1 to 25 of 849 ISO/IEC 27001 Jobs in the UK

Location: London / Greater London / Home-based with regular travel Reports To: Certification Manager / Head of Audit and Compliance Department: Information Security Certification About Us We are a UKAS-accredited certification body delivering independent audit and certification services across multiple management system standards, including ISO 9001, ISO 14001, and ISO … Lead Auditor based in or around London to join our expanding audit team. Youll lead and conduct Information Security Management System (ISMS) audits in line with ISO / IEC 27001:2022 , ISO 17021 , and UKAS requirements. Key Responsibilities Plan, conduct, and report Stage 1, Stage 2, surveillance, and recertification audits for … ISO 27001. Assess client ISMS implementations for conformity and effectiveness against ISO / IEC 27001:2022. Lead audits independently or as part of a multi-standard team (e.g. ISO 9001, ISO 22301, ISO 27701). Produce clear, objective audit reports with evidence-based findings and More ❯

Objectives & Outcomes Define and socialise target state architectures across Azure / AWS / GCP (networking, identity, landing zones, operations). Deliver reference architectures and reusable patterns for containerised, serverless, and data workloads. Establish / extend Cloud Landing Zones (policy, guardrails, RBAC, tagging, network segmentation). Lead migration and modernisation (re‐host / re‐platform / re‐factor) for priority applications. Implement IaC at scale (Terraform preferred; standard modules; pipelines). Build observability (logs, metrics, traces, SLOs) and resilience (HA, DR, RTO / RPO). Drive FinOps —cost transparency, budgets, showback / chargeback, right‐sizing. Embed security‐by‐design and compliance (CIS, NIST, ISO 27001, FCA / NHS … / PCI as applicable). Key Responsibilities Architecture & Design Produce HLDs / LLDs, diagrams, ADRs, non‐functional requirements, and traceability to business goals. Select and justify cloud services (compute, storage, data, AI / ML, integration). Define multi‐cloud connectivity (hub‐and‐spoke, transit gateways, ExpressRoute / Direct Connect / Cloud Interconnect, SD‐WAN). More ❯

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

security certifications, audits, and assurance standards for a leading Security Operations Centre (SOC) environment. This role will focus on delivering and maintaining key certifications such as ISO / IEC 27001 , SOC 2 Type II , Cyber Essentials Plus , and CREST SOC accreditation , as well as supporting sector-specific frameworks including PCI DSS and NCSC … CIR / CHECK . The ideal candidate will have a strong background in cybersecurity assurance , experience engaging with external auditors and customers , and a proactive approach to maintaining compliance and continuous improvement within a global SOC function. Key Responsibilities Certification Delivery & Maintenance Lead the delivery and ongoing maintenance of SOC-related certifications including SOC 2 Type II , SOC … ISO / IEC 27001 , Cyber Essentials Plus , and CREST . Manage sector-specific compliance such as PCI DSS and NCSC CIR / CHECK . Ensure timely renewals and proactively address compliance gaps. Security Assurance for SOC Operations Integrate certification and assurance requirements into SOC governance, processes, and operations. Maintain evidence collection and More ❯

and leading high-performing technical presales or sales engineering teams Broad technical foundation across areas such as cloud infrastructure, security and compliance, APIs, integrations, and modern approaches to AI / ML Demonstrated success in supporting large enterprise opportunities, from proof-of-value through to close This company values a top academic history so are looking for a 2.1 or … on with critical opportunities Responsibilities for Technical Presales Team Leader You will start leading a team of 4 Junior Pre-Sales Engineers in a role with an 80% sales / 20% solutions engineering split supporting how the software is integrated with customers: Lead, mentor, and grow a team of Tech Sales Specialists and Solutions Engineers Define best practices, playbooks … SaaS Integrations / APIs / Security / Compliance / AWS / Azure / GCP / NLP / ML / ISO27001 / SOC2 / GDPR More ❯

