76 to 100 of 222 ISO/IEC 27001 Jobs in London

and reporting activities. Implement and enforce access control policies aligned with corporate governance. Design and review workflows for joiners, movers, and leavers. Maintain compliance with standards such as ISO 27001, NIST, and GDPR. Apply IAM theory to support zero-trust security models and defence-in-depth strategies. Evaluate complex access scenarios and formulate risk mitigation strategies. More ❯

authorization, and privileged access policies with data security controls. Deliver security capabilities that support modern work scenarios, remote access, zero-trust networking, and protection of sensitive data in AI / ML workloads. Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 … operations. Strong understanding of compliance frameworks and risk management strategies. Demonstrated ability to present complex security topics to executive leadership. Preferred Qualifications: Certifications such as CISSP, CCSP, CISM, AWS / Azure Security Specialty, or equivalent. Experience with tools like Symantec DLP, Zscaler CASB, MS Purview, Palo Alto Prisma, Hashi Vault and other modern security platforms. Familiarity with DevSecOps principles … basis Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in More ❯

threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI / CD pipelines, cloud-native services, and on-prem platforms to enforce security-by-design principles. Deliver security capabilities that support modern work scenarios, remote access, zero-trust networking, and … AI / ML workloads. Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of … security controls, implementing zero-trust models, and supporting 24x7 security operations. Strong understanding of compliance frameworks and risk management strategies. Preferred Qualifications: Certifications such as CISSP, CCSP, CISM, AWS / Azure Security Specialty, or equivalent. Experience with tools like Okta, Azure AD, CrowdStrike, Tanium, Zscaler, Vault, and other modern security platforms. Familiarity with DevSecOps principles, Infrastructure as Code, and More ❯

with business travel to the Middle East . Job Type: Full-Time, Permanent Location: London, UK (with travel to the Middle East) Sector: Energy & Utilities Experience Level: Senior Manager / Director Role Overview This role is pivotal to the growth of our Cyber Security Services, providing technical and advisory expertise to help clients securely design and deploy industrial control … PLC, EMS, and related technologies Familiarity with protocols like TCP / IP, Modbus, IEC 61850, OPC UA, PROFINET Knowledge of security standards such as NIST CSF, ISO27001, IEC 62443, and NIS regulations Ability to develop pragmatic solutions to address cyber risks in OT environments More ❯

ll do Collaborate with the DevOps team to design, implement, and manage a robust DevSecOps framework for our software development pipeline, integrating security tools and processes into our CI / CD workflows to enhance the developer experience Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies Create security … team Develop Key Risk Indicators (KRIs) to track security posture across business lines, measure progress and identify outliers Implement and manage security testing tools and processes within the CI / CD pipeline, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and open source security (OSS) Work together with the DevOps team to … improve our security posture What's required 7-10 years of experience in software development, DevOps, or security engineering, with a strong focus on DevSecOps practices Expertise in CI / CD tools such as GitHub, Jenkins, GitLab CI / CD, Azure DevOps, or similar Proficiency in infrastructure-as-code tools like Terraform or CloudFormation Strong scripting and automation More ❯

inform the development of effective security measures. Support the development, implementation, and continuous improvement of the organization's security strategy, policies, and procedures. Support the maintenance of our ISO 27001 and SOC 2 Level 2 certifications. What you'll bring Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree More ❯

create and deliver a 5-year roadmap, champion AI-first principles, and oversee centres of excellence and innovation hubs. Drive automation and application transformation - optimise enterprise systems, promote low / no-code solutions, and lead adoption across HR, Finance, Library Services, Research and more. Shape data and governance - develop data strategies, oversee Azure-based platforms, and ensure interoperability between … an open organisation they seek collaborative people who have honesty, integrity and a sense of humour! You will have: Significant leadership experience in enterprise applications, digital transformation, and AI / automation adoption. At a senior programme manager / director level you will have a track record of leading large-scale, complex IT change programmes and delivering measurable outcomes. … and approach to ensure delivery Experience applying ITIL, ISO 27001 or similar frameworks to ensure service quality and compliance. Relevant postgraduate qualifications, certifications in project / programme management, enterprise architecture, or AI / automation frameworks will be advantageous. What's on Offer? This role comes with an attractive package, including: Salary c. More ❯

