7 of 7 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in London

status of all mitigating controls to both Business and Technology risk committees as appropriate.The scope of this role covers all Technology Risks; IT Strategy and Architecture, Service Management / Stability, Capacity / Capability Management, Disaster Recovery and Crisis Management. This role will also integrate the output from the Information Security Risk and Transformation Risk teams into … the overall risk reporting for each Business Unit. You'll help us make health happen through: Interpreting and communicating to the Business Unit changes to Risk Polices, Business / IT Strategy, legislation that impact the existing Risk and Control Framework. Identifying and assessing Technology Management and Information Security issues so that control environments are properly defined and residual … in Information Technology audits or IT Assurance (e.g., CISSP, CISM, CISA, CRISC, CCAK) A sound understanding of British and International Security Standards (e.g., ISO / IEC 27001, ISO / IEC 27002, NIST, CIS-20, PCIDSS) and the UK More ❯

evaluate security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance, and … compliance and governance. Continuously assess and improve processes, controls, and reporting to enable informed, risk-based decisions. What you'll bring: Strong knowledge of networking, cloud security (AWS / Azure), and modern security concepts. Familiarity with vulnerability management, penetration testing, and security frameworks. Experience with security standards (ISO 27001 / 27002 … / 27017 / 27018). Minimum 5 years in cybersecurity, with certifications like CISSP, CISM, CCSP, or CRISC preferred. Eligible to work in the UK and have SC Security Clearance . Team-oriented, detail-focused, excellent communicator, self-motivated, and persuasive. Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from More ❯

Senior Control Assurance Assessor Location: Remote, UK Length: Asap – 31 / 03 / 2026 Rate: £450 per day (Inside IR35) Hours: 37.5 per week Role Overview: As a Senior Control Assurance Assessor, you will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premises and in the cloud … science, management information systems, relevant field, or equivalent demonstrable experience. 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology Professional certification such as as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills Ability to work both independently and collaboratively More ❯

Security Knowledge - You'll have a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these with technical and non-technical … that's why we have a range of support to help you keep yourself well. We have the thrive mental health app, our colleague assistance programme available 24 / 7, our own, in-house mental health first aiders, support groups and a dedicated team to make sure we are covering your needs There's more! - 27 days annual … an equal opportunities employer which means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion / belief, sexual orientation, gender reassignment or marital / family status. Please also note that we have a thorough referencing process, which includes credit and criminal record checks. More ❯

and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001 / 27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will … Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT / OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of … and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28 / 09 / More ❯

s how you will contribute Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001 / 2, and NIST-2. Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives. Training & Awareness Develop and maintain SGN's Information Security training and awareness materials. Integrate … s Information Security Management System (ISMS) and policy exceptions. Compliance & Assurance Monitor and report on compliance across SGN and third-party partners. Lead assurance reviews and support internal / external audits for ISO27001, NIST, and NIS. Own NIS submissions to OFGEM and support regulatory consultations and audits. Risk Management Oversee risk assessments and reporting across Cyber, OT, and … on audit actions and outcomes. What you will need Required Qualifications The individual should be educated to degree level in a relevant discipline. Must be one of CISM / CISSP / CISA / TOGAF / CRISC. Must have 5 years' cyber security experience. Must have proven expertise in Compliance Management, Information Security More ❯

Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10 Have a relevant industry certification such as CISSP, CISM, CRISC, BRMP or similarYou'll be More ❯