1 to 25 of 1,164 ISO/IEC 27001 Jobs in the UK

Slack, Lastpass). Lead IT support for 100 employees across two remote locations. We are mostly Mac users with a handful of Windows machines. Ensure a smooth onboarding / offboarding process and resolving technical issues efficiently. Implement and maintain identity and access management (IAM) systems, including SSO and MFA. Evaluate and recommend new technology solutions to support company growth … Microsoft 365, and endpoint management tools (e.g., Jumpcloud). Strong understanding of network infrastructure, including firewalls, VPNs, and cloud-based networking solutions. Experience with IAM systems (e.g., Azure AD / Microsoft Entra) and security tools (e.g., endpoint protection, DLP, SIEM). Hands-on expertise with troubleshooting hardware, software, and SaaS issues. Security Knowledge: Familiarity with security frameworks and standards … such as SOC 2, ISO 27001, GDPR, or NIST. Experience with incident response and risk management. Knowledge of Zero Trust architectures and security-first IT practices. Soft Skills: Excellent problem-solving and communication skills. Ability to collaborate effectively with external partners, such as an MSP. Strong organisational and project management skills. A proactive, growth-oriented mindset More ❯

So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also … enhance IT controls, compliance with standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials … disability, veteran status, gender identity, sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling) that are currently employed by More ❯

infrastructure against emerging threats. Key Responsibilities: Monitor, detect, and respond to security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection / prevention systems (IDS / IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture … document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security … CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech sector. Knowledge of DevSecOps practices and secure CI / CD pipelines. Exposure to security automation and scripting (Python, PowerShell, etc.). In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. More ❯

Job title: SOC Tier 3 Analyst Will the role be 100% remote, hybrid or 100% office? Hybrid 3 days / week If the role is hybrid / office based specify location: Reading, UK Duration of assignment: 6 months contract InsideIR35 Role description: Seeking a highly experienced SOC L3 Analyst to strengthen our Security Operations Center. As a Tier … ISO 27001, GDPR, HIPAA). Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key skills / knowledge / experience: Bachelor's degree in computer science, Information Technology, Systems Engineering, or a related field. Experience: Minimum of [6-8] years of experience in cybersecurity, with … or threat hunting. Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection / response (EDR) tools. Technical Skills: Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. Expertise in analyzing and responding to threats More ❯

our security posture. Datacenter Security: Oversee the security of datacenter environments, including physical security, network segmentation, and access controls. Implement and manage security technologies such as firewalls, intrusion detection / prevention systems (IDS / IPS), and data encryption. Collaborate with datacenter operations teams to ensure the secure deployment and maintenance of infrastructure. Collaboration and Leadership: Work closely with … NIST, GDPR). Develop and enforce security policies, procedures, and guidelines. Conduct regular security audits and assessments to ensure adherence to security policies and standards. Knowledge Sharing / Documentation Contribute to, produce, and maintain processes, procedures, operational and architectural documentation, that meet CTO Standards. Change Control - Ensure compliance with processes and adherence to standards and documentation. Assist in training … equivalent. A master's degree is preferred. Relevant experience in network security, with experience in a senior or lead architect role. Extensive experience with cybersecurity technologies, including firewalls, IDS / IPS, VPNs, SIEM, and endpoint protection. Strong knowledge of datacenter security principles, including physical security, network segmentation, and virtualization security. Professional certifications such as CISSP, CISM, CCIE Security, or More ❯

and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … to simplify and automate complex processes and deliver highly secure, frictionless experiences across the customer lifecycle. To learn more, visit The responsibilities of the role include: Advocating for infrastructure / application Security and providing support for security projects. Competence in reviewing new technologies, methodologies and integration opportunities. Support in enhancing security detection and incident response efforts / playbooks. More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

Engineer , you will play a pivotal role in safeguarding our systems, networks, and data while ensuring compliance with industry-leading security certifications such as SOC 2, HIPAA, and ISO 27001. Your expertise will directly contribute to maintaining trust with our customers and securing their critical information assets. This role sits within the Platform Engineering Team and requires a … role, demonstrating strong knowledge of the threat landscape relevant to SaaS products, preferably in a data-heavy environment. Hands-on experience with security technologies such as firewalls, intrusion detection / prevention systems, SIEM, antivirus, encryption, and vulnerability assessment tools. You own relevant certifications (Security+, IAT II / III level or similar). You excel in risk assessments, vulnerability … security incidents. You have strong expertise in AWS and GCP, with experience in multi-region and hybrid cloud architectures; Azure is a plus. Excellent understanding of networking protocols, TCP / IP, and network security concepts. Strong programming / scripting skills (e.g., Python, Elixir) for automation and security tool integration. Strong analytical skills and the ability to use data More ❯

