51 to 75 of 164 ISO/IEC 27001 Jobs in London

Senior Pen Tester / Red Team Security Specialist Remote or London Based (50%) The Client Based in London, my client are a prestigious Professional services organisation boasting a workplace with cutting-edge people that is moving with the modern ways of working. Named as one of the leading professional … testing technologies. Stay informed about emerging threats and trends, integrating this knowledge into the security testing processes Support the firms certification activities, such as ISO27001, SOC2, and Cyber Essentials Plus, by assisting with audits, documentation, and continuous improvement efforts. Engage with security industry groups and collaborate with external industry partners ...

compliant and resilient technology estate. You will also contribute to enhancing identity security, infrastructure protection, awareness initiatives, and the onboarding of systems to SOC / SIEM tooling. This role is ideal for someone with strong technical knowledge, excellent communication skills and a passion for defending large-scale environments from … DMARC / DKIM / SPF, networking fundamentals and TCP / IP. Familiarity with frameworks such as MITRE ATT&CK, ISO27001, CIS benchmarks, NIST, Cyber Essentials. Ability to explain technical concepts to non-technical audiences. Strong documentation, analysis and problem-solving skills. Experience in security auditing ...

Manager (Associate Vice President) Location: London (Hybrid - 3 days on-site) Duration: 6 months (with possibility for extension) Working Pattern: Full Time (40 hours / week) Rate: Circa £600 / Day Join Our Dynamic IT Team! Are you an experienced IT Change Manager looking to make a real … Advisory Board (CAB) meetings , ensuring changes are assessed, approved, and scheduled in line with business priorities. Collaborate with technical teams, business units, and risk / compliance functions to assess change impact and associated risks . Ensure changes are implemented within agreed windows and readiness standards to minimise service disruption ...

Cybersecurity leadership Strong knowledge of ISO 31000, NIST RMF, ISO 27001 and CIS Controls Experience working with OT / industrial environments Proven ability to influence senior stakeholders in a global organisation Relevant degree in Information Security, Risk, Computer Science or similar Professional certifications ...

security or security-focused engineering roles* Experience with firewalls, EDR, SIEM, and security monitoring tools* Strong knowledge of network security (VLANs, VPNs, DNS, TCP / IP)* Experience securing cloud environments (Azure and / or AWS)* Hands-on endpoint security experience (e.g. Microsoft Defender, Sophos, Bitdefender)* Solid understanding … directly with clients What would be desirable? * Experience working in a managed services or MSP environment* Exposure to compliance frameworks such as GDPR, ISO 27001, or NIST* Vulnerability assessment or penetration testing experience* SOC or security operations experience* Mentoring or leadership exposure within technical teams ...

Data Protection Impact Assessments and Records of Processing Activities Assist with the internal auditing of the ISMS in line with Kennedys global ISO 27001 certification. Work with the Emerging Technology Risk Manager on AI and other emerging technology regulations and compliance. Work with the Information Security … assess, investigate and escalate data incident or breaches and / or issues / risks. Exposure to risk management frameworks such as ISO27001, ERM and understanding of governance structures. Proven ability to positively engage stakeholders of all levels across an organisation / firm and flexible communication style Experience ...

Platform Engineer - Active SC, Security, ISO27001 £550 per day (Inside IR35) Remote / London My client is an instantly recognisable consultancy who urgently require an AWS Platform Engineer with Active Security Clearance (SC), for an end client within the public sector. Key Requirements: Proven commercial experience working … ISO 27001, NIST, CIS). Proficient in Infrastructure as Code (Terraform, CloudFormation, AWS CDK). Experience embedding security into CI / CD pipelines (GitHub). Knowledge of deploying and securing Kubernetes clusters in public cloud. Strong understanding of AWS networking (VPCs, NACLs, security groups). ...

