1 to 25 of 60 Remote ISO/IEC 27001 Jobs in the North of England

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

Information Security Manager (3 days / week, permanent pro-rata) Location: Leeds-hybrid (on-site 1-2 day / week, typically Mon / Tue) Reports to: VP, Information Security Team: 5 in security (within a wider UK tech org of ~25, multi-region) We’re looking for a hands-on InfoSec Manager to take pressure off the … shape the control environment, and keep the security operations and compliance moving at speed. You’ll blend GRC and technical oversight , working closely with two security engineers (vuln scanning / IDS, external pen-test liaison) and two GRC specialists. What you’ll do Drive and extend ISO 27001 implementation / maintenance (UK certified; expanding … to Madrid and Manila ). Support SOC 2 Type 2 maintenance (already accredited)—expert level not required. Oversee SIEM operations with the tech team: ensure log ingestion / coverage , daily monitoring, and follow-up. Guide vulnerability management, alert triage (Alert Logic), and external pen-test cycles. Keep evidence flows tight: client questionnaires, audit responses, security awareness, and user access More ❯

risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties Assess third party adherence to the minimum-security standards and record / track deviations or concessions Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements Generate MI and reporting on third … third-party vendor risk assessments and writing risk assessment reports Experience reviewing risk assessments, and SOC Type II reports for completeness and have worked with suppliers to address issues / concerns Experience managing audit returns from clients and regulators Supporting Legal and Procurement Teams with complex contract reviews / negotiations and communicating security risks / impacts to … various business (often non-technical) stakeholders Assisting writing Information Security related Policies, Processes and / or Procedures and analysing security controls Desired Experience in using good practice standards such as ISO 27001, ISO 22301, ISO 9001, Cyber Essentials and NIST Experience in a Project Management Office Degree or equivalent in Information More ❯

the organisation’s GRC framework. Conduct and document risk assessments, identifying control gaps and recommending appropriate mitigations. Maintain and update internal policies and procedures to ensure compliance with ISO 27001, GDPR, and other regulatory requirements. Assist with internal and external audits, including evidence gathering and control testing. Prepare and deliver compliance and risk reports for management … with stakeholders across all levels of the organisation. Essential Skills and Experience: Previous experience in a GRC, Risk, or Compliance Analyst position. Good knowledge of frameworks such as ISO 27001, NIST, or COBIT. Understanding of data protection and … privacy regulations (e.g., GDPR). Excellent written, verbal, and interpersonal communication skills. Strong analytical and organisational abilities. Relevant professional certifications (e.g., ISO 27001 Lead Implementer / Auditor, CISM, CRISC, CISSP) are desirable but not essential. More ❯

the business. You’ll lead audits, influence policy, and strengthen the organisation’s security and compliance posture. Key Responsibilities Lead and enhance governance, risk, and compliance frameworks. Manage internal / external audits and risk assessments. Ensure compliance with PCI DSS, ISO 27001, GDPR, and NIST. Develop and improve policies, procedures, and vendor risk management. Support … incident response and promote a culture of security awareness. Experience & Skills Proven leadership in GRC or Information Security. Strong knowledge of ISO 27001, PCI DSS, GDPR, NIST. Experience managing audits and compliance programmes. Excellent communication and … stakeholder management. Hands-on technical understanding of security controls. Desirable: Certifications: CISM, CRISC, ISO 27001 Lead Auditor (or equivalent). Experience with cloud security (AWS / Azure) and enterprise-scale environments. Benefits Salary up to £75,000+ (DOE) Private healthcare, pension & income protection Life assurance & wellbeing support Cycle-to-work & EV schemes Career growth in More ❯

