76 to 100 of 368 ISO/IEC 27001 Jobs in London

workforce solutions - from recruitment and technology to workforce supply, management, and training - tailored for the infrastructure, construction, and civil engineering sectors. Key Responsibilities: •Manage full lifecycle for 6+ IT / telecoms vendors, including contracts, renewals, and performance reviews •Oversee daily / weekly SLAs, drive service improvements, and align to ITIL metrics •Lead IT governance board; maintain risk register … and support ISO / cybersecurity compliance •Control £700k IT OPEX budget; track costs and manage asset register •Sponsor supplier-led projects (e.g., ERP, M365); build cases and track benefits •Communicate clearly with execs; use NPS / CSAT to improve supplier service What You'll Bring to the Team: •Managed multi-supplier, outsourced IT & telecoms contracts end … Understanding Microsoft Cloud environment •Run IT Teams across Microsoft stack •Led RFPs, contract negotiations, and vendor performance reviews •Tracked SLAs and supported supplier-led change projects •Familiar with ISO 27001, GDPR, and risk reporting •Clear communicator with execs, users, and vendors •Data-driven; focused on cost, service, and risk improvement Certifications & Education: Why Join Us? We More ❯

and investment priorities to support long-term growth. Governance & Compliance Own company-wide security governance, including data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of … with engineering to embed security in the SDLC and infrastructure. Guide secure design for cryptographic systems, transaction flows, and the Energy Network. Ensure resilience across distributed devices and on / off-chain systems. Security Culture & Collaboration Promote a security-first culture across product, data, legal, and compliance. Represent Fuse externally in customer, regulatory, and industry engagements. 5+ years in … incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer Science, Information Security, or related field. Bonus: Experience with CTFs, red / blue team exercises, or offensive security. Competitive salary and a stock options sign-on bonus Biannual bonus scheme Fully expensed tech to match your needs! Paid annual leave Breakfast More ❯

vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST, and CIS. Integrate vulnerability scanning and remediation into CI / CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate … and remediation practices. Person Specification Proven experience in vulnerability management across hybrid (on-prem and cloud) infrastructure. Hands-on experience with Tenable and integration of VM tools into CI / CD pipelines. Strong scripting skills using languages such as Python, Bash, PowerShell, or Go. Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack. Ability … to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the ability to explain complex technical issues to non-technical stakeholders. Analytical and solution-oriented mindset with the ability to drive improvements independently and as More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

DevOps engineers. Core Skills Deep technical experience in infrastructure design, build, and deployment, including private and public cloud, networking, connectivity, storage, and virtualization Strong technical experience of the Microsoft / Azure ecosystem (Networking / solutions, Monitor, Licensing / Cost Management, IaaS / PaaS services) and Infrastructure as Code Experience working with Azure technologies such as virtual … machines, Cloud Services, web apps, function apps, Azure Active Directory, Virtual Networks, etc. Creating and managing CI / CD pipelines using tools such as Azure DevOps, Octopus Deploy, and Terraform to deploy both infrastructure and applications Experience in managing both project and operational change; including estimating, resource allocation, status reporting, and cost management Experience in modernizing / migrating … existing systems to cloud-based serverless architecture Well-versed in Windows Operating Systems and Active Directory domain services Experienced in the use of Azure platform services, PowerShell / Azure PowerShell, and the Azure Portal Experience with configuration management and automation technologies Proficiency in cloud cost optimization strategies Knowledge of security compliance standards (e.g., ISO 27001 More ❯

Security Architect (London | Hybrid | Cloud, NIST, SABSA) A leading global financial services firm is hiring an Enterprise Security Architect for a permanent position based in London (2 days onsite / week) . Key Tech & Frameworks: Cloud Security (SaaS, IaaS, Infrastructure) SABSA, NIST CSF, ISO 27001 / 2, SP 800-53, SANS Top 20 Risk More ❯

experience in the field of Information Security, preferably in a senior or advanced analyst role. Proven experience in managing and auditing Information Security Management Systems (ISMS) aligned with ISO 27001 standards. Strong skills in risk assessment, vulnerability identification, and development of practical security solutions for complex IT environments. Experience with penetration testing and vulnerability assessments; certifications … to achieve their goals and an environment in which they can thrive. Apply for this job indicates a required field First Name Last Name Email Phone Location (City) Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf DATA PRIVACY NOTICE FOR APPLICANTS Select Please review … the below link and confirm Which office are you applying to be based in? Select Do you have experience working to ISO 27001 standards? Select Do you require sponsorship to work in the UK? Select Do you have work experience in Ethical Hacking? Select Are you willing to work in the office 3 days a week More ❯