Experience Essential: Strong grounding in security engineering principles, practices and risk management. Experience working with a broad range of security controls (e.g., SIEM, IDS / IPS, firewalls, secure SDLC, cloud security configuration, CIS hardening, API security). Knowledge of security frameworks such as NIST, ISO 27001 … equivalent professional certification. Multi-year experience in a security engineering role. Desirable: CISSP certification. Cloud security certifications for AWS. Risk management experience (CRISC, ISO 27005, NIST RMF). Network security and coding experience (Python, Bash, PowerShell, GitHub). Penetration testing exposure. ...

requests from the Information Security Engineering Lead. Required Skills & Qualifications: Significant experience in security engineering. Knowledge and understanding of Cloud security, with qualifications and / or certifications for AWS. Proficiency in a broad range of security controls including Secure Software Development Lifecycles, firewalls, email filtering, web applications firewalls … communication, presentation, collaboration, problem-solving, reporting, and stakeholder management skills at all levels. Desirable: CISSP - Certified Information Systems Security Professional. Cloud security qualifications and / or certifications for GCP and Azure. Extensive risk management experience (CRISC, ISO27005, NIST RMF). Skills in network security, coding (Python, Bash, PowerShell, GitHub ...

ensure compliance with industry standards. Key Responsibilities Assess cloud environments and develop security strategies aligned with Zero Trust principles. Implement and configure CNAPP / CSPM tools (e.g., Wiz, Prisma Cloud, Lacework). Advise on identity and access management (IAM), encryption, and data protection in cloud platforms. Collaborate with DevOps … teams to embed security into CI / CD pipelines. Conduct risk assessments and provide remediation plans for vulnerabilities. Deliver documentation, training, and knowledge transfer to client teams. Required Skills & Experience Hands-on experience with AWS, Azure, and / or GCP security services . Strong knowledge of CNAPP, CSPM ...

security • Strong expertise across cybersecurity, information security and data protection within a regulated environment • In-depth knowledge of security frameworks including NIST 800, ISO 27001 and Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring ...

roadmaps, adoption frameworks, and business cases for GCP migration. Design scalable, secure and resilient GCP cloud architecture Conduct cloud assessments, maturity evaluations, and TCO / ROI analysis for clients. Guide clients through modernization of legacy workloads into cloud-native architectures. Align technical decisions with business outcomes and long-term … Provide oversight to migration waves, cutover planning, operational readiness, and risk management. Application & Data Modernization Lead modernization using GKE, Cloud Run, Cloud Functions, Pub / Sub, Dataflow, BigQuery, and managed databases. Define rehost, replatform, refactor strategies for application and data migration. Architect microservices, event-driven and serverless patterns. Governance ...

guidance to IT teams and project stakeholders. Profile Experience with Microsoft security stacks (Defender, Sentinel, Entra ID, etc.). Experience in networking, firewalls, routers / switches, and cloud infrastructure (Azure preferred). Experience with vulnerability management, IDS / IPS, endpoint security, identity management, and email security. Familiarity with … Primarily remote working Strong pension scheme. Generous annual leave plus bank holidays, with entitlement increasing over time. Life assurance, employee wellbeing support, and 24 / 7 assistance programme. Professional development opportunities, including funded training ...

Senior AWS Platform Engineer (Security) £540.00 per day Umbrella UK - Predominantly remote some travel to London / Manchester Initially till end of March (likely contract extension) SC Clearance Required Our client is currently looking for an experienced Platform Engineer with a strong focus on AWS security architecture and governance. … security posture assessments and audits. Automation & Infrastructure as Code: - Automate security configurations using Terraform, AWS CDK, or CloudFormation. Embed security checks into GitHub CI / CD pipelines for continuous compliance. Develop automated remediation workflows for security findings. Monitoring & Incident Response: Implement monitoring and alerting for security events using ...

robust, compliant, and strictly aligned with Zero Trust principles.Key Responsibilities Identity & Access Management (IAM): Design and manage hybrid identity configurations, including domain joins, OU / GPO design, and trust relationships. Security Implementation: Maintain SSO, Conditional Access, MFA, and passwordless authentication strategies. Privileged Access: Define and oversee RBAC … Just-in-Time (JIT) access for administrative and service accounts. Cloud Migration: Lead the shift from domain-joined / hybrid environments to Entra ID joined, utilizing Windows Autopilot and Intune for lifecycle management. Infrastructure Modernization: Replace legacy GPO-based configurations with Intune configuration profiles and security baselines. Legacy Decommissioning ...