and leading high-performing technical presales or sales engineering teams Broad technical foundation across areas such as cloud infrastructure, security and compliance, APIs, integrations, and modern approaches to AI / ML Demonstrated success in supporting large enterprise opportunities, from proof-of-value through to close This company values a top academic history so are looking for a 2.1 or … on with critical opportunities Responsibilities for Technical Presales Team Leader You will start leading a team of 4 Junior Pre-Sales Engineers in a role with an 80% sales / 20% solutions engineering split supporting how the software is integrated with customers: Lead, mentor, and grow a team of Tech Sales Specialists and Solutions Engineers Define best practices, playbooks … SaaS Integrations / APIs / Security / Compliance / AWS / Azure / GCP / NLP / ML / ISO27001 / SOC2 / GDPR More ❯

and leading high-performing technical presales or sales engineering teams Broad technical foundation across areas such as cloud infrastructure, security and compliance, APIs, integrations, and modern approaches to AI / ML Demonstrated success in supporting large enterprise opportunities, from proof-of-value through to close This company values a top academic history so are looking for a 2.1 or … on with critical opportunities Responsibilities for Technical Presales Team Leader You will start leading a team of 4 Junior Pre-Sales Engineers in a role with an 80% sales / 20% solutions engineering split supporting how the software is integrated with customers: Lead, mentor, and grow a team of Tech Sales Specialists and Solutions Engineers Define best practices, playbooks … SaaS Integrations / APIs / Security / Compliance / AWS / Azure / GCP / NLP / ML / ISO27001 / SOC2 / GDPR More ❯

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information More ❯

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

a current opportunity for a Senior InfoSec Advisor (IRM Manager) on a 12 month PAYE contract basis. The position will be based in Aberdeen and will have a 3 / 2 hybrid working pattern Key ResponsibilitiesRisk Assessment & Secure by Design Perform structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and … for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF / ISO 27001 and company standards. Define and agree control selection (prevent / detect / correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs to validate design and operating effectiveness; document evidence and issues. LOD2 … systems; define test scopes, frequency and metrics. Track high-risk deviations and risk acceptances; drive remediation and report residual risk to the CISO, CIO and business risk owners. OT / ICS Security Own the LOD2 assurance plan across OT sites against the OT security standard, deciding the order and frequency of assessments aligned to risk and risk appetite. Provide More ❯

Looking for a strong Network Security professional responsible for Designing / Architecting / Implementing / Maintaining enterprise Network Security Infrastructure. Location: Warwick / Wokingham Mode: Hybrid (3-days work from Office) Experience Required: 8–10 Years Must Have / Mandatory Skills Palo Alto Networks – Firewalls (MUST) Network Security Architecture IAM, MFA, AAA, RBAC, Privilege Access … Cloud Security (OCI / Azure / AWS) SIEM / Vulnerability Management / PKI / Cryptography LAN / WAN / DMZ / Routing / Switching / Subnetting Key Responsibilities Design / Architect network security infra solutions like Firewalls, IDPS, Proxy, Load Balancers, VPN, WAF Build and optimize firewall policies + … network access controls Ensure compliance alignment (GDPR / PCI DSS / HIPAA etc.) Perform regular audits + risk assessments, close compliance gaps Evaluate / Recommend new security tools & methodologies Monitor network traffic & identify operational security threats Work closely with Network, Infra, Cloud & Engineering teams Communicate complex technical security topics to non-technical audience Provide guidance / More ❯

communication while driving compliance excellence, this opportunity is for you! What We're Looking For: Qualifications and Experience: Proven experience delivering and managing cybersecurity certifications (e.g., ISO / IEC 27001, SOC2 Type II, Cyber Essentials Plus, CREST). A strong understanding of SOC operations and security assurance frameworks. Experience engaging with customers during … audits and RFP / RFI processes, showcasing security-driven solutions. Familiarity with regulatory frameworks such as NIST CSF, GDPR, and UK NCSC guidance. Experience liaising with external auditors and certification bodies. Skills: Exceptional documentation and evidence collection capabilities. Strong communication skills to articulate technical assurance challenges to leadership and customers. Analytical and detail-oriented with a systematic approach to … Superb collaboration and stakeholder management abilities. Highly organised, able to manage multiple certifications and assurance projects simultaneously. Key Responsibilities Certification Leadership: Deliver and maintaincertifications such as ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST accreditation. Manage sector-specific frameworks, like PCI DSS for payment card data and NCSC More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About … the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant … audit readiness, evidence gathering, and control implementation. Excellent attention to detail, analytical thinking, and confident stakeholder communication. Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP / E, GDPR Practitioner, CISM, or CISA. Why Apply? Join a modern, compliance-driven business where security and governance are at the heart of operations. Visible More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

