101 to 125 of 935 ISO/IEC 27001 Jobs in the UK

collaborate with cross-functional teams to support the continuous improvement of the company's management system, the maintenance of NGUKL's existing external ISO accreditations and the attainment of new ISO accreditations to support the business strategy. This is an excellent opportunity if you are looking … system and the CAD database Maintain the company's Integrated Management System (IMS) to ensure compliance with regulatory requirements and industry standards (e.g. ISO 9001, 20000-1, 27001, 14001) Support functions and process owners to ensure processes are up to date, efficient and align with required … required Ensure appropriate reviews have taken place, and required approvals have been obtained prior to publication We are looking for: Detailed knowledge of ISO 9001, ISO 27001, ISO 20000 and ISO 14001 standards Experience in managing libraries of process documentation More ❯

Responsibilities: Cryptography: Design, implement, and manage cryptographic systems (encryption, key management, PKI). Ensure compliance with relevant cryptographic standards (e.g., NIST, ISO / IEC 19790, PCI DSS). Evaluate and recommend secure protocols and algorithms for enterprise use. Conduct cryptographic risk assessments and support cryptanalysis … experience with cryptographic tools, SIEM platforms (e.g., Splunk, QRadar), and DLP solutions. Familiarity with frameworks and standards (e.g., NIST CSF, MITRE ATT&CK, ISO 27001). Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Preferred Qualifications: Certifications: CISSP, CISM, CCSP, CEH, or More ❯

working closely with IT to educate and enable teams across Attest. Support with compliance : partner with our Legal team to ensure adherence to ISO 27001, GDPR, and other standards. Manage risk proactively : identify and mitigate vulnerabilities across cloud environments and applications. Embed secure development : working with … 27001 security framework . Hands-on expertise in network security, application security, IAM, and incident response . Proficiency with SIEM, IDS / IPS, WAFs, EDR, and vulnerability management tools . Understanding of secure coding practices and ability to collaborate with engineering teams. Strong communication skills to … is currently an IC role, although you will have the support of other teams in the business. You have never been through an ISO 27001 or similar security audit process. You are looking for a role where you can be remote. We believe that the best More ❯

Experience performing IT Audit or Information Security control assessments, with specific experience testing cloud security controls. Professional certification such as CISA, CISM, CISSP, ISO … 27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on prem and in cloud environments. Important Skills More ❯

Infrastructure & Operations and Internal Audit. Qualifications: What background do I need to have? A successful candidate will have a bachelor's degree or equivalent / higher in computer science, cyber security, information security or similar, or a professional certification such as SSCP. Verification of certification will be requested during … matter expertise for transformational security improvements in a complex Technology organisation Proven experience at engaging and influencing stakeholders across departmental and organisational and global / segment stakeholders An excellent understanding of best practice within cyber security and risk management including standards such as ISO / IEC 27001, Cyber Essentials and NIST CSF Demonstrable creativity and a commitment to future-proofing processes and security controls in a fast paced, ever-changing environment A self-starter with the ability to identify, lead and drive change through an organisation without being instructed to do so More ❯

and ensure regulatory compliance across our AWS and Azure cloud environments. This role involves managing security frameworks, maintaining compliance with SOC 2, GDPR, ISO 9001, ISO 27001, and other standards, while implementing best practices to protect our infrastructure, applications, and data. The ideal candidate … maintain a robust security foundation in a rapidly evolving environment. Key Responsibilities Security & Compliance Management Lead and maintain compliance with SOC 2, GDPR, ISO 27001, and ISO 9001 by implementing, managing, and improving security controls, policies, and processes, while addressing any compliance gaps to … and NIST cybersecurity controls across cloud and application security. Oversee third-party security assessments to ensure vendor compliance and security standards. Incident Response, BC / DR & Penetration Testing Lead Incident Response planning, testing, and execution to ensure swift containment and remediation of threats. Develop and maintain Business Continuity and More ❯

