1 to 25 of 935 ISO/IEC 27001 Jobs in the UK

to skills typically aligned to other role types. You will have a high level of input in defining which additional skills you can develop. < / iframe>< / p> < / p> Working Style< / strong> < / p> This role will be carried out in-line with … expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office.< / strong>< / p> The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working … arrangements with the recruiting manager to agree a reasonable balance between working from home and the office.< / p> < / div> < / p> < / div> < / div> Job description< / h3> < / p> Main duties consist of but are not limited to:< / More ❯

Arabia, UAE, Bahrain, and Qatar within the GCC region. We are seeking a candidate to serve as a Lead Auditor for ISO / IEC 27001, ISO / IEC 20000-1, ISO 22301, and ISO … related field, with a postgraduate degree in Information Technology. At least 4 years of experience in information security. Relevant experience with ISO / IEC 27001 and ISO / IEC 20000-1 standards. Auditing experience for these standards is … preferred. Experience in business continuity management systems is a plus. Completion of Lead Auditor courses for ISO / IEC 27001 and ISO / IEC 20000-1 is desirable. Strong communication skills and proficiency in English. Willingness to travel More ❯

GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO Information Security Analyst Liverpool City Centre … keen eye for detail. A proactive mindset and willingness to learn and grow in the role. Benefits: 25 days holiday + BH Enhanced maternity / paternity packages Employee wellbeing support including counselling sessions and CBT programmes Company pension and life assurance Recognition and reward platform, regular socials, and long … service awards Important Notes: Sponsorship isn’t available GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO More ❯

GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO Senior Information Security Analyst (FTC … company offers a supportive, inclusive environment where personal development and employee wellbeing are a top priority. Benefits include: 25 days holiday +BH Generous paternity / maternity leave policies Life assurance and pension scheme Flexible benefits pot and early access to earned pay Regular company-wide recognition programmes and team … events Important to Know: Sponsorship is not available at this time. GRC / Governance / Risk / Compliance / Information Security / Infosec / ISO GRC / Governance / Risk / Compliance / Information Security / Infosec More ❯

the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. More ❯

the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. More ❯

compliance effectiveness, you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: - ISO / IEC 27001:2022 - NIST Cybersecurity Framework - PCI-DSS 4.0.1 - UK GDPR, NIS2 Directive, CAP1753, and related sector obligations . This … their ongoing security posture meets Virgin Atlantic requirements Conduct internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements Support internal / external audits, evidence readiness, and corrective action tracking Maintain the policy and control framework, identifying non-compliance and advising on remediation or risk acceptance … and reliable protective security measures to effectively limit opportunities for attackers to compromise networks and systems is incorporated in project design. About you CRISC / CISA / CISM certification through ISACA or an equivalent professional body. ISO 27001 Lead Implementer / Auditor certification More ❯

compliance effectiveness, you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: ISO / IEC 27001:2022 NIST Cybersecurity Framework PCI-DSS 4.0.1 UK GDPR, NIS2 Directive, CAP1753, and related sector obligations This makes … their ongoing security posture meets Virgin Atlantic requirements. Conducts internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements. Supports internal / external audits, evidence readiness, and corrective action tracking. Maintains the policy and control framework, identifying non-compliance and advising on remediation or risk acceptance. … and reliable protective security measures are incorporated in project design to effectively limit opportunities for attackers to compromise networks and systems. About you CRISC / CISA / CISM certification through ISACA or an equivalent professional body. ISO 27001 Lead Implementer / Auditor certification. More ❯

. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote. Close Date: 25 / 03 / 2025 We also provide the following additional benefits: Reservist Leave - Additional 18 days full pay and 22 unpaid. Personal Pension Plan … Information Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO 27001 / 27002 including the governance forum agenda and minutes. Policies and Standards: Establish GRC policies, standards and procedures to monitor UKPN information security controls, exceptions … standards. We are looking for a detailed knowledge and practical expertise in at least 3 of the following specialist areas: Specific Industry Standards. IS / IT Operational Controls and Governance. Business Continuity Planning and Disaster Recovery. Supply Chain and 3rd Party Risk Management. Problem Solving: The role must have More ❯

