51 to 75 of 291 ISO/IEC 27001 Jobs in London

Management (CyberArk) and Identity Access Management (RSA IGL) operations. Define and implement cyber security policies and governance frameworks in line with regulatory requirements (ISO 27001, NIST, FFIEC). Drive access control enhancements, ensuring least privilege principles and role-based access control (RBAC) methodologies are enforced. Lead … plans. Essential Skills and Experience: Experience in cyber security operations, identity access management, and privileged access management. Deep knowledge of CyberArk, and other IAM / PAM solutions. Strong understanding of security governance frameworks (ISO 27001, NIST, FFIEC, FCA regulations). Proficiency in SQL, PowerShell, and … automation scripting for security operations. Experience working with SIEM solutions (e.g., Splunk) and incident response processes. Strong knowledge of REST / SOAP web services, Java / JSP, and secure development best practices. Hands-on experience managing Linux / Windows servers and SQL / Oracle databases. Package More ❯

ideal Information Security Lead will be responsible for: Owning and leading the information security function, working collaboratively across all departments. Maintaining and evolving ISO 27001 certification and managing the Information Security Management System (ISMS) lifecycle. Performing regular risk assessments, developing and managing remediation plans, and conducting … ideal Information Security Lead will have experience with the following: 3-5 years of hands-on experience in an information security or IT risk / compliance role. Proven experience working within a SaaS company or a fast-paced startup / scale-up environment. Strong working knowledge of ISO … management (IAM), and SSO. A clear understanding of data privacy laws, particularly GDPR. Familiarity with a range of security tools for endpoint protection, SSO / IAM, monitoring / logging, and vulnerability scanning. Demonstrable experience with risk assessments, incident response planning, and the creation of security policies. Excellent communication More ❯

self-starter that can liaise with Engineering teams and business both regionally and globally. Experience and knowledge in a financial institution's technology infrastructure / applications and control requirements are required together with strong interpersonal and analytical skills for this role. EXPERIENCE & SKILLS REQUIRED 10+ years of experience in … Technology Risk, Technology Audit, Application Security, Software / Infrastructure Engineering, or related fields. Experienced in regulatory technology related examinations. Proven ability to perform test of controls (design and operating effectiveness) e.g. Cloud, SDLC, AI / ML, Change Management, Identity and Access Management, Third Party, Encryption, Configuration Management, Patching … Email, messaging, and collaboration systems (Office 365, Exchange, SharePoint, instant messaging) Strong understanding of technology control frameworks and industry guidance such as COBIT, NIST, ISO27001, and FFIEC. Professional certifications such as CRISC, CISA, CISM, CISSP, CCSP, and AWS Certified Solutions Architect. Experience in managing regulatory exams and relationships with examiners More ❯

deliver best-in-class solutions in an exciting fast-paced environment. Dynamic, smart people and inspiring, innovative technologies are the norms here. Main Responsibilities / Monitor security alerts, logs, and events from MDR Service, SIEM and other tools to detect suspicious activity or security incidents / Monitor security … alerts, logs, and events from MDR Service, SIEM and other tools to detect suspicious activity or security incidents / Investigate and respond to security events, vulnerabilities and threats in a timely and efficient manner / Support incident response and forensic analysis, including playbook documentation and root cause analysis … and experience / Relevant Information Security certification such as CISSP, CISA, CISM, GSEC is advantageous / Familiar with regulatory and compliance standards; ISO27001, SOC2, PCI DSS / 2+ years experience working as an information security professional within a medium to large sized global organisation / Solid More ❯

practices to prevent breaches, injection, and unauthorised access. You should apply if you: ️ Have a strong background in frontend development - ideally React, TypeScript and / or Next.js Care about solving the technically challenging problems we're tackling for our customers Value shipping early and often to get customer feedback … experience delivering large, complex software engineering systems It would also be nice if you have: Have experience with Backend development - ideally Python Have Geospatial / mapping / GIS experience Experience working with LLM's and OpenAI's API in particular Built or integrated with highly secure, fault tolerant … APIs Experience building high performance, distributed systems at scale Proven experience of driving and using modern dev practices like BDD, TDD, 12 Factor, CI / CD Competitive starting salary £90,000-£110,000 Matched pension contributions and equity options in a fast growing start-up Flexible working hours and More ❯

