16 of 16 ISO/IEC 27001 Jobs in Reading

Their current need sits within the energy sector and is for a EMEA-wide IT management system. The main responsibilities will be to support their client in maintaining ISO 27001 certification, and be compliant … with DORA, NIS 2, GDPR, etc. Requirements: ISO 27001 Lead Implementer or Auditor certification Strong knowledge of frameworks like ISO 27001 / 27002, CAF, eCAF, NIST, GDPR Client and stakeholder management The client is looking for someone with direct experience with utility providers or experience working with providers via Third-Party More ❯

Birmingham, Bristol, Manchester, Reading, St Albans Business Line Enabling Functions Job Type Permanent / FTC Date published 07-Aug-2025 19967 Connect to your Industry Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can … experience Required Qualifications: Bachelor's degree (or equivalent) in cybersecurity, information systems, computer science, or other technology-related field, or equivalent experience Proven combined experience in the information security / cybersecurity domain, with a focus on policies and standards, or cybersecurity governance and risk management Strong ability to clearly communicate complex cybersecurity statements to technical and non-technical audiences … at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO / IEC 27001 / 27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel More ❯

integral to day-to-day operations. Expereince : Essential Prior experience in cybersecurity, risk management, compliance, or governance. Strong understanding of regulatory requirements, security frameworks, and standards such as ISO 27001, NIST CSF, CIS, and SOC 2. Hands-on experience with ISO 27001 … implementation and audit readiness. Experience supporting SOC 2 readiness and evidence collection. Proficient with risk assessment methodologies and control frameworks to evaluate and mitigate risks, including third-party / vendor risk assessments. Experience supporting internal and external audits. Skilled in developing and maintaining security policies, processes, and controls. Relevant industry certifications such as Security+, ISO 27001 More ❯

now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer - Responsibility: Carry out daily security engineering / operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make … recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application / web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer - Skills: Experience in Security Engineering, Network Security, and / … protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA / CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants More ❯

including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and / or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders … up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us who we … our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who can influence More ❯

management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and … practices, while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems More ❯

computing. You have Excellent experience in cyber security and in particular IT and OT cyber security and risk management and strong understanding of cyber security frameworks (e.g., NIST, ISO 27001, IEC 62443, CIS Controls) and NIS Regulations. In-depth understanding of cyber security products, services, systems and solutions and exposure to multiple, diverse technologies … and analytics, cyber security and more. Flexible benefits to fit your life Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24 / 7 counselling service. Interest-free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. As well as generous family entitlements such More ❯

role is key in building and improving Primark's Cyber Security posture. Duties & Responsibilities Actively progress and improve Primark's cyber security posture with the delivery of agreed projects / initiatives aligned with industry best practice. Ensure project deliverables are aligned with the Cyber Roadmap with outcomes directly addressing strategic objectives / maturity gaps / audit points. … Advise and lead on solutions with our internal teams / outsourced partners, having a 'hands on approach' including the construction of business cases and contractual arrangements. Have a metric based approach with a structure to enable auditing and managing vendor performance. Coordinating resources, preparing delivery teams for kick-off and ensure effective completion of milestones, controlling scope and mitigating … defining, developing and managing implementation schedules Maintaining a roadmap of future initiatives, that effectively facilitates the prioritisation of delivery plans. Ensuring an ongoing focus on delivering the required quality / value for money and compliance with published standards and guidelines. Co-ordinates cross-functional team members, identifies resources needed, assigns and prioritises tasks / responsibilities and ensures deadlines More ❯

threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into CI / CD pipelines Monitor and respond to security incidents, coordinating investigation and remediation efforts Drive security automation and infrastructure-as-code initiatives Support compliance efforts (ISO 27001 … understanding of networking, identity & access management, and encryption technologies Hands-on experience with tools like Terraform, Kubernetes, SIEM platforms, and security scanners Familiarity with DevSecOps practices and modern CI / CD pipelines Strong scripting or coding skills (e.g., Python, Bash, or PowerShell) Excellent problem-solving, communication, and stakeholder engagement skills Nice to Have Security certifications (e.g., CISSP, AWS Security More ❯

and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving … to work every day. And you'll never stop growing, whatever your level . Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk / careers More ❯

data platforms. Perform threat modelling, architecture reviews, and propose mitigation strategies. Ensure alignment with European regulatory standards (e.g., GDPR, PSD2, DORA, NIS2). Embed DevSecOps into SDLC and CI / CD pipelines using IaC and automation tools. Drive adoption of Zero Trust principles, secure APIs, container security, and logging strategies. What Were Looking For 15+ years in Information Security … years of hands-on cloud security experience (AWS, Azure, or GCP multi-cloud preferred). In-depth understanding of financial services compliance requirements and frameworks (e.g., NIST CSF, ISO 27001, CSA CCM, PCI DSS). Expert-level knowledge of IAM, network security, encryption, API and application security, container security, and SIEM strategies. Proven leadership in DevSecOps More ❯

Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to have / bring: Experience working in a regulated environment. Experience within the water utility industry or large, complex critical national infrastructure. Experience in internal audit, external audit, or assurance functions related … to IT or cybersecurity. Professional certifications such as CISA, CISSP, CRISC, or ISO 27001 Lead Auditor are advantageous. What's in it for you? Competitive salary: up to £78,000 per annum depending on experience Annual Leave - 26 days holiday per year, increasing to 30 with the length of service (plus bank holidays) Performance-related pay More ❯

business needs. Investigate newly identified cybersecurity vulnerabilities and provide appropriate mitigation actions. Liaise and coordinate with technology and business stakeholders in relation to cybersecurity patching and vulnerability management issues / actions. Maintain a cyber threat assessment methodology, align to evolving industry standards and integrate into BAU and project-based business processes. Support with proactive threat hunting for new and … emerging cyber threats. Develop and maintain dashboards with cybersecurity threat and vulnerability metrics. Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001. Base location - Hybrid - Clearwater Court Reading. Working pattern - 36 hours Monday to Friday. What you should bring to the role Strong knowledge of manual penetration testing techniques and … years of experience in a penetration testing enterprise environment. Prepare detailed reports and the ability to present findings to key stakeholders. Cyber security industry certification(s) such as CSTM / CRT / OSCP / CTL. Understanding of different patching management techniques and approaches for different technology stacks (e.g. SaaS, IaaS, End-User Computing, Server Estate, etc.). More ❯

support smarter, faster decision-making at every level of the firm. With a small but growing team, we're looking for someone ready to wear multiple hats-from business / data analysis to solution design, implementation, and testing. The core foundation is in place-now we need someone to help operationalise and scale it, turning potential into business value. … SQL queries and stored procedures, and formal database design methodologies. Experience in setting up monitoring and data quality exception handling. Strong data modelling experience. Experience managing and developing CI / CD pipelines. Experience with Microsoft Azure products and services, and proficiency in ETL processes. Experience of working with APIs to integrate data flows between disparate cloud systems. Strong analytical … Experience in semi / fully unstructured datasets and NoSQL environments Awareness of working in a regulated environment, with experience of data legislation and cyber security accreditations e.g., GDPR, ISO27001, Cyber Essentials. Expertise in Business Intelligence, ideally via Power BI for data visualization and reporting Use of DevOps (CI / CD) concepts to test, schedule, and deploy to a More ❯

like the kind of challenge you ve been waiting for, we d love to hear from you. The Role at a Glance: Product Marketing Specialist Uxbridge, West London HQ / Hybrid Working - Minimum of 4 days a month in the office £40,000 - £55,000 Plus Company Bonus and Benefits Permanent - Full Time Hours: Monday to Friday, 9am to … benefits and propositions • Highly efficient, organised, and able to meet deadlines • Exceptional attention to detail Nice to have: • Degree in marketing or computer science • Knowledge of Cloud Unified Communications / Contact Centre solutions • Proven track record in creating demand generation content and sales resources • Experience in roles requiring deep understanding of complex products • Confident in delivering benefits-led presentations … equal opportunities employer, pride themselves on their already diverse workforce and they are committed to equal employment opportunities. If you have a disability or support need and require adjustments / support to allow you to apply for this role or attend the interviews, please let us know as soon as possible and they will do everything possible to accommodate More ❯

like the kind of challenge you've been waiting for, we'd love to hear from you. The Role at a Glance: Product Marketing Specialist Uxbridge, West London HQ / Hybrid Working - Minimum of 4 days a month in the office £40,000 - £55,000 Plus Company Bonus and Benefits Permanent - Full Time Hours: Monday to Friday, 9am to … benefits and propositions • Highly efficient, organised, and able to meet deadlines • Exceptional attention to detail Nice to have: • Degree in marketing or computer science • Knowledge of Cloud Unified Communications / Contact Centre solutions • Proven track record in creating demand generation content and sales resources • Experience in roles requiring deep understanding of complex products • Confident in delivering benefits-led presentations … equal opportunities employer, pride themselves on their already diverse workforce and they are committed to equal employment opportunities. If you have a disability or support need and require adjustments / support to allow you to apply for this role or attend the interviews, please let us know as soon as possible and they will do everything possible to accommodate More ❯