Cyber Security Architect £60,000–£70,000 + bonus + excellent pension Hybrid | Coventry (3 days / week on average) We’re partnering with a leading UK utility provider to hire a Cyber Security Architect who’ll set the standard for “secure by design” across major change, safeguarding critical national infrastructure and millions of customers. The impact you’ll … make Lead security architecture across multiple programmes / Agile Release Trains; shape option reviews and high-level designs that deliver proportionate, effective controls. Act as Product Owner for a flagship cyber programme — owning epics / features, prioritisation and roadmaps to outcomes. Govern security by design, ensure compliance (ISO 27001, PCI DSS, GDPR / … and align to enterprise security strategy. Advise senior stakeholders; collaborate across architecture, engineering and suppliers to land pragmatic, secure solutions. What you’ll bring 5–10 years in technical / information security with 3–5 years in security architecture. Strong coverage across IAM / PAM, endpoint / EDR, network, O365 / email, app & cloud (Azure / More ❯

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies—balancing exceptional user experience with enterprise-grade security. We operate under an ISO / IEC 27001-certified ISMS and an ITIL-aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … and infrastructure as a code practice. Key Responsibilities Design, deploy (IaC), and manage cloud networking solutions across Azure and AWS including, but not limited to, private hosted environment (VPC / Vnet), private connectivity (endpoint, VPN services, etc.) Physical / Virtual / WebApp Firewalls for access controls, and threat detection. Automate provisioning and configuration using Terraform, Ansible, Azure … solutions. Escalation points for connectivity issues with cloud systems and resources. Monitor and optimise performance across hybrid, cross-tenancy, and multi-cloud environments. Implement observability tooling. Ensure compliance with ISO27001 standards, Zero Trust principles, and Well-Architected Frameworks. Maintain accurate documentation and mentor junior engineers. This role gives you the opportunity to deliver secure, modern cloud infrastructure on projects with More ❯

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies—balancing exceptional user experience with enterprise-grade security. We operate under an ISO / IEC 27001-certified ISMS and an ITIL-aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … and infrastructure as a code practice. Key Responsibilities Design, deploy (IaC), and manage cloud networking solutions across Azure and AWS including, but not limited to, private hosted environment (VPC / Vnet), private connectivity (endpoint, VPN services, etc.) Physical / Virtual / WebApp Firewalls for access controls, and threat detection. Automate provisioning and configuration using Terraform, Ansible, Azure … solutions. Escalation points for connectivity issues with cloud systems and resources. Monitor and optimise performance across hybrid, cross-tenancy, and multi-cloud environments. Implement observability tooling. Ensure compliance with ISO27001 standards, Zero Trust principles, and Well-Architected Frameworks. Maintain accurate documentation and mentor junior engineers. This role gives you the opportunity to deliver secure, modern cloud infrastructure on projects with More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / uk.linkedin.com / company / ryder-reid-legal More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / uk.linkedin.com / company / ryder-reid-legal More ❯

operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and / … organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security … Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001 / 2, PCI, CIS 18, CMMC Principal Cloud Security: 4+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards Hands-on experience with a More ❯

ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO / IEC 27001, NIST 800-30 / 53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. … Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138 / 05-139, and ISN 23 / 09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation … the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001 / 2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities — able to assess complex data and provide actionable insights. A collaborative communicator who can balance More ❯

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies, balancing exceptional user experience with enterprise grade security. We operate under an ISO / IEC 27001 certified ISMS and an ITIL aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … plans, schedules, and resource models. Oversee functional, regression, integration, UAT, and performance testing. Manage test environments, data, automation frameworks, and tooling. Ensure coverage across EUC technologies including Windows 10 / 11, Microsoft 365, collaboration tools, and VDI platforms. Lead defect management, triage, and resolution processes. Provide clear reporting on test progress, risks, and issues to senior stakeholders. Ensure compliance … with ISO / IEC 27001, IT governance, and change management processes. Drive continuous improvement of testing methods, automation, and processes. This is a leadership role with real visibility, ensuring that secure, user-centric solutions are delivered consistently and effectively. What We’re Looking For We would love to hear from you if you More ❯