1 to 25 of 68 ISO/IEC 27001 Jobs in the North West

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About … the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant … audit readiness, evidence gathering, and control implementation. Excellent attention to detail, analytical thinking, and confident stakeholder communication. Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP / E, GDPR Practitioner, CISM, or CISA. Why Apply? Join a modern, compliance-driven business where security and governance are at the heart of operations. Visible More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

the organisation’s GRC framework. Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations. Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements. Assist with internal and external audits, including evidence gathering and control testing. Prepare and deliver compliance and risk reports for management … with stakeholders across all levels of the organisation. Essential Skills and Experience: Previous experience in a GRC, Risk, or Compliance Analyst position. Good knowledge of frameworks such as ISO 27001, NIST, or COBIT. Understanding of data protection and … privacy regulations (e.g., GDPR). Excellent written, verbal, and interpersonal communication skills. Strong analytical and organisational abilities. Relevant professional certifications (e.g., ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP) are desirable but not essential. More ❯

the organisation’s GRC framework. Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations. Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements. Assist with internal and external audits, including evidence gathering and control testing. Prepare and deliver compliance and risk reports for management … with stakeholders across all levels of the organisation. Essential Skills and Experience: Previous experience in a GRC, Risk, or Compliance Analyst position. Good knowledge of frameworks such as ISO 27001, NIST, or COBIT. Understanding of data protection and … privacy regulations (e.g., GDPR). Excellent written, verbal, and interpersonal communication skills. Strong analytical and organisational abilities. Relevant professional certifications (e.g., ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP) are desirable but not essential. More ❯

and compliance experience and familiarity with other standards. Experience Required: At least 2-3 years in a Cyber security & GRC role Be a PCI-DSS expert around payments ISO 27001and GDPR Knowledge of Risk Management, including risk identification, assessment, and mitigation techniques Good experience around Audits and compliance Any penetration testing experience would be a bonus You'll … work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This … and forward-thinking environment we'd love to hear from you. Press 'Apply Now', or send your CV directly to faye . landells @ circlerecruitment . com Keywords: Cyber Security / GRC / PCI DSS / Governance Risk Compliance / Manchester Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a More ❯

the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide … expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards • Mentor junior … analysts and support SOC process development Key Skills & Experience: • Strong technical background in cyber security • Experience with application, cloud (AWS) , and infrastructure security • Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike • Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP • Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide … expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards • Mentor junior … analysts and support SOC process development Key Skills & Experience: • Strong technical background in cyber security • Experience with application, cloud (AWS) , and infrastructure security • Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike • Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP • Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide … expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior … analysts and support SOC process development Key Skills & Experience: * Strong technical background in cyber security * Experience with application, cloud (AWS) , and infrastructure security * Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike * Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP * Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

for a step up in their procurement career, applicants from a Buyer role will be considered depending on background. Ideally, your experience should include: Ideally, experience in IT hardware / software / electronic components procurement. Understanding of supplier risk management frameworks alongside proven ability to run effective tendering processes such as RFQs / RFIs / RFPs. … 27001 information security standards; awareness of SOC II requirements; knowledge of ISO 14001 sustainability principles. Exceptional negotiation skills supported by experience in contract drafting / review (with legal support) for both domestic and international suppliers. The Company Employees benefit from 3 days in the office and 2 from home, with an accessible office just … Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates. About the job Contract Type: Permanent Specialism: Procurement & Supply Chain Focus: Purchasing / Procurement Industry: Purchasing and Procurement Salary: £45,000 - £55,000 per annum + Benefits + Flexible Working Workplace Type: Hybrid Experience Level: Mid Management Location: Greater Manchester More ❯

the first point of contact for security incidents, your expertise will be essential in keeping our systems secure. We regret that this position is only available for UK citizens / Residents with indefinite leave to remain in the UK, with current full time work rights for the United Kingdom, currently residing in the UK. The position is located in … premises environments. Strong understanding of security principles, technologies, and industry best practices , including vulnerability and incident management. Practical experience with security monitoring and protection tools such as Firewalls, IDS / IPS, XDR, SIEM, CNAPP, and log collection platforms (e.g., CrowdStrike, Lacework). Experience in designing and implementing Identity and Access Management (IAM) solutions and maintaining secure authentication practices. Proficiency … Add your resume and anything else to showcase why you would be a great addition to our team. We regret that this position is only available for UK citizens / Residents with indefinite leave to remain in the UK. No recruitment agencies, please! We won't accept any introductions. Vix Technology is an Equal Opportunity Employer and prohibits discrimination More ❯

stakeholders. Liaise with regulators, auditors, and internal teams to support transparency and accountability. Mentor and develop junior compliance colleagues, fostering a culture of continuous improvement. Contribute to maintaining ISO 27001 certification and other relevant standards (e.g. PCI DSS, Information Security). Lead business continuity planning and ensure ongoing operational resilience. Manage corporate insurance coverage and relationships … solving approach to risk mitigation. Confident communicator, able to simplify complex issues and influence at senior levels. Experience leading compliance monitoring, audits, investigations, and remediation initiatives. Familiarity with ISO 27001 , PCI DSS , and other information security frameworks. Experience managing business continuity and insurance programmes. Leadership capability with a track record of mentoring others and representing compliance More ❯