Infrastructure-as-Code implementation during the migration of large-scale on-prem systems to AWS cloud . This role requires deep expertise across CI / CD pipelines, security automation, cloud-native DevOps tooling, third-party DevSecOps platforms, and large-scale IaC governance. The ideal candidate will lead cross-functional … cloud security principles: IAM, KMS, encryption, zero trust, least privilege. Experience implementing policy-as-code and pipeline security controls. Understanding of CIS benchmarks, NIST, ISO27001, compliance frameworks. Cloud Migration Skills Direct experience supporting large-scale on-prem to AWS migrations . Strong understanding of migration waves, application onboarding, and pipeline ...

managing Azure infrastructure including writing and maintaining Terraform modules for Azure resources and implementing infrastructure changes through workflows. Experience with version control (GitHub / ADO), code reviews, and understanding of infrastructure drift detection and remediation. Configuration Management (Ansible) - Proficient in using Ansible for configuration management, application deployment, and orchestration … Azure AD), Azure RBAC, Privileged Identity Management (PIM), managed identities, service principals, and Azure AD Connect for hybrid scenarios. Experience managing user provisioning / deprovisioning, conditional access policies, multi-factor authentication, Azure AD Application Proxy, federated authentication, SAML / OAuth integration, and implementing least-privilege access controls across ...

under pressure. QualificationsAnd Knowledge Strong understanding of key cybersecurity standards and best practices. Familiarity with leading information security frameworks such as NIST CSF, ISO 27001, and Cyber Essentials. Governance-focused certifications are advantageous, including CISMP, CISM, CISSP, or CompTIA A+. Awareness of regulatory and compliance requirements ...

existing technologies and services Reporting on control effectiveness and risk posture to governance forums Supporting incident management and resolution of major security / data incidents Required experience and skills include: Strong knowledge of IT security technologies (e.g. IAM, SIEM, firewalls, cloud platforms such as AWS / Azure) Understanding … application security threats and emerging information security risks Hands-on experience with IT risk frameworks (e.g. ISO 27001, COBIT, NIST) Strong stakeholder management and communication skills across technical and non-technical audiences Ability to balance commercial priorities with security, risk, and compliance needs ...

CFOs, CISOs, and Audit Committees on cybersecurity strategy, governance, and compliance. · Oversee delivery of cybersecurity assessments, remediation programs, and regulatory compliance engagements (ISO 27001, NIST, SEC Cyber Rules). · Ensure projects meet quality standards, timelines, and client expectations. Operational & Financial Management · Monitor financial performance ...

security, and vulnerability management Strong hands-on exposure to Kubernetes, Terraform, Jenkins, Prisma Cloud , and DevSecOps Technology Risk & Regulation Proven background in Technology Risk / IT Internal Audit Strong knowledge of global regulatory and compliance frameworks , including: GDPR, SOx, ISO 27001 PRA, FCA, EBA, BaFin ...

Experience and Skills Required At least seven years’ experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and / or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing … CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

conducting security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical … Hybrid working - 3 days on site Career Development: Continuous learning and professional growth. Benefits Package: Includes Private Health Care, Cash Back Plan, Buy / Sell Holiday Options, Life Assurance, and more. Interested? Submit your application to learn more about this exciting opportunity. Reasonable Adjustments: Respect and equality are core ...

directly with major enterprise customers, playing a strategic role in advisory, design, and technical delivery. What you'll do Provide expert guidance across SASE / SSE, PAM, detection, and data centre security technologies Be involved customer engagements, providing advisory services, architecture guidance, roadmap planning, and solution governance Define … level Expertise in Secure Access Service Edge (SASE) and Secure Service Edge (SSE), especially with Zscaler Experience in at least three enterprise Zscaler SSE / SASE projects Ability to provide presales advisory, requirements gathering, and high-level solution design Strong understanding of Zscaler architecture and troubleshooting Broad knowledge across ...