We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools. Your wellness: We care about your holistic wellbeing Your work / life blend: We know that work is just one aspect of your life - we want to help you create your ideal work / life blend, rather than squeezing … lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements.This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. You'll … security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR / Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management More ❯

the organisation’s security posture. You’ll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: • Lead threat detection, incident response, and vulnerability management activities • Strengthen cyber security posture across cloud, infrastructure, and applications • Provide … expert guidance to development teams on secure SDLC practices • Maintain compliance with ISO 27001 and Cyber Essentials Plus standards • Mentor junior … analysts and support SOC process development Key Skills & Experience: • Strong technical background in cyber security • Experience with application, cloud (AWS) , and infrastructure security • Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike • Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP • Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: * Lead threat detection, incident response, and vulnerability management activities * Strengthen cyber security posture across cloud, infrastructure, and applications * Provide … expert guidance to development teams on secure SDLC practices * Maintain compliance with ISO 27001 and Cyber Essentials Plus standards * Mentor junior … analysts and support SOC process development Key Skills & Experience: * Strong technical background in cyber security * Experience with application, cloud (AWS) , and infrastructure security * Proven hands-on experience with EDR / NDR tools , particularly CrowdStrike * Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP * Knowledge of ISO 27001 , Cyber Essentials , and general security More ❯

e.g., access management, change control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO22301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal, external audits and certification processes (e.g., ISO 27001, Cyber Essentials, ISO22301, etc.), acting as the primary point of contact. We'd love you to have Minimum 5 years of experience in second-line risk management or internal audit, with a strong focus on IT or Information Security. Experience in consultancy or professional services, with a proven ability to support complex transformation or change … preferred. Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes. Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CIS Controls, and regulatory requirements like GDPR. Proven ability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at More ❯

professional development and funded certifications (AWS, security, etc.). Work that makes a difference to how citizens access vital public services. Be part of a company that holds ISO 9001, ISO 27001, and Cyber Essentials Plus certifications. Key Responsibilities of the Infrastructure & Security Support Specialist: Supporting and maintaining the AWS infrastructure that powers live … Helping monitor security alerts and incidents — learning from experienced engineers. Supporting Docker-based web environments (nginx, WordPress, Drupal, MariaDB). Learning how to meet key government security standards (ISO 27001, Cyber Essentials Plus). What We’re Looking For: Commercial experience in IT support (1st Line, Service Desk, or similar) with a clear track record of More ❯

and deploy secure network architectures, including Firewalls, load balancers and network security groups via (IaC). Automation Continuous Improvement Develop, deploy and maintain Infrastructure-as-Code (IaC) (eg, Bicep / Terraform). Automate security configuration checks and remediation workflows. Continuously improve cloud security posture through proactive recommendations and tool integrations Monitoring Incident Response Configure and monitor cloud-native security … and Endpoint, AWS GuardDuty, WAF, SIEM solutions). Detect, investigate, and respond to security incidents, ensuring timely escalation and resolution. Governance, Risk Compliance Support compliance initiatives such as ISO 27001, SOC 2, and Cyber Essentials Plus by maintaining relevant controls and documentation. Assist with audit readiness and evidence gathering. Ensure data protection and encryption mechanisms meet … cloud security or related infrastructure security role. Strong understanding of Microsoft Azure, Defender for Cloud and Endpoint, WAF, SIEM solutions. Strong understanding on Infrastructure-as-Code (IaC) (inc, Bicep / Terraform). Understanding of modern DevOps and CI / CD pipelines (DevSecOps). Knowledge of compliance frameworks (ISO 27001, NIST, CIS Benchmarks) desirable Key More ❯

all times, behaviours in line with our values Ensure all work is carried out in line with company health and safety procedures and policies Ensure compliance with all ISO standard accreditations held by the business, including but not limited to Quality, Information Security and Environmental standards as set out in ISO 9001, ISO 27001 … ISO 14001 respectively Be prepared to work collaboratively, in a flexible way to assist colleagues and customers alike, in the delivery of our services to all Document / update systems with all information relevant to all our procedures, processes and policies Personal development– maintain and extend personal expertise in specific areas relevant to the requirements of the … role Provide feedback to the business on all perceived risks, issues and possible areas for improvement Additional Duties / Responsibilities This role will also include the following: Responding to client requests and actioning within SLA’s (Service Level Agreements) Administrating client device portfolio to customers’ requirements. Organising logistics of client devices Assisting to ensure device builds are completed utilising More ❯