Data / Information Manager - Manchester (Hybrid) Robert Half has been retained by a leading infrastructure consulting business to recruit a Data Manager. This is an exciting opportunity for to work for an organisation that is supporting with the design and construction of a high profile, £3bn infrastructure project in Manchester. About the Role The Data Manager will be responsible … working with sensitive data have valid DBS certifications. Maintain an up-to-date log of certifications and renewal dates. Qualifications and Experience Circa 5 years of experience in data / information management. Proficiency in managing Common Data Environments (CDEs) and implementing robust data security protocols. Degree in Information Management, IT, Engineering, or a related field. Relevant certification, such as … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb / en / privacy-notice. More ❯

Cyber Security Engineer 5 Month Contract (extendable) Hybrid - 3 days per week in Knutsford (Warrington) / 2 days remote Role Overview: We are seeking a highly capable Security Engineer to join a focused team developing a telemetry pipeline MVP. This role requires deep technical expertise in containerized environments, observability tooling, and secure infrastructure design. The ideal candidate will ensure … and development teams. Key Responsibilities: Design and implement security controls across containerized environments using Kubernetes and OpenShift Ensure secure configuration and access management within GitLab version control and CI / CD pipelines Integrate and secure telemetry tools including Cribl, Elastic, Splunk, Fluentd, and Syslog Conduct threat modeling, vulnerability assessments, and risk analysis for the telemetry pipeline Collaborate with DevOps … of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI / CD pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks More ❯

Cyber Security Engineer 5 Month Contract (extendable) Hybrid - 3 days per week in Knutsford (Warrington) / 2 days remote Role Overview: We are seeking a highly capable Security Engineer to join a focused team developing a telemetry pipeline MVP. This role requires deep technical expertise in containerized environments, observability tooling, and secure infrastructure design. The ideal candidate will ensure … and development teams. Key Responsibilities: Design and implement security controls across containerized environments using Kubernetes and OpenShift Ensure secure configuration and access management within GitLab version control and CI / CD pipelines Integrate and secure telemetry tools including Cribl, Elastic, Splunk, Fluentd, and Syslog Conduct threat modeling, vulnerability assessments, and risk analysis for the telemetry pipeline Collaborate with DevOps … of security architecture, policies, and incident response procedures Required Skills & Experience: Strong hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI / CD pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks More ❯

ll guide a team of engineers spanning front-end, back-end, and data disciplines, ensuring architectural integrity, engineering excellence, and continuous improvement. You’ll champion DevOps principles — automation, CI / CD, observability, and shared ownership — while mentoring engineers and shaping technical direction across multiple product areas. You’ll collaborate closely with product managers, architects, and designers to build secure … Azure services. Oversee the design and evolution of robust API layers (GraphQL and REST), ensuring consistency, discoverability, and strong contract boundaries across services. Champion DevOps culture by embedding CI / CD pipelines, automation, and observability into team workflows. Partner with UX and product teams to deliver intuitive, accessible, and responsive user experiences. Guide the implementation of scalable front-end … professional software engineering experience, including 2+ years in a technical or team-lead capacity. Proven expertise in modern UI development frameworks ( Angular preferred). Strong proficiency in .NET Core / C# and related back-end technologies. Hands-on experience designing and deploying applications in Microsoft Azure (App Services, Functions, SQL, Storage). Experience leading engineers within DevOps delivery practices More ❯

scanners Vulnerability Assessments : Help run scans to identify weaknesses in systems and recommend remediation actions Policy and Compliance Support : Assist in ensuring the organisation meets security standards (e.g., ISO 27001, GDPR, Cyber Essentials) Security Awareness : Contribute to internal training and awareness campaigns to improve staff cyber hygiene Incident Investigation : Support in analysing and documenting cyber incidents … related discipline Strong interest in cyber security and desire to build a career in the field Basic understanding of cyber threats, security principles, and best practices Familiarity with Windows / Linux operating systems and networking concepts Strong analytical and problem-solving skills Good communication skills and the ability to explain technical concepts clearly Nice to Have (But Not Required … Excellent Company Benefits We believe in supporting our people from day one. Here’s what we offer: 25+ Days Annual Leave + bank holidays (with the option to buy / sell extra days) Hybrid & Flexible Working – work from home and the office Annual Bonus Scheme based on personal and company performance Professional Certification Support – we’ll cover exam costs More ❯