be responsible for ensuring that security is built into every part of the development lifecycle, specifically ensuring that security tooling (native and non-native) is properly embedded into CI / CD CI / CD pipelines. Thus, ensuring the systems are security compliant, adhering to standards as Secure by Design and GovAssure. This is part of a complex legacy … a vast number of users. The role holder will be part of the transformation programmes including tech replacement and migration, embedding security to ensure seamless integration of new systems / features and workflows. Skills Required: Strong hands-on expertise in DevSecOps practices, particularly security automation in CI / CD and infrastructure-as-code pipelines. Deep understanding of modern … DevOps tooling (e.g., GitHub Actions / CircleCI, Terraform, Kubernetes, Docker) with secure configurations. Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security. Proven track record of using tools such as Snyk, Trivy, Checkov, OPA / Gatekeeper / OWASP ZAP, or similar to enforce pipeline and platform security. More ❯

relationship between the controls framework and contemporary contextual cybersecurity risks. Developing and operating our ISMS, and all that this entails: You will also be responsible for maintaining our ISO 27001 and Cyber Essentials certificationsand other security-related compliance accreditations as may be required. We are a scaling business, staying lean wherever possible, which means currently, responsibility … globally (e.g. GDPR, NIS Directive, EBA Guidelines). Has a comprehensive understanding of what it takes to comply with cyber security industry standards and frameworks in practise (e.g. ISO 27001, NIST CSF, SP 800-53, NCSC CAF, Cyber Essentials). Has a thorough understanding of cyber security threat and risk with the ability to think like … to aid in your personal development Regular socials to unwind and have some fun Apply for this job * indicates a required field First Name * Last Name * Email * Phone * Resume / CV * Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile * What are your salary expectations for this role? * What is your notice period? * Will you require visa sponsorship More ❯

is responsible for ensuring that security is built into every part of the development lifecycle, specifically ensuring that security tooling (native and non-native) is properly embedded into CI / CD CI / CD pipelines. The role holder will be part of the transformation programmes including tech debt replacement and migration, embedding security to ensure seamless integration of … new systems / features and workflows. The Lead DevSecOps role will be responsible for ensuring that the replacement systems are security compliant, adhering to standards such as Secure by Design and GovAssure, utilising a shift left mentality to fix problems before production. This is as part of highly complex legacy replacements involving approximately 90,000 users. Essential skills and … experience: Strong hands-on expertise in DevSecOps practices, particularly security automation in CI / CD and infrastructure-as-code pipelines. Deep understanding of modern DevOps tooling (e.g., GitHub Actions / CircleCI, Terraform, Kubernetes, Docker) with secure configurations. Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security. Proven track More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring ****and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We dont expect candidates to tick every single box, we encourage you to apply even if you dont meet all of the criteria. It would also be nice if you have More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We don't expect candidates to tick every single box, we encourage you to apply even if you don't meet all of the criteria. It would also be nice if More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring ****and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We dont expect candidates to tick every single box, we encourage you to apply even if you dont meet all of the criteria. It would also be nice if you have More ❯

codebase. Play a pivotal role in architecture and code reviews, ensuring our applications meet the highest standards of quality, security, and scalability. Work on infrastructure as code and CI / CD pipelines, ensuring seamless integration and deployment of systems. Ensure compliance with security policies and ISO 27001 by protecting sensitive data and following secure coding … Terraform for infrastructure as code, enabling scalable and reliable systems. Experience with monitoring and observability tools, such as Datadog or Prometheus. Familiarity with event-driven systems, particularly Kafka and / or RabbitMQ. Deep understanding of messaging and queuing systems, including design patterns for reliability, retries, and scaling. Strong understanding of PostgreSQL for relational database systems. Experience working with Redis … for caching and high-performance data handling. Experience setting up and maintaining CI / CD pipelines for smooth and automated deployments. Low-Level & Deep Stack Problem-Solving Note: We don't expect candidates to tick every single box, we encourage you to apply even if you don't meet all of the criteria. It would also be nice if More ❯

processes, and systems. - Assess and remediate gaps in security practices and influence operational teams to adopt security-first approaches. - Drive adherence to industry standards and frameworks such as ISO 27001, NIST, or similar. - Provide expert input to enhance security frameworks, policies, and procedures. - Lead and support security awareness initiatives across business units. What We’re Looking … For - Strong understanding of information security principles, particularly in GRC. - Hands-on experience with ISO 27001, NIST, or similar standards. - Excellent communication and stakeholder engagement skills - able to translate technical security concepts into clear business language. - Proven ability to embed governance and compliance into large, complex organisations. - Ability to balance technical, operational, and business priorities. Why More ❯

