best practices and DevSecOps processes Manage and maintain security protocols for handling sensitive healthcare data More ❯

and drive their technology platform forward. You will be responsible for implementing and maintaining robust Infrastructure as Code (IaaC) solutions while ensuring compliance with ISO27001 and medical device regulations. In this role, you will architect and maintain our cloud infrastructure on Azure, focusing on security, scalability, and automation. This includes … reliability. Key Responsibilities: Design and implement secure cloud infrastructure using Infrastructure as Code principles Establish and maintain security controls and monitoring systems aligned with ISO27001 requirements Build and maintain CI / CD pipelines with integrated security testing and compliance checks Implement automated security scanning and vulnerability management processes Develop … focusing on Web Apps and Functions Implement logging, monitoring, and alerting solutions for security events and system health Automate compliance checks and documentation for ISO27001 and ISO13485 requirements Collaborate with development teams to implement security best practices and DevSecOps processes Manage and maintain security protocols for handling sensitive healthcare data More ❯

such as Generative AI. What You'll Bring: Security clearance or eligibility essential Minimum of Five years Cyber Security experience - Strong preference for Defence / Public Sector experience Proven experience in Cyber Security Architecture - This is essential, we are not looking for Cyber Analysts / Engineers … unless you have Architecture / Design experience. Strong stakeholder engagement and internal consultancy skills Familiarity with standards and frameworks such as NIST CSF, ISO27001, and regulatory frameworks including DORA, FCA, or BOE Knowledge or experience with GenAI security is highly desirable Industry certifications such as CISSP, CISM, or CompTIA More ❯

of our platform through effective monitoring and incident response. Implement security best practices to protect data and comply with industry standards. Responsibility 2: CI / CD Pipeline Development Develop and optimize CI / CD pipelines using tools such as GitHub Actions or GitLab CI. Automate deployment processes to … You Are Proven experience in managing AWS cloud infrastructure with a focus on RDS, ECS, and IAM. Expertise in setting up and optimizing CI / CD pipelines using modern tools. Strong background in data engineering, including experience with data pipelines, ETL processes, data warehousing, and data streaming. Proficiency with … Infrastructure as Code (IaC) tools such as Terraform, OpenTofu, or CloudFormation. Deep understanding of cloud security best practices and compliance standards like ISO 27001. Excellent problem-solving skills and a proactive approach to identifying and addressing challenges. Strong communication skills and the ability to work collaboratively in a More ❯

throughout the organisation. Key Responsibilities Lead and manage internal IT systems, infrastructure, and information security practices. Oversee compliance with recognised standards such as GDPR , ISO27001:2022 , Cyber Essentials , and SOC2 Type II . Coordinate audit readiness, compile evidence, liaise with auditors, and address any gaps or risks. Collaborate with engineering … vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding / offboarding processes, and device compliance using SSO / SCIM and MDM platforms. Conduct third-party risk reviews and manage SaaS vendor compliance. Monitor More ❯

throughout the organisation. Key Responsibilities Lead and manage internal IT systems, infrastructure, and information security practices. Oversee compliance with recognised standards such as GDPR , ISO27001:2022 , Cyber Essentials , and SOC2 Type II . Coordinate audit readiness, compile evidence, liaise with auditors, and address any gaps or risks. Collaborate with engineering … vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding / offboarding processes, and device compliance using SSO / SCIM and MDM platforms. Conduct third-party risk reviews and manage SaaS vendor compliance. Monitor More ❯

throughout the organisation. Key Responsibilities Lead and manage internal IT systems, infrastructure, and information security practices. Oversee compliance with recognised standards such as GDPR , ISO27001:2022 , Cyber Essentials , and SOC2 Type II . Coordinate audit readiness, compile evidence, liaise with auditors, and address any gaps or risks. Collaborate with engineering … vulnerabilities. Manage security assessments, audit responses, and incident investigations. Run regular penetration testing, disaster recovery simulations, and security awareness training. Streamline access controls, onboarding / offboarding processes, and device compliance using SSO / SCIM and MDM platforms. Conduct third-party risk reviews and manage SaaS vendor compliance. Monitor More ❯

protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system / intrusion prevention system (IDS / IPS) and penetration testing. The Service Delivery team consists of approximately 20 staff who support and operate the … including all the 3rd party managed services Maintain the overall security of Company's network, systems, and data Monitor security access and manage IDS / IPS configurations Establishing and implementing security 'best-practice' standards as well as departmental policies and procedures Responsible for Security scanning and the efficient remediation … conduct Security awareness training Requirements Demonstrable skills and capability in Security leadership and 3rd party management experience CISSP certification preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA More ❯