Microsoft cloud services (Intune, Azure, Entra), security auditing, and modern endpoint protection such as CrowdStrike. Responsibilities Monitor and respond to security incidents using EDR / XDR tools such as CrowdStrike, Microsoft Defender, and SIEM platforms. Perform regular audits and security assessments across cloud (AWS, Azure) and SaaS platforms to … security automation and build secure-by-design practices. Support the IT helpdesk with complex application and system security issues. Patch and secure endpoints (Windows / macOS), and mobile devices via Microsoft Intune, Jamf, or Meraki. Implement and support endpoint and network-level security controls: FortiGate, Cisco Meraki, and Zero … in a technical IT security, cloud engineering, or InfoSec-focused role. Proven experience with Microsoft 365 Security, Azure Entra ID, Intune, and AWS IAM / Security Services. Strong background in cloud security (AWS / Azure), including the shared responsibility model. Familiarity with compliance frameworks (ISO 27001 More ❯

has a desire to upskill technically and who thrives under pressure and responsibility. Key Tasks & Responsibilities − Supporting the Governance & Compliance Lead in maintaining ISO 27001, ISO 22301, ISO 9001, and Cyber Essentials Plus certifications, while progressing towards other certifications. − Ensuring compliance with More ❯

for new and existing systems to prioritize security controls. Compliance and Governance: Ensure solutions comply with regulatory and organizational security standards (e.g., NIST, ISO 27001, GDPR). Solution Design: Lead the design and architecture of security solutions, including identity and access management, data protection, network security … SC Security Clearance (required) Experience: 5+ years in cyber security, with a strong focus on architecture and design Technical Knowledge: Expertise in firewalls, IDS / IPS, SIEMs, endpoint protection, and encryption technologies Cloud Security: Proficient in securing cloud platforms (e.g., AWS, Azure, Google Cloud) Standards and Frameworks: Familiarity with … other security standards Certifications (preferred): CISSP, CISM, CISA, SABSA, TOGAF Soft Skills: Strong analytical, communication, and problem-solving skills Desirable Skills: Experience in Agile / Scrum methodologies Familiarity with DevSecOps practices and tools (e.g., CI / CD, IaC) Knowledge of regulatory requirements (e.g., GDPR, HIPAA) Diversity & Inclusion: Here More ❯

security posture of IT systems Apply IT best practice to achieve effective management of change (Requests for Change) whilst mitigating risk of system failures / outages Responsible for system and data backups, restores and DR tests, taking ownership of data integrity enabling DR processes and business continuity Maintain governance … configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proficient in Windows Server 2016 / 2019 / 2022 management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications and compliance policy using InTune Knowledge of administering and supporting Entra (Azure AD), Azure IaaS More ❯

information security strategy, policies, and procedures, aligning them with business objectives and risk tolerance. Oversee the maintenance and expansion of existing security certifications (ISO 27001, SOC 2) and drive initiatives for future certifications (e.g., ISO 22301, DORA). Direct regular security audits, risk assessments … practices and IT-regulations that apply to financial institutions or its outsourcing partners. In-depth knowledge of relevant regulatory requirements and industry standards (ISO 27001, SOC 2, GDPR, DORA, etc.). Experience with cloud security (AWS, Google etc.), application security, and DevSecOps practices is a significant More ❯

Role Title: Security Consultant Duration: contract to run until 02 / 10 / 2025 Location: London / Knutsford. Hybrid 2-3 days a week onsite Rate: up to £378 p / d Umbrella inside IR35 Role purpose / summary This is a client-focused technical … The role of the Senior Security Consultant is to take a primary role in the delivery of the Security Solutions Consultancy services. Key Skills / requirements: Essential Skills / Basic Qualifications: Demonstrable understanding of security solutions and designs from a people, process and technology … perspective; including security technologies, controls and assessment methodologies. Strong relationship, communication and stakeholder management skills. Knowledge of information security frameworks and standards such as ISO27001 / 2, NIST, PCI DSS and their application into diverse environments. Security qualification. Desirable skills / Preferred Qualifications: Experience with a Consultancy practice. More ❯

to ensure security controls are implemented and effective Assist in preparing for and responding to regulatory audits and compliance reviews (e.g., NIST CSF, ISO 27001, DORA, GDPR. ITGC) Maintain and update the information security risk register with appropriate scenarios and control frameworks Conduct regular control testing … risk management, risk management, or compliance Strong understanding of information security frameworks (e.g., ISO 27001, NIST) Experience with GRC tools / platforms Excellent organisational, communication, and documentation skills Ability to work independently and cross-functionally in a fast-paced environment Industry certifications such as CISA More ❯