equity and venture capital firms and top 10 UK law firms. We are a Microsoft Gold Partner with six gold competencies, a Tier 1 Microsoft CSP relationship and are ISO27001 & ISO9001 accredited. Our clients rely on us to bring specialist expertise across cloud solutions, hybrid working, modern workplace, data and BI, cyber security, governance and compliance, and networking. We have … 1st class user support experience. You will lead a London-based team of circa 15 UK support engineers and work closely with our Malaysian operation to ensure consistent 24 / 7 global support. You will play a pivotal role in upholding Doherty Associates' service excellence, focusing on team development, operational effectiveness, and client satisfaction. Responsibilities Build and develop a … innovative Strategic & Commercial Awareness Contribute to budget planning and resource allocation, balancing cost-effectiveness with high service quality Ensure service desk compliance with relevant regulations and standards, including ISO 27001, ISO 9001, and Cyber Essentials Plus Align service desk objectives with wider business goals Qualification, experience and skills Experience managing a busy service desk More ❯

You'll Be Doing: Develop and implement information security policies, standards, and guidance in collaboration with stakeholders. Ensure compliance with industry standards such as NIST CSF, PCI-DSS, ISO 27001, and SOC 2. Coordinate responses to internal and external audits and liaise with key stakeholders. Develop and deliver security policy awareness and training programs. Assess policy … a public tech company or regulated industry. Experience in developing and implementing information security policies, standards and procedures. Familiarity with security standards such as NIST CSF, PCI-DSS, ISO 27001, and SOC2. Strong skills in security metrics and reporting. Ability to engage collaboratively with technical and non-technical stakeholders. Excellent written and verbal communication skills. Confidence More ❯

and talented team, and while some have prior security experience, many have been successful at Vanta without it. As Vanta's Customer Success Manager, in the Upmarket space (Enterprise / Mid-Market), you will play a pivotal role in guiding customers through their security and compliance journeys with Vanta's specialised solutions. By combining your customer-centric approach with … business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to achieve … trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a point-in-time More ❯

vendor services. Track vendor spend and ensure alignment with financial goals. Risk & Compliance Management Ensure vendors comply with regulatory, security, and data protection requirements (e.g., PCI DSS, GDPR, ISO 27001). Conduct regular vendor risk assessments and monitor any security or compliance concerns. Partner with Security and Compliance teams to ensure third-party risk is actively … cost optimization, and risk assessment. Ability to lead Quarterly Business Reviews (QBRs) and drive service improvements. Understanding of regulatory requirements relevant to vendor management (e.g., PCI DSS, GDPR, ISO 27001). Excellent stakeholder management, communication, and negotiation skills. Strong analytical mindset with experience using data to assess vendor performance and impact. ?Education & Experience: Bachelors degree in More ❯

ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection / prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among … bank London employees; conduct annual training / workshops to educate staff on security best practices aligned with GT. Other Duties Maintain professional and technical knowledge (Conduct Rule 2) e.g. by attending educational workshops; read professional publications; benchmarking state-of-the-art practices etc where relevant. Collaborate with stakeholders to handle backlogs and new requirements - Resolve conflicts and remove blockers … on IT related matters. Ensure work deliverables are in compliance with policies and regulatory requirements . Maintains quality service by establishing and enforcing organization standards. To act as second / third level support with GT for support related issues. To comply with all applicable FCA / PRA conduct rules. Compliance with all mandatory training as set by the More ❯

solid technical understanding are essential. Responsibilities: Regulatory Compliance & Framework Development: Support the implementation of a comprehensive business resilience framework aligned with DORA and other regulatory requirements (e.g., NIST, ISO 22301, ISO 27001). Develop training materials, policies, controls, and risk assessment methodologies to ensure adherence to regulatory standards. Support key pillars of the DORA … operational resilience, systems architecture, or related fields, with extensive exposure to Operational Resilience, particularly DORA . Strong understanding of UK regulatory requirements and frameworks such as DORA, NIST, ISO 22301, and ISO 27001. Proven experience conducting risk assessments, regulatory compliance reviews, and resilience testing . Ability to translate regulatory requirements into actionable plans and track them More ❯

enhance customer outcomes. Develop a deep understanding of Vanta's platform and its applications, advising customers on how to optimize their use of our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP, Custom Frameworks), Trust Reports, and Risk Management solutions. Partner closely with your Scale CSA team to co-develop and execute plays that drive … restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a point-in-time More ❯

within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice on … restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a point-in-time More ❯

within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice on … restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a point-in-time More ❯