1 to 25 of 1,119 ISO/IEC 27001 Jobs in the UK

organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information … Governance: Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and risk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer requirements, relevant legislation, and application security best practices. Communication: Develop and maintain an organization-wide security culture. Build and implement a company-wide communication strategy to promote information security … posture, including application security vulnerabilities and risks, risks, and compliance status to the Trayport Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance: Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and More ❯

organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information … Governance: Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and risk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer requirements, relevant legislation, and application security best practices. Communication: Develop and maintain an organization-wide security culture. Build and implement a company-wide communication strategy to promote information security … posture, including application security vulnerabilities and risks, risks, and compliance status to the Trayport Board, other internal sub-Boards, and relevant stakeholders. Compliance and Assurance: Ensure ongoing compliance with ISO27001 certification requirements, including managing audits, reviews, and continual improvement of the Information Security Management System (ISMS). Stay abreast of and ensure adherence to regulations (e.g., GDPR, NIS2, DORA) and More ❯

best practices Develop and support cloud security policies and technical standards Conduct security assessments, risk analysis, and contribute to security roadmaps Collaborate with teams to integrate security into CI / CD and cloud-native applications Microsoft Security Stack Configure and manage Microsoft Defender for Cloud, Defender for Endpoint, and Sentinel Deploy Microsoft Purview for compliance and information protection Manage … Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure insider risk management, audit … regulated industries Technical Skills Deep expertise in Azure security and Microsoft Defender suite Advanced skills in Microsoft Sentinel, Purview, Intune, and Defender for Endpoint Strong experience with Entra ID / Active Directory, Conditional Access, and PIM Hands-on with PowerShell and Microsoft Graph API for security automation Familiarity with M365 security, Zero Trust models, and Microsoft Information Protection Knowledge More ❯

infrastructure against emerging threats. Key Responsibilities: Monitor, detect, and respond to security incidents and threats in real-time. Design and implement security solutions and controls, including firewalls, intrusion detection / prevention systems (IDS / IPS), and endpoint protection. Perform regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with IT and development teams to ensure secure system architecture … document security breaches, providing root cause analysis and remediation plans. Conduct security awareness training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security … CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech sector. Knowledge of DevSecOps practices and secure CI / CD pipelines. Exposure to security automation and scripting (Python, PowerShell, etc.). In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy. More ❯

So, what's the role all about? The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also … enhance IT controls, compliance with standards, and risk management processes. Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits. Gap Assessments: Facilitate and / or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA. Framework Tracking: Monitor updates to Cyber Essentials … disability, veteran status, gender identity, sexual orientation or any other category protected by law. Apply for this job indicates a required field First Name Last Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Do you have any first-degree relatives (spouse, parent, child, sibling) that are currently employed by More ❯

and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO / IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … to simplify and automate complex processes and deliver highly secure, frictionless experiences across the customer lifecycle. To learn more, visit The responsibilities of the role include: Advocating for infrastructure / application Security and providing support for security projects. Competence in reviewing new technologies, methodologies and integration opportunities. Support in enhancing security detection and incident response efforts / playbooks. More ❯

and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. The role requires the ability to "lead by example" and perform line management for direct reports and manage service partners reporting … On-prem and Virtual product) Solution Life Cycle Management and removal (via decommissioning and succession planning) of technical debt. Drive a document first culture to new and legacy platforms / solutions. Oversee management of the End User Compute estate via Intune Act upon and proactively manage all estate patch management requirements (on-prem, virtual, & physical) for software, hardware, and … optimal service delivery and value for investment. Negotiate cloud service agreements, monitor SLAs, and ensure vendor compliance with security and data protection policies. Monitor, forecast and efficiency manage vendor / solution spend against defined budget. Oversee third-party SaaS solutions, ensuring they align with the organisation's cloud-first strategy and security requirements. Refine and develop external and internal More ❯

and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. … Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security, cloud network and API security … Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO More ❯

a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for data protection compliance) Experience Requirements: 3-5+ years of … experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and regulators. Ability More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS / IPS, endpoint protection, cloud security). Shape strategic security recommendations and collaborate on technical win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness … training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What We’re Looking For: A degree in Cybersecurity, IT, or equivalent … forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting / automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. Strong problem-solving, communication, and More ❯

ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection / prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among … bank London employees; conduct annual training / workshops to educate staff on security best practices aligned with GT. Other Duties Maintain professional and technical knowledge (Conduct Rule 2) e.g. by attending educational workshops; read professional publications; benchmarking state-of-the-art practices etc where relevant. Collaborate with stakeholders to handle backlogs and new requirements - Resolve conflicts and remove blockers … on IT related matters. Ensure work deliverables are in compliance with policies and regulatory requirements . Maintains quality service by establishing and enforcing organization standards. To act as second / third level support with GT for support related issues. To comply with all applicable FCA / PRA conduct rules. Compliance with all mandatory training as set by the More ❯

SOC 2, HIPAA, GDPR, etc. Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, and / or partners) Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation Ability to collaborate cross-functionally and influence stakeholders at all … Pride month office parties, sporting events, games nights and much more! We are committed to a hybrid working model, combining remote and office-based working. Discover more at https: / / www.heywood.co.uk / careers EDI statement As an equal opportunities’ employer, Heywood is committed to the equal treatment of all current and prospective employees and does not … We aspire to have a diverse and inclusive workplace and strongly encourage suitably qualified applicants from a wide range of backgrounds to apply and join Heywood. Legal stuff https: / / www.heywood.co.uk / privacy-notices#jobapplicantprivacynotice More ❯

risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI / CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python, Terraform, Ansible, or CloudFormation . Develop security automation scripts for vulnerability scanning and More ❯

services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity. In addition … Information Security Manager) CompTIA Security+ Strong technical background with deep familiarity in: Cyber defence principles and best practices Security standards and frameworks Security services and systems (e.g. SIEM, IDS / IPS, endpoint protection) Significant experience in leading and orchestrating incident response activities, including: Triage and containment Coordination with stakeholders Post-incident review and documentation Experience with environments handling highly More ❯

This job is brought to you by Jobs / Redefined, the UK's leading over-50s age inclusive jobs board. Sonata One is a rapidly scaling, regulated fund services and technology (fintech) business. We're The Private Funds Clearinghouse, connecting more than 53,000 investors with 6,500 funds and 180 fund managers around the globe. Our vision is … from a seamless, one & done experience across the fund lifecycle (from fund selection and subscription through to settlement and reporting) underpinned by a globally compliant KYC passport and 24 / 7 support. Fund managers can raise capital faster at a lower cost from a wider pool of pre-approved investors. Founded in 2015, Sonata One has a presence in … endpoint protection, DLP, etc.). Oversee the organization's incident response and business continuity plans, including simulations and real-time responses. Conduct regular security audits and work with internal / external auditors to support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements More ❯

Job Title: Cyber Security Test Analyst Location: Sheffield, UK (3 days / week Onsite) Duration: 6months+ Banking Client Experience required Job Summary: Required Experience Proven experience in software testing, preferably within Privileged Access Management (PAM) or Identity & Access Management (IAM). Experience with PAM solutions such as CyberArk, BeyondTrust, Delinea (Thycotic), or Microsoft PAM. Strong understanding of IAM principles … . Proficiency in test management tools such as JIRA Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Desirable: Experience working within an Agile (Scrum / Kanban) environment. Knowledge of CI / CD pipelines and DevSecOps practices. Experience with Cloud security testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM … or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). Kind Regards -- Priyanka Sharma Senior Delivery Consultant Office: 02033759240 Email: psharma@vallumassociates.com More ❯