security features. Proficiency with Microsoft Intune, Autopilot, and modern endpoint management. Strong understanding of security architecture , including conditional access, endpoint compliance, MFA, and threat protection. Solid networking knowledge (TCP / IP, DNS, DHCP, VPN, routing). Skilled in PowerShell scripting, automation, and infrastructure-as-code concepts. Experience delivering Windows 10 / 11 migrations in enterprise environments. Familiarity with … compliance frameworks (ISO 27001, NIST, Cyber Essentials) and security best practices. Strong problem-solving ability with excellent written and verbal communication skills. Certifications in Microsoft Azure, Microsoft 365, or security disciplines (e.g. MS-102, AZ-305, SC-100) highly desirable. To find out more about Computer Futures please visit www.computerfutures.com Computer Futures, a trading division of More ❯

security features. Proficiency with Microsoft Intune, Autopilot, and modern endpoint management. Strong understanding of security architecture , including conditional access, endpoint compliance, MFA, and threat protection. Solid networking knowledge (TCP / IP, DNS, DHCP, VPN, routing). Skilled in PowerShell scripting, automation, and infrastructure-as-code concepts. Experience delivering Windows 10 / 11 migrations in enterprise environments. Familiarity with … compliance frameworks (ISO 27001, NIST, Cyber Essentials) and security best practices. Strong problem-solving ability with excellent written and verbal communication skills. Certifications in Microsoft Azure, Microsoft 365, or security disciplines (e.g. MS-102, AZ-305, SC-100) highly desirable. To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division More ❯

staff globally and offices in the UK, Sweden, Canada, and Australia, they are an IT company operating in 19 countries and listed on Nasdaq Stockholm. They are ISO 9001 and ISO 27001 certified, reflecting their commitment to quality and information security. Salary: £35,000£38,000 (dependent on experience) Bonus: Discretionary, based on company More ❯

staff globally and offices in the UK, Sweden, Canada, and Australia, they are an IT company operating in 19 countries and listed on Nasdaq Stockholm. They are ISO 9001 and ISO 27001 certified, reflecting their commitment to quality and information security. Salary: £35,000–£38,000 (dependent on experience) Bonus: Discretionary, based on company More ❯

staff globally and offices in the UK, Sweden, Canada, and Australia, they are an IT company operating in 19 countries and listed on Nasdaq Stockholm. They are ISO 9001 and ISO 27001 certified, reflecting their commitment to quality and information security. Salary: £35,000–£38,000 (dependent on experience) Bonus: Discretionary, based on company More ❯

to take ownership of the security function from day one and grow it into a broader leadership role as the company scales. What You'll Be Doing Secure CI / CD pipelines, container workflows, infra-as-code, and deployment tooling Define and enforce access controls, auditing, and logging for internal services Evaluate and manage security tools (EDR, vulnerability scanners … SCA, etc.) Own and manage internal authentication (SSO, MFA, identity lifecycle) Secure endpoints, laptops, and internal systems Lead security awareness and employee training programs Drive SOC 1 / 2 and other compliance frameworks Build internal security policies, playbooks, and operational processes Manage relationships with vendors, auditors, and pentesters We're Looking For Someone Who Has 5+ years of hands … engineering, ideally in a SaaS environment A CISSP or similar certification Strong knowledge of cloud security, secure software development, and common vulnerabilities Proven experience securing production environments and CI / CD systems Familiarity with security compliance frameworks (SOC 2, ISO 27001) Experience deploying and operationalising security tools Excellent communication skills and the ability to collaborate More ❯

Industry Knowledge: The candidate should have a strong understanding of regulatory requirements and industry standards related to technology risk management. Experience in working with frameworks such as NIST, ISO 27001, or COBIT would be beneficial. Technical Skills: Proficiency in using risk management tools and software, as well as a good understanding of IT systems and infrastructure … or a related field is preferred but not essential. Strong understanding of Technology controls including IT General Controls (ITGC's) Familiarity with relevant frameworks and standards such as COBIT, ISO27001 and SOX. Personal skills Proven experience in technology risk management or a related field. Analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as More ❯