Cloud Application Security Engineer / Cloud Security Engineer - AWS / AppSec / IAM (Okta) Application Security Engineer / AWS Security Engineer / CloudSec Location: Hybrid London (2 days per week onsite) Ready to drive secure engineering at scale in a leading fintech? Were looking for … Youll work with DevOps and engineering teams to build secure-by-design solutions in AWS using tools like IAM, Okta, AWS Shield, and SAST / DAST. This is a high-impact role with a focus on AppSec, cloud security architecture, observability and secure software development . Key Responsibilities Conduct … secure code reviews and threat modelling Improve security in AWS (Security Hub, Shield, IAM) Integrate AppSec practices into CI / CD pipelines Run vulnerability management and bug bounty programs Build security dashboards, frameworks, and reusable libraries Promote secure coding and AppSec best practices across teams What You Bring Deep More ❯

our researchers ship AI from notebook to production at lightning speed and enterprise scale. You’ll design and automate cloud‑native infrastructure, champion CI / CD best practices, and ensure our GenAI services run reliably, securely, and cost‑effectively across staging, test, and high‑availability production environments. This is … both culture and tech stack from day one. Key Responsibilities Design & Build Cloud Infrastructure Architect scalable, secure, and cost‑optimized Kubernetes‑based environments (EKS / GKE / AKS or on‑prem k8s). Codify infrastructure with Terraform, Pulumi, or similar IaC, implementing GitOps‑style workflows. End‑to‑End … CI / CD Automation Create and maintain CI / CD pipelines (GitHub Actions, GitLab CI, Jenkins, or Argo Workflows) for containerized microservices, ML model training, and inference workloads. Integrate automated testing, security scans, and policy checks into the release process. Observability & Reliability Engineering Implement comprehensive monitoring, logging, and More ❯

and insights when required. Address technical queries from internal and external stakeholders, providing solutions and escalating issues when necessary. Provide support to uphold ISO 27001 and CyberEssentials Plus certifications. Supervise the IT Support Technician to ensure: Timely completion of maintenance tasks. Progress in training and skill … upgrade plans to ensure continuous system reliability and security. Skill Requirements Technical Skills IT Infrastructure and Networking Knowledge of network architecture and protocols (TCP / IP, DNS, DHCP, etc.). Proficiency in managing servers, storage, and data centres. Familiarity with Azure cloud platforms. Understanding virtualization and containerization (Hyper-V … . Experience with Asset Management. Cybersecurity and Risk Management Understanding cybersecurity frameworks (ISO 27001, NIST). Knowledge of firewalls, IDS / IPS, and antivirus systems. Incident response and disaster recovery planning. Awareness of compliance regulations (GDPR, HIPAA, etc.). Cloud Computing Expertise in cloud services More ❯

Manager (CIAM) or Certified Identity Management Professional (CIMP), CISSP, or CISM is highly desirable. Experience with cybersecurity frameworks and standards, such as NIST, ISO 27001, or similar. General understanding of operational risk and risk-related control frameworks and practices such (ISO 27001 … and best practices. Strong and broad understanding of Cybersecurity and IAM methodologies, frameworks and best practices. Understanding of project management methodologies. Knowledge of M365 / Azure AD conditional access policies. Knowledge of Azure security principles and best practices. Bachelor's degree in computer science, information technology, or a related … team environment. Excellent Power Point presentation documentation, verbal communication and interpersonal skills. Excellent stakeholder management skills and management of expectations. Proven experience in dealing / working with 3rd party suppliers. More ❯

requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to … response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security … Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access More ❯

requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to … response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security … Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access More ❯