Managing Consultant - IAM / PAM Managing Consultant - IAM / PAM Location: Global role - UK based - Manchester, London Or Cheltenham Role Purpose: NCC Group are investing in expanding our digital identity service line, to grow and expand capabilities, offerings and propositions. This new global practice will focus on three … Management (AM) and Customer Identity (CIAM). The opportunity is for an IAM technical consultant with hands-on technical experience, performing as an engineer / developer to support large-scale IAM deployments, supporting the implementation of identity lifecycle management, access governance and / or privileged access. The role … the service line leader. Summary: This is a fantastic new opportunity to join our Global IAM team. The ideal candidate will have previous IAM / PAM engineering and development experience and exposure gained from delivering complex IAM engagements, ideally across a broad client base. In addition to your technical More ❯

and business leadership to ensure seamless program execution and operational buy-in. Lead program governance and execution frameworks, including risk assessment, remediation planning, KPI / OKR reporting, and change control processes. Ensure cybersecurity controls and program components align with leading industry frameworks (e.g., ISO / IEC … regulatory compliance Fluency in German and English (written and spoken) is required Deep knowledge of security frameworks and methodologies (e.g., NIST, ISO / IEC 27001, CIS Controls, BSI, MITRE ATT&CK) Demonstrated ability to lead cross-functional teams and manage large-scale cybersecurity … initiatives Relevant certifications such as PMP, CISM, CISSP, ISO 27001 Lead Implementer / Auditor are highly desirable Bachelor's or Master’s degree in Cybersecurity, Information Systems, Engineering, or related field Understanding of cloud platforms (e.g., AWS, Azure, GCP) and modern enterprise IT environments is More ❯

Cyber Security Architect SC or DV Cleared (DV Eligible) £65,000 – £95,000 DOE + Excellent Benefits London (Hybrid) Secure Government Projects DevSecOps / SIEM / ISO 27001 / Azure / CISSP Permanent Apply by emailing luke.parry@searchability.com Are you a Cyber … implementing secure architectures across complex environments Leading technical teams and advising on security controls and risk management Shaping cloud and DevSecOps security strategies (AWS / Azure / GCP) Supporting accreditation and compliance with security frameworks (ISO 27001, NIST, JSP 440, Secure by Design) What … role: Strong experience in a Security Architecture role Knowledge of frameworks such as ISO 27001, NIST, CIS Familiarity with TOGAF / SABSA methodology Understanding of SIEM, firewalls, IDS / IPS, vulnerability management Cloud security expertise – AWS, Azure, or Google Cloud DevSecOps knowledge, CI / More ❯

Cyber Security Architect SC or DV Cleared (DV Eligible) £65,000 – £95,000 DOE + Excellent Benefits London (Hybrid) Secure Government Projects DevSecOps / SIEM / ISO 27001 / Azure / CISSP Permanent Apply by emailing luke.parry@searchability.com Are you a Cyber … implementing secure architectures across complex environments Leading technical teams and advising on security controls and risk management Shaping cloud and DevSecOps security strategies (AWS / Azure / GCP) Supporting accreditation and compliance with security frameworks (ISO 27001, NIST, JSP 440, Secure by Design) What … role: Strong experience in a Security Architecture role Knowledge of frameworks such as ISO 27001, NIST, CIS Familiarity with TOGAF / SABSA methodology Understanding of SIEM, firewalls, IDS / IPS, vulnerability management Cloud security expertise – AWS, Azure, or Google Cloud DevSecOps knowledge, CI / More ❯

and clinicians to develop and implement exciting data analysis projects to personalise the treatment of patients. For more information on the work see https: / / data.bartshealth.nhs.uk / The successful candidate will have:o Extensive experience of working with cloud services ideally within the NHS, academia or … tasks and responsibilities of the role, and the person specification outlines the qualifications, skills, experience, and knowledgerequired. For both documents, please view the attachment / s below. *Previous applicants are not required to re-apply* Person Specification Experience Essential Substantial experience in leading the analysis of different complex technical … / architectural solutions (e.g., cost, time, complexity, suitability, usability, etc.), around unique cloud deployments and selecting an option that is aligned with the agreed policy and strategy. Experience in communicating complex technical solutions relating to securing sensitive patient data to users undertaking difficult data analysis tasks Experience in adapting More ❯

Compliance Consultant, you have solid consulting, technology management, or service operations experience in the field of cyber security. You have experience in the design / implementation in multiple areas of cyber security, such as identity and access management, infrastructure security, data security, application security, or incident detection and response. … related to security. - Experience in cyber security design and implementation in one or more of the following areas (application security, identity and access management / data protection / infrastructure security such as networks / logging and monitoring, incident detection and response). - Business level Korean reading, document … such as CISSP, CISA, CISM, or CCSP - Implementation experience in one or more of the following: Next Generation Firewalls, Web Application Firewalls, Intrusion Detection / Prevention, Incident Response, and Security Information and Event Management (SIEM), Identify and Access Management (IAM) controls. - Implementation experience with compliance frameworks such as NIST More ❯

the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the OnSpring GRC Tool and can effectively assess and communicate technical security requirements to teams across the … and other business leadership teams to drive a culture of risk awareness. Ensure that all security risks align with regulatory requirements such as ISO 27001, NIST, GDPR, and other international security frameworks. Provide oversight and work closely with risk owners to manage the development and implementation … insights to executive leadership and board members. Relevant senior security certifications (e.g., CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer / Auditor) are highly desirable. More ❯

years+ experience leading Cyber Security Defense and Operations teams. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Hold an industry recognised information security qualification such as GIAC / GCIA / GCIH, CISSP or CompTIA Advanced Security Practitioner … CASP+) and / or SIEM-specific training and certification. An understanding and knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Practical experience of incident response More ❯

