1 to 25 of 47 ISO/IEC 27001 Jobs in the South West

ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO / IEC 27001, NIST 800-30 / 53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. … Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-, and ISN 23 / 09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to both technical and … the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001 / 2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who can balance More ❯

Remote (working on UK time) Join Tempo Audits to shape the future of information security and AI auditing Got a passion for IT / information security and AI? Develop your skills and be trained up to become an information security and AI auditor at a fast-growing startup audit-body that is challenging the traditional players in the market. … with a belief that work should be enjoyable. We are UK-based, but willing to work with the right candidate in any location that can reasonably work on UK / EU timezone. You should apply if: You have a passion for technology, and specifically information security and AI (Nb you do not need to be a qualified information security … auditor already, provided you have IT and / or AI experience as set-out below) You're excited about working directly with the leadership team, and thrive on taking responsibility and growing You want to be part of a growth journey at a company You have excellent written and spoken English skills You have excellent communication and interpersonal skills More ❯

IT Security and Governance Manager, ISO27001, c £ 50000 - 60000+ benefits, nr Cheltenham, Gloucestershire. 3 days in the office, 2 days WFH Growing company are looking for an IT Security and Governance Manager who will co-ordinate all the governance and compliance including Certifications such ISO 27001, Cyber Essentials and NIST. You will support the ongoing production … and publication of Policies, Awareness and Risk across the business. These controls are provided in the Information Security Management system. Main responsibilities include - Manage the compliance Portal / Information Security Management System. Manage supplier engagements based on IT Security Certifications and to drive improvements where required. Manage the relevant Certifications. Primarily ISO 27001, Cyber Essentials … is a great chance to join a global company that is going through an exciting period of growth and expansion. If you have the required skills and experience around ISO27001 please send your CV for a full brief. This role is based in the Cheltenham / Gloucester area and requires 3 days a week in the office. Salary is More ❯

team , you will report to the Head of Cybersecurity and work within our specialist Cybersecurity Practice . In this role, you will provide cybersecurity assurance within a complex marine / defence engineering programme, supporting the development and delivery of cyber-resilient systems. This is a consultancy role focused on integrating cybersecurity into programme controls, technical assurance, and regulatory compliance. … in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. More ❯

team , you will report to the Head of Cybersecurity and work within our specialist Cybersecurity Practice . In this role, you will provide cybersecurity assurance within a complex marine / defence engineering programme, supporting the development and delivery of cyber-resilient systems. This is a consultancy role focused on integrating cybersecurity into programme controls, technical assurance, and regulatory compliance. … in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. More ❯

build and operate the Azure-based Internal Developer Platform as a product, enabling self-service environment provisioning and repeatable golden paths. Develop and maintain Infrastructure as Code (Terraform and / or Bicep) modules and reusable templates for AKS, networking, storage, databases, and app runtimes. Implement and evolve CI / CD pipelines (HL version control set) with quality gates … testing, security scanning, and progressive delivery. Introduce and run GitOps for Kubernetes (AKS preferred), patterns and multi-environment promotions. Own platform observability: metrics, logs and traces using Azure Monitor / Log Analytics / Application Insights, plus Datadog / Grafana where appropriate. Embed security by design: Azure Policy, Defender for Cloud, secrets management with Key Vault, SBOM and … image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs / SLOs, error budgets, capacity planning, chaos testing, incident response and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform enhancements. Implement cost visibility and optimisation (FinOps More ❯

principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001 / 2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and / or system development environments Effective communication and … space system architectures or satellite communications DevSecOps awareness or experience with security automation Benefits: Annual Company Bonus 25 Days holiday not including bank holidays with the option to buy / sell up to 5 days Competitive pension contribution Continuous professional development including incentives Access to online Udemy training facility Flexible working arrangements Bike to work scheme Electric car scheme More ❯

Security Engineer £40,000 - £50,000 | Poole, Dorset (Hybrid – 3 days / week in the office) You don’t just spot vulnerabilities, you close them before they become a problem. Whether it’s penetration testing, access controls, or a misconfigured firewall, you’ve got the mindset and the method to lock things down. You understand the bigger picture of … reduction not just ticking audit boxes. Protect the platform. Strengthen the business. What’s in it for you? Salary : £40,000 - £50,000 Location : Poole, Dorset (hybrid - 3 days / week in the office) Scope : Work across IT, application, cloud, and physical security, no siloed remits here Responsibility : Be the go-to person for penetration testing, compliance audits, and … with secure software development practices and working alongside dev teams Understanding of key frameworks like ISO 27001, PCI-DSS, and GDPR Bonus points for scripting / automation experience (PowerShell, Python, etc.) or exposure to tools like Keeper, Keycloak, or IAM A proactive mindset and excellent communication skills, being able to simplify security for non-technical More ❯

architecture and secure design Strong knowledge of security frameworks (ISO 27001, NIST, GDPR, OWASP, PCI) Experience in application, infrastructure, or enterprise architecture Familiarity with CI / CD and Continuous Security practices Solid understanding of network, web app, and cryptographic security Proven ability to coach and develop others Excellent communication and stakeholder engagement skills Eligibility Requirement … right next step for you, we'd love to hear from you. Please reach out to discuss the role in more detail or to express your interest. Reference: AMC / CLI / SARC #coli More ❯

experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS / IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. … Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or equivalent. Knowledge of ITIL processes and cyber governance frameworks. Experience with More ❯