and ensure regulatory compliance across our AWS and Azure cloud environments. This role involves managing security frameworks, maintaining compliance with SOC 2, GDPR, ISO 9001, ISO 27001, and other standards, while implementing best practices to protect our infrastructure, applications, and data. The ideal candidate … maintain a robust security foundation in a rapidly evolving environment. Key Responsibilities Security & Compliance Management Lead and maintain compliance with SOC 2, GDPR, ISO 27001, and ISO 9001 by implementing, managing, and improving security controls, policies, and processes, while addressing any compliance gaps to … and NIST cybersecurity controls across cloud and application security. Oversee third-party security assessments to ensure vendor compliance and security standards. Incident Response, BC / DR & Penetration Testing Lead Incident Response planning, testing, and execution to ensure swift containment and remediation of threats. Develop and maintain Business Continuity and More ❯

relying on smart, consistent, streamlined, technology-supported processes and tools to maximize efficiency and quality of experience for CDW and its customers. Support corporate / internal audits and reviews and implementation of remediation steps / closure of any corrective actions. Work with global training lead to develop and … cases, including working with other key internal stakeholders to: manage investigations; identify key trends and outcomes; and raise awareness for reporting with international entities / locations Build effective relationships with international business stakeholders, providing practical guidance on diverse regulatory and compliance matters within function. Work with Legal, Risk, Ethics … AND EXPERIENCE Experience managing risk, ethics and compliance matters for a global, public company, with particular experience within EMEA and APAC Knowledge of ISO standards and their application e.g. ISO 9001, ISO 27001, ISO 20000 and ISO More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline.Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent.Technical certifications or training aligned to OT security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms.Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations.Additional certifications or practical experience in Secure by Design, systems assurance, or control systems architecture are advantageous. Essential … infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures.Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes.Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to technical More ❯

of a high-performing team making a real impact on client trust and regulatory resilience. What You'll Be Doing Develop and publish ISO 27001-compliant processes and controls Expand the certification scope to cover global legal operations Plan and perform internal audits and risk assessments … and resolution Support security governance and champion internal education What You'll Bring Experience in information security or compliance-based roles Knowledge of ISO 27001, Cyber Essentials, NIST or similar frameworks Ability to communicate and collaborate across business functions Comfortable working in cloud and Microsoft … environments Certifications like CISMP, CISSP or ISO 27001 Lead Auditor are a bonus Salary: £55,729-£65,729 Hybrid: 3 Days in London Office Career-defining opportunity in a growing internal InfoSec team Training & Certification Support Strong UK Benefits Package More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Familiarity with rail sector security and safety standards is highly desirable. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or practical experience in Secure by Design, systems assurance, or control systems … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or practical experience in Secure by Design, systems assurance, or control systems … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

capability development activities within the Cybersecurity Practice, contributing insights from the client engagement. Qualifications A degree (or equivalent experience) in Cybersecurity, Systems Engineering, Electrical / Electronic Engineering, or a related technical discipline. Recognised cybersecurity certifications: CISSP, CISM, CISA, GICSP, SABSA, or equivalent. Technical certifications or training aligned to OT … security: IEC 62443, GIAC GRID / GICSP, SCADA / ICS security, or vendor-specific OT platforms. Understanding of relevant UK regulatory frameworks, including NIS / NIS2 Regulations and UK CNI expectations. Additional certifications or practical experience in Secure by Design, systems assurance, or control systems … including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT / IT systems within large engineering or infrastructure programmes. Experience integrating cybersecurity into engineering lifecycles, including Secure by Design practices, requirements definition, and traceability to More ❯

build security resilience across multiple jurisdictions. What You'll Be Doing Maintain and improve the ISMS, including policies, procedures, and guidelines Ensure ongoing ISO 27001:2022 alignment across UK and international offices Conduct internal audits, lead remediation efforts, and support third-party reviews Run supplier due … Deliver awareness training and drive adoption of secure behaviours What You'll Bring Experience in information security or compliance-based roles Knowledge of ISO 27001, Cyber Essentials, NIST or similar frameworks Ability to communicate and collaborate across business functions Comfortable working in cloud and Microsoft … environments Certifications like CISMP, CISSP or ISO 27001 Lead Auditor are a bonus More ❯

