risk registers. o Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating). o Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, andNIST frameworks. o Experience conducting or supporting security audits and implementing remediation plans. o Proficiency in assessing and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS More ❯
e.g. Entra ID, CyberArk, BeyondTrust). Hands-on with Azure AD/Entra ID , Conditional Access & Identity Protection. Understanding of OAuth2.0, SAML, OpenID Connect . Familiarity with ISO 27001, NIST CSF, CAF & GDPR . Experience leading or overseeing MSPs. Current SC clearance . Desirable: Knowledge of Microsoft Sentinel, Splunk, or Elastic SIEM . Experience in SOC build or cyber transformation More ❯
Strategic Thinking - able to translate technical risks into business outcomes and align security initiatives with client goals and budgets. Strong Governance Mindset - experienced in managing frameworks (Cyber Essentials, ISO27001, NIST) and embedding them into MSP operations and client environments. Risk Communication - skilled at presenting complex security issues clearly to non-technical stakeholders, both internally and at client leadership level. Technical … best practice, even when it means shifting established ways of working. Person Specification: Minimum 5+ years in IT security or MSP environment. Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience with patch/vulnerability management governance. Ability to communicate technical risks in business language. Proven ability to run client-facing reviews or presentations. Desirable CISSP, CISM, or equivalent More ❯
security strategy within our Managed Services environment. This is a strategic and hands-on leadership position - you'll oversee security governance, ensure compliance with leading frameworks (Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor translating … Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, andNIST . Ensure secure deployment and monitoring of core MSP systems (RMM, XDR, PSA, backup, etc.). Collaborate with service and project teams to embed security into delivery and change control. … senior stakeholders and enjoy leading teams and shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews . Desirable More ❯
strategic and hands-on activities, including policy creation, risk assessments, and technical oversight. The organisation operates in a highly regulated environment, so experience with frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001 is essential. Experience required: Proven expertise in Operational Technology (OT) security within ICS or critical infrastructure environments Ability to define and implement OT security strategies … policies, andstandards Strong knowledge of OT security frameworks - IEC 62443, NIST CSF, CAF, ISO 27001 Experience conducting OT risk assessments, gap analysis, and remediation planning Familiarity with OT networks, segmentation, and industrial protocols Experience working with engineering teams and MSPs Must be SC Cleared Please apply directly with a CV and if suitable we will be in touch to More ❯