infrastructure-as-code, you'll help us build, run, and scale with confidence. Key Responsibilities: Lead a collaborative team of infrastructure and DevOps engineers Build secure, scalable infrastructure (Windows / Linux, VMs, containers) Drive CI / CD, automation, and Infrastructure as Code practices Ensure compliance with NIST, NCSC, CIS, JSP, and ISO 27001 Oversee … in systems administration & automation Solid grasp of compliance frameworks (NIST, NCSC, JSP) Excellent communication and stakeholder management Tech Stack You'll Work With: OS: Windows Server, Hardened Linux Containers / Orchestration: Docker, Kubernetes, Portainer DevOps Tools: Jenkins, Artifactory, Jira, Azure DevOps Virtualization: Nutanix, VMware Security: Defender, Wazuh, Nessus, OPSWAT Monitoring: PRTG, Zabbix Access / Apps: Citrix Netscaler, KASM More ❯

authority and governance for the effective use of technical security controls across the firm Act as an escalation point for threat hunting and security incidents Investigate alerts from Azure / Defender, IT monitoring systems, and 3rd-party SOC, helping to ensure critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365 / Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC, Network segregation, remote access & wireless technologies Windows & KQL (MS Sentinel) scripting Cloud computing (IaaS, PaaS, SaaS More ❯

team, responsible for maintaining and optimising the organisation's on-premise infrastructure across the UK. You'll manage core services including Active Directory, Windows Server environments, storage systems (NAS / SAN), and virtualisation platforms. You'll also contribute to cloud migration projects and ensure compliance with security standards such as ISO 27001 and Cyber Essentials.This … Windows Server and Storage ITIL v4 Foundation certification Expertise in Windows Server (2016-2022), Active Directory, Azure AD, Group Policy, DNS, DHCP Experience with HPE Servers, Hyper-V, SCCM / SCVMM, and backup / DR solutions Strong scripting skills (PowerShell, CMD) and automation mindset Familiarity with networking fundamentals and monitoring tools (e.g., SolarWinds) Excellent documentation and communication skills More ❯

staff globally and offices in the UK, Sweden, Canada, and Australia, they are an IT company operating in 19 countries and listed on Nasdaq Stockholm. They are ISO 9001 and ISO 27001 certified, reflecting their commitment to quality and information security. Salary: £35,000£38,000 (dependent on experience) Bonus: Discretionary, based on company More ❯

IT / Technical Account Manager Salary: Up to £45,000 + Company Car or Car Allowance + Performance-Based Bonus Based in Frome About Them At my client, they are more than just a Managed Service Provider (MSP) - they are a dedicated partner in the success of their clients. They believe in the power of technology to revolutionise businesses … hybrid role encompasses account management, technical consultation, and strategic planning-offering a unique opportunity to influence how clients leverage technology to achieve their objectives. Key Responsibilities for the IT / Technical Account Manager Client Relationship Management: Cultivating and maintaining strong, lasting relationships with clients, serving as the primary point of contact. Technical Advisory: Leveraging an understanding of IT environments … to advise on strategy, infrastructure, and improvements, grounded in best practices (Cyber Essentials, ISO 27001, Microsoft 365). Quarterly Business Reviews: Leading meaningful QBRs to assess performance, uncover opportunities, and create a technology roadmap aligned with business objectives. Customer Success: Proactively identifying opportunities to enhance client businesses, recommending additional services that foster growth and security. Proposal More ❯

including firewalls, segmentation and secure remote access Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers More ❯

including firewalls, segmentation and secure remote access Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers More ❯

role. Strong knowledge of networking, operating systems, and security principles. Experience with SIEM (e.g., Sentinel) and EDR solutions. Working knowledge of Microsoft InTune. Understanding of security frameworks like ISO 27001 or NIST. Familiarity with data protection regulations such as GDPR. Excellent analytical and problem-solving abilities. Strong written and verbal communication skills. Benefits A competitive benefits More ❯

within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport More ❯

within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport More ❯

within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport More ❯

within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (eg NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport More ❯

engineering tools, including Apache Spark, Kafka, and Airflow. Strong understanding of data modelling, schema design, and data warehousing concepts. Familiarity with data governance, privacy, and compliance frameworks (e.g., GDPR, ISO27001). Hands-on experience with version control systems (e.g., Git) and infrastructure as code (e.g., Terraform, CloudFormation). Understanding of Agile methodologies and DevOps practices for data engineering Please be More ❯

in planning, coordinating, and tracking project milestones, as well as liaising with stakeholders and supporting the software development lifecycle. Key Responsibilities: Support the delivery of projects using hybrid Agile / Waterfall methodologies Assist in the development and execution of project plans Track project milestones, deliverable, and sprint progress in Azure DevOps Coordinate activities with internal teams and external stakeholders … systems Raise, track, and collaborate on resolving software defects Perform regression and functional testing aligned with project milestones Create test documentation and reports Conduct compliance auditing aligned with ISO 27001 Skills & Experience: 1-3 years of experience in project management or similar roles Good understanding of Agile and Waterfall methodologies Experience with project tools such as More ❯

in planning, coordinating, and tracking project milestones, as well as liaising with stakeholders and supporting the software development lifecycle. Key Responsibilities: Support the delivery of projects using hybrid Agile / Waterfall methodologies Assist in the development and execution of project plans Track project milestones, deliverables, and sprint progress in Azure DevOps Coordinate activities with internal teams and external stakeholders … systems Raise, track, and collaborate on resolving software defects Perform regression and functional testing aligned with project milestones Create test documentation and reports Conduct compliance auditing aligned with ISO 27001 Skills & Experience: 1-3 years of experience in project management or similar roles Good understanding of Agile and Waterfall methodologies Experience with project tools such as More ❯