1 to 25 of 108 ISO/IEC 27001 Jobs in the North of England

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About … the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant … audit readiness, evidence gathering, and control implementation. Excellent attention to detail, analytical thinking, and confident stakeholder communication. Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP / E, GDPR Practitioner, CISM, or CISA. Why Apply? Join a modern, compliance-driven business where security and governance are at the heart of operations. Visible More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

automation, enhancing client experiences, and building strong team dynamics. Because client communication and information security are vital to the service we deliver, you’ll receive Client Communication and ISO 27001 awareness training, delivered as part of your onboarding. This will ensure you’re confident not only in the technical aspects of your role, but also in … our Python automation framework, by writing plugins • Collaborate with colleagues to continuously improve internal processes and automation • Document fixes and create knowledge base articles • Operate in line with ISO 27001 standards and best practices for security and compliance • Participate in the on-call rota (after probation) • Support the wider team, sharing knowledge and contributing ideas for … continuous improvement What You’ll Gain • Client Communication and ISO 27001 awareness training • Hands-on experience with GitOps and infrastructure as code from the start • Mentoring to grow your Python, DevOps, security, and automation skills • Regular opportunities to contribute to automation and tooling • A friendly, supportive team culture where learning is encouraged • The chance to directly More ❯

Information Security Officer / ISO27001 / Data Protection £65,000 - £75,000 + Benefits Newcastle Our client is an internationally renowned SaaS organisation that's flagship product is used by household media organisations around the world. They're looking for an Information Security Officer to join the organisation to drive their infosec maturity. You'll be responsible for … designing and implementing their security procedures in line with ISO27001, GDPR and Cyber Essentials+, ensuring compliance across the business. You will also act as the Data Protection Officer and work with stakeholders of across the business to ensure awareness of cyber security best practices. You must have proven experience as an Information Security Officer who has taken a business through … the ISO27001 accreditation process. You'll have outstanding stakeholder management experience and the ability to articulate complex security challenges to non-technical stakeholders to ensure standards are met. Newcastle £65,000 - £75,000 + Benefits Information Security Officer / ISO27001 / Data Protection More ❯

Information Security Manager (3 days / week, permanent pro-rata) Location: Leeds-hybrid (on-site 1-2 day / week, typically Mon / Tue) Reports to: VP, Information Security Team: 5 in security (within a wider UK tech org of ~25, multi-region) We’re looking for a hands-on InfoSec Manager to take pressure off the … shape the control environment, and keep the security operations and compliance moving at speed. You’ll blend GRC and technical oversight , working closely with two security engineers (vuln scanning / IDS, external pen-test liaison) and two GRC specialists. What you’ll do Drive and extend ISO 27001 implementation / maintenance (UK certified; expanding … to Madrid and Manila ). Support SOC 2 Type 2 maintenance (already accredited)—expert level not required. Oversee SIEM operations with the tech team: ensure log ingestion / coverage , daily monitoring, and follow-up. Guide vulnerability management, alert triage (Alert Logic), and external pen-test cycles. Keep evidence flows tight: client questionnaires, audit responses, security awareness, and user access More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data … Protection teams on policy alignment and compliance. Technical Review and Oversight Lead or oversee reviews of system architectures, applications, cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM / PAM implementations and M365 / Azure / Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution … security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track More ❯

central leader responsible for the company's overall security and compliance posture. You will manage the entire Information Security Management System (ISMS), ensuring the continuous maintenance of the ISO 27001 standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and … overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information risk management across the organisation, including identification, assessment, treatment, and ongoing tracking of risks, non-compliances, and associated action plans. Coordinate Information Asset Owners … good teacher Ability to work independently and with ad hoc teams Rigour, precision and attention to details Writing skills Ensuring technological and regulatory watch IT tools skills (Microsoft Office / Google Workspace / Jira) Policies and procedures related to information security, in particular ISO 27001 Project management techniques Control of the audit activity: procedure More ❯

the organisation’s GRC framework. Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations. Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements. Assist with internal and external audits, including evidence gathering and control testing. Prepare and deliver compliance and risk reports for management … with stakeholders across all levels of the organisation. Essential Skills and Experience: Previous experience in a GRC, Risk, or Compliance Analyst position. Good knowledge of frameworks such as ISO 27001, NIST, or COBIT. Understanding of data protection and … privacy regulations (e.g., GDPR). Excellent written, verbal, and interpersonal communication skills. Strong analytical and organisational abilities. Relevant professional certifications (e.g., ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP) are desirable but not essential. More ❯