and configure ServiceNow GRC modules including: Policy and Compliance Management Risk Management Vendor Risk Management Customize workflows, dashboards, and reporting structures to align with organizational governance frameworks (e.g., ISO 27001, COBIT). 2. Process Design & Optimization Translate business and compliance requirements into ServiceNow solutions. Develop automated controls, risk, and compliance tracking processes. Streamline manual governance and … leadership visibility. Provide actionable insights into key metrics such as control effectiveness, risk exposure, and policy compliance status. Skills & Qualifications: Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, COBIT). Proven expertise in ServiceNow platform administration and development, particularly GRC modules. In-depth knowledge of governance, risk, and regulatory compliance processes. Experience designing workflows More ❯

and configure ServiceNow GRC modules including: Policy and Compliance Management Risk Management Vendor Risk Management Customize workflows, dashboards, and reporting structures to align with organizational governance frameworks (e.g., ISO 27001, COBIT). 2. Process Design & Optimization Translate business and compliance requirements into ServiceNow solutions. Develop automated controls, risk, and compliance tracking processes. Streamline manual governance and … leadership visibility. Provide actionable insights into key metrics such as control effectiveness, risk exposure, and policy compliance status. Skills & Qualifications: Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, COBIT). Proven expertise in ServiceNow platform administration and development, particularly GRC modules. In-depth knowledge of governance, risk, and regulatory compliance processes. Experience designing workflows More ❯

and configure ServiceNow GRC modules including: Policy and Compliance Management Risk Management Vendor Risk Management Customize workflows, dashboards, and reporting structures to align with organizational governance frameworks (e.g., ISO 27001, COBIT). 2. Process Design & Optimization Translate business and compliance requirements into ServiceNow solutions. Develop automated controls, risk, and compliance tracking processes. Streamline manual governance and … leadership visibility. Provide actionable insights into key metrics such as control effectiveness, risk exposure, and policy compliance status. Skills & Qualifications: Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, COBIT). Proven expertise in ServiceNow platform administration and development, particularly GRC modules. In-depth knowledge of governance, risk, and regulatory compliance processes. Experience designing workflows More ❯

and configure ServiceNow GRC modules including: Policy and Compliance Management Risk Management Vendor Risk Management Customize workflows, dashboards, and reporting structures to align with organizational governance frameworks (e.g., ISO 27001, COBIT). 2. Process Design & Optimization Translate business and compliance requirements into ServiceNow solutions. Develop automated controls, risk, and compliance tracking processes. Streamline manual governance and … leadership visibility. Provide actionable insights into key metrics such as control effectiveness, risk exposure, and policy compliance status. Skills & Qualifications: Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, COBIT). Proven expertise in ServiceNow platform administration and development, particularly GRC modules. In-depth knowledge of governance, risk, and regulatory compliance processes. Experience designing workflows More ❯

and configure ServiceNow GRC modules including: Policy and Compliance Management Risk Management Vendor Risk Management Customize workflows, dashboards, and reporting structures to align with organizational governance frameworks (e.g., ISO 27001, COBIT). 2. Process Design & Optimization Translate business and compliance requirements into ServiceNow solutions. Develop automated controls, risk, and compliance tracking processes. Streamline manual governance and … leadership visibility. Provide actionable insights into key metrics such as control effectiveness, risk exposure, and policy compliance status. Skills & Qualifications: Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, COBIT). Proven expertise in ServiceNow platform administration and development, particularly GRC modules. In-depth knowledge of governance, risk, and regulatory compliance processes. Experience designing workflows More ❯

and configure ServiceNow GRC modules including: Policy and Compliance Management Risk Management Vendor Risk Management Customize workflows, dashboards, and reporting structures to align with organizational governance frameworks (e.g., ISO 27001, COBIT). 2. Process Design & Optimization Translate business and compliance requirements into ServiceNow solutions. Develop automated controls, risk, and compliance tracking processes. Streamline manual governance and … leadership visibility. Provide actionable insights into key metrics such as control effectiveness, risk exposure, and policy compliance status. Skills & Qualifications: Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, COBIT). Proven expertise in ServiceNow platform administration and development, particularly GRC modules. In-depth knowledge of governance, risk, and regulatory compliance processes. Experience designing workflows More ❯