integrate with LLM APIs (e.g., Gemini, Azure OpenAI) and internal systems. Implement advanced front-end security features including token handling, session management, data masking, and audit logging. Translate UX / UI designs into modular, reusable components aligned with enterprise design systems. Integrate front-end applications with REST / GraphQL APIs, WebSockets, and backend services. Collaborate with AI engineers … Ensure compliance with cybersecurity and data privacy standards through secure coding practices and regular code reviews. Deploy applications to GCP (Firebase, Cloud Run) and Azure App Services using CI / CD pipelines hardened for security and compliance. Participate in code reviews, technical design discussions, and architecture planning sessions. Required Knowledge, Skills & Experience Proven experience building secure, production-grade front … end applications in regulated environments (e.g., finance, healthcare, government). Strong proficiency in modern JavaScript / TypeScript frameworks (React, Next.js) and responsive UI development. Demonstrated ability to build front-end applications from scratch in greenfield or innovation lab settings. Experience developing interactive UIs, dashboards, chat interfaces, and data visualizations for AI-powered tools. Skilled in integrating front-end applications More ❯

integrate with LLM APIs (e.g., Gemini, Azure OpenAI) and internal systems. Implement advanced front-end security features including token handling, session management, data masking, and audit logging. Translate UX / UI designs into modular, reusable components aligned with enterprise design systems. Integrate front-end applications with REST / GraphQL APIs, WebSockets, and backend services. Collaborate with AI engineers … Ensure compliance with cybersecurity and data privacy standards through secure coding practices and regular code reviews. Deploy applications to GCP (Firebase, Cloud Run) and Azure App Services using CI / CD pipelines hardened for security and compliance. Participate in code reviews, technical design discussions, and architecture planning sessions. Required Knowledge, Skills & Experience Proven experience building secure, production-grade front … end applications in regulated environments (e.g., finance, healthcare, government). Strong proficiency in modern JavaScript / TypeScript frameworks (React, Next.js) and responsive UI development. Demonstrated ability to build front-end applications from scratch in greenfield or innovation lab settings. Experience developing interactive UIs, dashboards, chat interfaces, and data visualizations for AI-powered tools. Skilled in integrating front-end applications More ❯

Overview Network Infrastructure Security Manager - HYBRID WORKING Position Summary: We are seeking an experienced Infrastructure / Security Manager to lead our IT operations and cybersecurity initiatives. The ideal candidate will have a strong technical background, with the ability to combine hands-on technical expertise with leadership capabilities. Responsible for driving company IT security, and stability of all IT systems … SIEM, MFA, PKI, DLP). Nessus VAPT reporting and remediation Strong expertise in: Microsoft technologies (Windows Server, Azure Active Directory) Virtualization platforms (VMware ESXi, Proxmox) Networking including Layer 2 / 3 switching, routing, VLANs, VPNs. Cloud environments (IBM Cloud,AWS, Azure) - deployments and architecture. Proficient in backup and disaster recovery technologies. Supporting end users Certifications (Preferred) Microsoft Certified Professional … AWS Certified Solutions Architect - Associate / Professional VMware Certified Professional (VCP) Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

on-prem). Hands-on experience with SIEM, EDR, and XDR solutions for security monitoring. Certifications preferred: CISSP, CISM, AZ-500, SC-200, SC-100. Strong knowledge of ISO 27001, NIST, CIS benchmarks, and security governance. Experience leading security for M&A, large-scale risk assessments, and enterprise security This is a permanent role, with hybrid More ❯

communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10 Have a relevant industry certification such as CISSP, CISM, CRISC, BRMP or similarYou'll More ❯

Security Risk Analyst – 6-month contract – London / Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role … able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the … improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party / vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic More ❯

A leading Fintech / Payments company is looking for a proactive and technically skilled Application Security Engineer / DevSecOps to champion secure development practices across our software delivery lifecycle. In this role, youll play a key part in identifying and reducing application-layer risks, integrating security into the development pipeline, and ensuring that security considerations are embedded throughout … to have set them up, you should have collaborated with developers to ensure code is scanned and critical vulnerabilities are blocked in the pipeline. Integrate security controls into CI / CD pipelines and development workflows. Manage and monitor SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle. Conduct secure code reviews and support remediation efforts. Threat … of OWASP Top 10, secure coding principles, and threat modelling. Hands-on experience with SAST, DAST, SCA, and vulnerability management tools. Familiarity with cloud platforms (Azure or AWS), CI / CD pipelines, and DevOps processes. Strong communication skills and the ability to collaborate effectively across teams. Understanding of regulatory and security standards (ISO 27001, FCA More ❯

Security Risk Analyst 6-month contract London / Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role … able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the … improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party / vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic More ❯