cyber threats, with a particular focus on Datacentre, 3GPP mobile network CORE and RAN environments. Key Responsibilities: Networking, Segmentation, Optimization and Maintenance Design, configure and implement highly scalable L2 / L3 networks using varieties of protocols and vendor equipment. Monitor network traffic and analyse security incidents to detect and respond to threats within mobile network environments. Diagnose and troubleshoot … to ensure timely restoration of critical network services. Design and implement network security solutions such as Policies, IPS, SSLVPN, IPSec VPN and security profiles using Next-Gen Firewalls (FortiGate / Palo-Alto). Develop and apply network segmentation strategies to strengthen security and safeguard sensitive information within the core network. Work closely with other teams to establish and enforce … with IT and engineering teams to integrate security measures into network architecture, including mobile network elements. Respond to security breaches and provide incident response and disaster recovery support. Qualifications / Skills: Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience). Master's degree in Cybersecurity or Networking is desirable. Proven experience More ❯

SOC 2, HIPAA, GDPR, etc. Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, and / or partners) Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation Ability to collaborate cross-functionally and influence stakeholders at all … Pride month office parties, sporting events, games nights and much more! We are committed to a hybrid working model, combining remote and office-based working. Discover more at https: / / www.heywood.co.uk / careers EDI statement As an equal opportunities’ employer, Heywood is committed to the equal treatment of all current and prospective employees and does not … We aspire to have a diverse and inclusive workplace and strongly encourage suitably qualified applicants from a wide range of backgrounds to apply and join Heywood. Legal stuff https: / / www.heywood.co.uk / privacy-notices#jobapplicantprivacynotice More ❯

Here at Action For Humanity (AFH), we are looking for Senior Architect / Architect - Information Security to join us at our International Office in Manchester. You will join us on a full-time basis and in return you will receive a competitive annual salary. AFH is an INGO that provides aid and assistance to people affected by natural and … to mobilise and respond to emergencies and critical needs through humanitarian, development and peace-building action, helping affected communities survive, recover and build a better future. The Senior Architect / Architect - Information Security will lead the design and implementation of security frameworks within a Microsoft-centric environment. The ideal candidate will have extensive hands-on experience in Microsoft … vendor security risks and ensure compliance with security policies. Support secure DevOps (DevSecOps) methodologies in IT and software development environments. What we are looking for in our Senior Architect / Architect - Information Security: Education Microsoft Certifications: Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900), Microsoft Certified: Azure Security Engineer Associate. Other security / More ❯

for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS / IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative … static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident … matters. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in More ❯

This job is brought to you by Jobs / Redefined, the UK's leading over-50s age inclusive jobs board. Sonata One is a rapidly scaling, regulated fund services and technology (fintech) business. We're The Private Funds Clearinghouse, connecting more than 53,000 investors with 6,500 funds and 180 fund managers around the globe. Our vision is … from a seamless, one & done experience across the fund lifecycle (from fund selection and subscription through to settlement and reporting) underpinned by a globally compliant KYC passport and 24 / 7 support. Fund managers can raise capital faster at a lower cost from a wider pool of pre-approved investors. Founded in 2015, Sonata One has a presence in … endpoint protection, DLP, etc.). Oversee the organization's incident response and business continuity plans, including simulations and real-time responses. Conduct regular security audits and work with internal / external auditors to support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements More ❯

time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response … capable of working effectively with diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / Relationship Management. You have excellent … or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

time. Responsibilities Implement security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response … capable of working effectively with diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / Relationship Management. You have excellent … or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for data protection compliance) Experience Requirements: 3-5+ years of … experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and regulators. Ability More ❯

help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and … roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS / NIS2, DORA, UK CNI / OT / IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance More ❯

a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection / prevention systems (IDS / IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security … certifications, such as Security+, IAT II / III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP / … social office in Shoreditch Deliveroo for working late in the office Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf More ❯

a security assurance co-ordinator (SAC). An understanding of MOD Secure by Design policy and process. Deep technical expertise in security technologies and solutions, including firewalls, intrusion detection / prevention systems (IDS / IPS), endpoint protection, encryption, identity and access management (IAM), and security information and event management (SIEM) systems. Strong understanding of security frameworks, standards, and … regulations, including ISO 27001, NIST Cybersecurity Framework, GDPR , NCSC Cyber Essentials Plus, with experience in implementing and maintaining compliance with these requirements. Excellent leadership and communication skills, with the ability to effectively communicate security-related concepts and risks to executive leadership, board members, and technical teams, and build consensus around security initiatives. Analytical mindset with strong More ❯

and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS / IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP). You will have an advantage if you also More ❯

level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise More ❯

level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise More ❯

level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … strategic platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise More ❯