in touch today! Responsibilities: Conducting regular security assessments and vulnerability testing. Developing and implementing security policies and procedures. Monitoring network traffic for unusual activity and potential threats using SOC / SIEM solutions. Responding to security breaches and carrying out forensic investigations. Ensuring compliance with industry standards and regulations, including ISO 27001 and GDPR. Delivering security … use of best-of-breed products. Collaborating with the IT team to design and implement secure network architectures. Generating automated security reports tailored for executive-level clients. Required Skills / Qualifications: A Bachelor's degree in Cyber Security, Information Technology, or a related field. A minimum of three years' experience in a cyber security role, infrastructure, or advanced third … line support. Strong knowledge of security frameworks and standards such as ISO 27001 and GDPR. Expertise in Microsoft 365, SharePoint, Azure architecture, security, and Entra. Proficiency in security tools and technologies, including firewalls, identity management, and layered security stacks. Experience in incident response and forensic analysis. Excellent problem-solving, analytical, and communication skills. Relevant certifications (e.g. More ❯

Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security … Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO … rd party operational infrastructure vendor management - i.e management of managed service partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy tech to Azure knowledge / experience, Prior to the last 5 years, a technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls / SDWAN, and Networks (WAN & / More ❯

help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and … roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS / NIS2, DORA, UK CNI / OT / IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance More ❯

compliance (GRC) . This role is critical in shaping and enforcing security policies, driving enterprise-wide risk management, and ensuring ongoing compliance with frameworks such as SOC 2, ISO 27001, and other regulatory requirements . The ideal candidate is not only a technical expert but also a business-savvy leader who can align security strategy with … Responsibilities & Duties Governance, Risk & Compliance: Develop, implement, and maintain the company's information security governance framework. Lead the strategy and execution for security compliance initiatives including SOC 2 , ISO 27001 , NIST , and other relevant standards. Oversee and manage the enterprise risk management program , including identification, assessment, and mitigation of information security risks. Regularly report to executive … frameworks and compliance standards (e.g., SOC 2, ISO 27001, HIPAA, NIST, GDPR). Proven experience managing or leading successful SOC 2 audits and other regulatory / compliance initiatives. Confident engaging with auditors and enterprise clients; experience representing security to financial institutions. Strong understanding of enterprise risk management methodologies. Technical background with knowledge of security operations More ❯

a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection / prevention systems (IDS / IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security … certifications, such as Security+, IAT II / III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events. Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures Strong grasp of networking protocols, including TCP / … social office in Shoreditch Deliveroo for working late in the office Apply for this job indicates a required field First Name Last Name Preferred First Name Email Phone Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf More ❯

future of the company’s security posture, ensuring it’s robust, scalable, and aligned with industry best practices. 💻 Key Responsibilities: Develop and implement security controls for cloud environments (AWS / GCP) Conduct security assessments, vulnerability scanning, and threat modeling Manage and respond to security incidents, ensuring swift recovery and mitigation Collaborate with engineering teams to integrate security within the … knowledge of cloud security, ideally with AWS, GCP, or Azure Experience with security tools for vulnerability management, intrusion detection, and SIEM solutions Knowledge of secure development practices (DevSecOps, CI / CD) Familiarity with industry regulations (e.g., GDPR, PCI DSS, ISO 27001) Strong problem-solving skills and attention to detail Excellent communication skills with the ability More ❯

future of the company’s security posture, ensuring it’s robust, scalable, and aligned with industry best practices. 💻 Key Responsibilities: Develop and implement security controls for cloud environments (AWS / GCP) Conduct security assessments, vulnerability scanning, and threat modeling Manage and respond to security incidents, ensuring swift recovery and mitigation Collaborate with engineering teams to integrate security within the … knowledge of cloud security, ideally with AWS, GCP, or Azure Experience with security tools for vulnerability management, intrusion detection, and SIEM solutions Knowledge of secure development practices (DevSecOps, CI / CD) Familiarity with industry regulations (e.g., GDPR, PCI DSS, ISO 27001) Strong problem-solving skills and attention to detail Excellent communication skills with the ability More ❯

risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications / Skills Required Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. 5+ years of experience in information security, with a strong focus on risk assessment … and / or internal security audits. Demonstrated experience working with compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (e.g., NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and More ❯