You can find out more about us at www.nettitude.com. If you want to review our research and tooling, then head on over to https: / / labs.nettitude.com The role We are looking for a QSA to join our GRC team in the UK. This role is home-based … and NIST CSF ISO 27001 gap analyses Helping our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification Conducting risk assessments Creating or supporting third-party risk management and audit programmes Essential skills and experience: Be a current QSA who has completed … Cyber Essentials Perform ISO 27001 gap analyses Help our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification PCI DSS consultancy and gap analyses Assistance in implementing PCI DSS requirements such as policy writing Complete on-site assessments and reports on compliance More ❯

and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance (e.g. ISO / IEC 27001 and SOC 2 certification). What you'll be doing Develop, implement and monitor a strategic, comprehensive enterprise … a combination of risk management, information security and IT jobs. Knowledge of common regulatory and information security management frameworks, such as ISO / IEC 27001, NIST, SOC 2 and GDPR. Excellent written and verbal communication skills and high level of personal integrity. Innovative More ❯

a regulated industry. Experience of producing written commentaries and materials for different audiences. Good communication and advocacy skills. Essential technical knowledge Knowledge of ISO 27001 & ISO 27031 and equivalent standards and how they are applied to Disaster Recovery and IT Resilience processes. Understanding of … on your application form: Communicating and Influencing Technical skills We'll assess you against these technical skills during the selection process: Knowledge of ISO 27001 & ISO 27031 and equivalent standards and how they are applied to Disaster Recovery and IT Resilience processes. Understanding of … the Person Specification. We would recommend using the STAR method. A 250 word statement for each of the selected technical skills: Knowledge of ISO 27001 & ISO 27031 and equivalent standards and how they are applied to Disaster Recovery and IT Resilience processes. Understanding of More ❯

engineering and development team to ensure in-house technologies comply with relevant security standards, regulations, and industry certifications, such as OWASP, CIS, PCI-DSS, ISO27001 to ensure security is prioritised throughout the development lifecycle Maintains current understanding of policy, regulations, and compliance standards that affect assigned areas of responsibility and … practices 3+ years of information security experience in cloud environments. In depth experience secure coding practices, threat modeling, secure architecture design, and secure SDLC / CICD pipelines In-depth technical experience with identifying and advising on the remediation of application security vulnerabilities on application platforms, including cloud and web … and information security executives and in influencing stakeholders to achieve strategic objectives Experience in working with industry frameworks and standards such as OWASP, PCIDSS, ISO27001 / 27002, CIS and NIST Information Security (CISSP, CISA, Security +) and cloud certification (preferably GCP / AWS) What’s In It For More ❯

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 / 27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security … execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience … in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on More ❯

in cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent).Certifications in security governance and frameworks: ISO / IEC 27001, IEC 62443, NIST CSF, CAF, or CIS Controls.Additional vendor or platform-specific certifications (AWS, Azure, Microsoft … Tenable) are advantageous Essential skills Strong understanding of core cybersecurity principles, including confidentiality, integrity, availability, and risk management.Practical experience implementing security controls across IT / OT infrastructure.Proficiency in system hardening techniques.Ability to conduct technical risk assessments, identify control gaps, and propose actionable remediation plans.Familiarity with enterprise security tools and … with the ability to clearly explain technical risks and solutions to technical and non-technical stakeholders. Desired skills Familiarity with UK regulatory frameworks (NIS / NIS2, Ofgem CAF, ECAF, GDPR / DPA18, ISO 27001, or Cyber Essentials Plus).Understanding secure architecture principles, including zero More ❯

cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent). Certifications in security governance and frameworks: ISO / IEC 27001, IEC 62443, NIST CSF, CAF, or CIS Controls. Additional vendor or platform-specific certifications (AWS, Azure … are advantageous Essential skills Strong understanding of core cybersecurity principles, including confidentiality, integrity, availability, and risk management. Practical experience implementing security controls across IT / OT infrastructure. Proficiency in system hardening techniques. Ability to conduct technical risk assessments, identify control gaps, and propose actionable remediation plans. Familiarity with enterprise … with the ability to clearly explain technical risks and solutions to technical and non-technical stakeholders. Desired skills Familiarity with UK regulatory frameworks (NIS / NIS2, Ofgem CAF, ECAF, GDPR / DPA18, ISO 27001, or Cyber Essentials Plus). Understanding secure architecture principles, including More ❯