We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools. Your wellness: We care about your holistic wellbeing Your work / life blend: We know that work is just one aspect of your life - we want to help you create your ideal work / life blend, rather than squeezing … lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. You … of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as: Cortex XDR / Palo Alto Networks Splunk (SIEM and dashboarding) Abnormal Security (email security) Prisma Cloud (cloud security posture management) Airlock (application and API security) Nucleus (vulnerability management and reporting) Deep knowledge More ❯

the business. You’ll lead audits, influence policy, and strengthen the organisation’s security and compliance posture. Key Responsibilities Lead and enhance governance, risk, and compliance frameworks. Manage internal / external audits and risk assessments. Ensure compliance with PCI DSS, ISO 27001, GDPR, and NIST. Develop and improve policies, procedures, and vendor risk management. Support … incident response and promote a culture of security awareness. Experience & Skills Proven leadership in GRC or Information Security. Strong knowledge of ISO 27001, PCI DSS, GDPR, NIST. Experience managing audits and compliance programmes. Excellent communication and … stakeholder management. Hands-on technical understanding of security controls. Desirable: Certifications: CISM, CRISC, ISO 27001 Lead Auditor (or equivalent). Experience with cloud security (AWS / Azure) and enterprise-scale environments. Benefits Salary up to £75,000+ (DOE) Private healthcare, pension & income protection Life assurance & wellbeing support Cycle-to-work & EV schemes Career growth in More ❯

We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools. Your wellness: We care about your holistic wellbeing Your work / life blend: We know that work is just one aspect of your life - we want to help you create your ideal work / life blend, rather than squeezing … lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements.This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. You'll … security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR / Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management More ❯

and compliance experience and familiarity with other standards. Experience Required: At least 2-3 years in a Cyber security & GRC role Be a PCI-DSS expert around payments ISO 27001and GDPR Knowledge of Risk Management, including risk identification, assessment, and mitigation techniques Good experience around Audits and compliance Any penetration testing experience would be a bonus You'll … work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This … and forward-thinking environment we'd love to hear from you. Press 'Apply Now', or send your CV directly to faye . landells @ circlerecruitment . com Keywords: Cyber Security / GRC / PCI DSS / Governance Risk Compliance / Manchester Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a More ❯

that is needed. Experience Required: At least 5 years in a Cyber security & GRC role, at Senior, lead or manager level. Be a PCI-DSS expert around payments ISO 27001and GDPR Knowledge of Risk Management, including risk identification, assessment, and mitigation techniques Good experience around Audits and compliance Any penetration testing experience would be a bonus You'll … work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This … collaborative and forward-thinking environment, we'd love to hear from you. Press 'Apply Now', or send your CV directly to matthew. leach @ circlerecruitment . com Keywords: Cyber Security / GRC / PCI DSS / Governance Risk Compliance / Manchester Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a More ❯

the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide … expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards • Mentor junior … analysts and support SOC process development Key Skills & Experience: • Strong technical background in cyber security • Experience with application, cloud (AWS) , and infrastructure security • Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike • Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP • Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide … expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior … analysts and support SOC process development Key Skills & Experience: * Strong technical background in cyber security * Experience with application, cloud (AWS) , and infrastructure security * Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike * Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP * Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes (e.g., ISO 27001, Cyber Essentials, ISO22301, etc.), acting as the primary point of contact. We'd love you to have Minimum 5 years of experience in second-line risk management or internal audit, with a strong focus on IT or Information Security. Experience in consultancy or professional services, with a proven ability to support complex transformation or change … preferred. Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes. Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CIS Controls, and regulatory requirements like GDPR. Proven ability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at More ❯

off site retention and routine recovery tests Support infrastructure and architecture delivery across servers, storage, networking and identity Maintain risk and compliance records, prepare for audits and evidence ISO 27001 controls and testing Write clear process guides and runbooks, keep them current, and gain approval through the change process Track cyber risk items, plan mitigation, and … experience Proven delivery of disaster recovery, backup and restoration in enterprise or public sector settings Strong grasp of infrastructure and architecture fundamentals and identity services Working knowledge of ISO 27001 controls and evidence gathering for audits Experience creating process guides, change requests and policy documents that are approved and used Comfortable presenting to technical and non … audiences Calm, approachable style with clear written and verbal communication A track record of testing plans, learning and improving based on measurable results Nice to have Experience with ISO 22301 or operational resilience frameworks Familiarity with Microsoft Graph, Intune, Sentinel or Defender suite Knowledge of business impact analysis and risk registers Experience with backup platforms such as Veeam More ❯