8 of 8 ISO 27001 Lead Implementer Jobs in London

information security , Risk Management, or Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / … Experience Requirements: 3-5+ years of experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and regulators. More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

opportunities for improvement directly to senior management. Responsibilities : Cyber Security Strategy & Governance Implement and refine the organisation’s cyber security strategy, aligned with business objectives and risk appetite. Lead the development and maintenance of a comprehensive Information Security Management System (ISMS). Define and review metrics and KPIs to monitor the effectiveness of security controls. Policy Management … relevant security frameworks, data protection laws (e.g. GDPR), and industry standards. Manage internal and external security audits, penetration tests, and vulnerability assessments. Maintain records of security incidents and lead post-incident reviews and continuous improvements. Training & Awareness Drive an organisation-wide security awareness program to foster a proactive security culture. Deliver targeted training for teams and departments … budgeting. Qualifications : Proven experience in a similar Information Security Management or Cyber Risk role. Strong understanding of information security principles, risk management frameworks, and industry best practices (e.g. ISO 27001, NIST, CIS). Demonstrated experience in drafting and implementing security policies and procedures. Strong communication skills with the ability to engage both technical and More ❯

s Global Security Office is committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Information Security Risk Manager to lead on A&M wide information security risk management program and join our dynamic and growing team based in either our London or Tampa office. Position Summary: The Information … focused on managing and maintaining the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the OnSpring GRC Tool and can effectively assess and communicate technical security requirements to teams across the firm. Key Responsibilities … Risk Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the end-to-end information security risk management process, ensuring risks are proactively identified, assessed, recorded, and mitigated. Assess and prioritize security risks based on enterprise-wide impact, likelihood, and mitigation strategies. Act as a trusted security advisor, working cross-functionally with More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

manage responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security … a related field. Experience supporting sales processes, including responding to RFx security assessments. Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.). Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences. Strong organizational skills with the … a proactive approach to problem-solving and attention to detail. Experience working in a SaaS, cloud, or technology-driven company is preferred. Professional certifications (such as CISM, CRISC, ISO 27001 Lead Implementer / Auditor, or similar) are a plus Additional Information We are proud to foster a diverse More ❯