ideal Information Security Lead will be responsible for: Owning and leading the information security function, working collaboratively across all departments. Maintaining and evolving ISO 27001 certification and managing the Information Security Management System (ISMS) lifecycle. Performing regular risk assessments, developing and managing remediation plans, and conducting … ideal Information Security Lead will have experience with the following: 3-5 years of hands-on experience in an information security or IT risk / compliance role. Proven experience working within a SaaS company or a fast-paced startup / scale-up environment. Strong working knowledge of ISO 27001 and practical experience maintaining or achieving certification. A solid understanding of cloud environments (AWS preferred) and common security risks associated with SaaS platforms. Hands-on knowledge of security tooling, including endpoint protection, SIEMs, DLP, identity and access management (IAM), and SSO. A clear understanding of More ❯

adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly … ISO 27001) and GDPR regulations. Experience with network security infrastructure and SIEM tools (Splunk, SolarWinds). Proficiency in Windows / Linux system administration and virtualization technologies (VMware, Hyper-V). Previous experience within the finance or banking sector is highly advantageous. Certifications (Desirable): CISA, CISSP More ❯

Services: Drive the delivery of services including Threat & Vulnerability Management, Privileged Access Management, IAM, DLP, Network Security, and Penetration Testing. Project Leadership: Lead IT / Cybersecurity improvement projects as an SME. Risk & Compliance: Evaluate IT changes for security risks, ensuring compliance with security policies and frameworks like ISO 27001 / NIST. Security Controls: Operate and manage security controls to protect IT systems, ensuring alignment with regulatory and industry best practices. Continuous Improvement: Recommend and implement new technologies and practices to improve security posture. Required Skills & Experience: Security Expertise: Extensive experience in IT / More ❯

security reviews during vendor onboarding and contract renewals. Governance, Risk, and Compliance Ensure compliance with relevant regulations (e.g., PCI DSS, GDPR, SOC 2, ISO 27001) and internal policies. Maintain up-to-date knowledge of emerging threats, regulatory changes, and best practices. Establish and report key security … security, application security, and incident response. Relevant certifications such as CISSP, CISM are highly desirable. Strong knowledge of security frameworks (e.g., NIST, CIS, ISO 27001) and compliance standards (e.g., PCI-DSS, PSD2, GDPR). Hands-on experience with security technologies (e.g., SIEM, endpoint protection, cloud security More ❯

technical experience in infrastructure design, build, and deployment, including private and public cloud, networking, connectivity, storage, and virtualization Strong technical experience of the Microsoft / Azure ecosystem (Networking / solutions, Monitor, Licensing / Cost Management, IaaS / PaaS services) and Infrastructure as Code Experience working with … Azure technologies such as virtual machines, Cloud Services, web apps, function apps, Azure Active Directory, Virtual Networks, etc. Creating and managing CI / CD pipelines using tools such as Azure DevOps, Octopus Deploy, and Terraform to deploy both infrastructure and applications Experience in managing both project and operational change … including estimating, resource allocation, status reporting, and cost management Experience in modernizing / migrating existing systems to cloud-based serverless architecture Well-versed in Windows Operating Systems and Active Directory domain services Experienced in the use of Azure platform services, PowerShell / Azure PowerShell, and the Azure Portal More ❯

cyber security strategy Lead and grow a small, globally distributed security team Oversee security operations , threat detection, and incident response Ensure compliance with ISO 27001, NIST, GDPR and DORA Work with tech teams to embed secure software development practices (SDLC) Build and report on security KPIs … pen tests & tabletop exercises Promote strong cyber awareness and culture across the firm What You Need: ✔ Proven experience in a Head of IT Security / InfoSec role ✔ Strong track record across cloud security (Azure) , network & endpoint protection , risk & compliance ✔ Solid grasp of governance frameworks : ISO 27001 More ❯

particularly in IT Compliance, IT Risk Management, and Vendor Management—is desirable. Strong knowledge of IT risk management frameworks and standards such as ISO 27001 and NIST. Proven experience in developing and implementing risk management strategies, policies, and procedures. Relevant certifications such as CRISC, CISA, CGEIT … or ISO 27001 Implementer. Previous experience in a financial services environment is advantageous. Additional risk qualifications with an IT specialism would be beneficial. Solid academic background with strong analytical and problem-solving skills. Proficiency in Microsoft Office, particularly Excel, Word, and PowerPoint. Tradition do not accept More ❯