by Design Conduct threat modelling exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30 / 37 / 53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security … assessments and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan 05-138, Def More ❯

by Design Conduct threat modelling exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30 / 37 / 53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security … assessments and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan 05-138, Def More ❯

through our risk management framework and ensuring key risks are reported to the CISO. Performing regular internal security audits aligned to ISO / IEC 27001 and SOC2 controls. Developing our security awareness training programme aligned with internal security policies. Comfortable engaging with customers … NCSC CAF), supporting processes and toolsets. Ability to breakdown and solve complex problems across multiple domains and successfully lead the recovery of major and / or complex security incidents. Knowledge and experience of threat hunting and problem-solving through reviewing logs and identifying anomalous activities. More ❯

through our risk management framework and ensuring key risks are reported to the CISO. Performing regular internal security audits aligned to ISO / IEC 27001 and SOC2 controls. Developing our security awareness training programme aligned with internal security policies. Comfortable engaging with customers … NCSC CAF), supporting processes and toolsets. Ability to breakdown and solve complex problems across multiple domains and successfully lead the recovery of major and / or complex security incidents. Knowledge and experience of threat hunting and problem-solving through reviewing logs and identifying anomalous activities. For any further queries More ❯

and Vulnerability Management tools would be beneficial. A good understanding of legislation and security frameworks such as the Network and Information Systems Regulations, ISO 27001 and Cyber Essentials + would also be valuable. We offer hybrid working options so the base of the role can be … staff support to help you meet these minimal desirable requirements during the course of your employment with us. Interviews will be held on 28 / 05 / 2025. Person Specification Qualifications & Knowledge Essential ITIL Foundation Educated to Degree level (preferably Cyber Security) or equivalent and a recognised specialist … overseas applicants. Employer details Employer name Hywel Dda University Health Board Address Glangwili General Hospital Dolgwili Road Carmarthen SA31 2AF Employer's website https: / / hduhb.nhs.wales / More ❯

controls, and preparing for audits while also providing consultation on PCI requirements to Engineering, SecOps, and Architecture teams. Additionally, the role will support ISO 27001, SOC 2 Type 2, and other certification audits, assist with security assurance activities such as design reviews and client security questions … identify areas of improvement. Stay up to date with PCI DSS standard updates and ensure timely adaptation of new requirements. Manage and support ISO 27001 and SOC 2 Type 2 certification processes, ensuring evidence gathering, control validation, and audit preparation. Assist in responding to client security … Strong understanding of PCI DSS requirements, controls, and assessment processes. Hands-on experience with security controls, cloud environments, and security architecture. Experience with ISO 27001, SOC 2 Type 2, or other security frameworks. Proven ability to work effectively with senior leadership, auditors, external partners, and cross More ❯

Develop and present comprehensive risk assessment reports, including clear recommendations for mitigation and investment Apply frameworks such as NIST 800-53, ISO / IEC 27001, and NCSC CAF to assess current controls and identify improvement opportunities Contribute to the development of organisational threat … can apply critical thinking to complex and ambiguous environments, making informed decisions under pressure You have strong knowledge of cyber risk frameworks (e.g. NIST, ISO27001, NCSC CAF) and experience in applying them You're experienced in one or more of: counterintelligence, human intelligence and security, physical security assessments, operational technology More ❯

Group CTO, safeguards UK Education and Research from cyber threats, supporting digital resilience through services like our nationwide Security Operations Centre (SOC), including 24 / 7 security monitoring, SIEM, and endpoint detection. About the role: You will develop and maintain infrastructure supporting Jisc's security services, focusing on managing … deploying technical solutions Knowledge of IaaS, SaaS, Linux server administration Experience with cloud technologies (private, hybrid, public) Familiarity with standards like ISO / IEC 27001, BS22301:2019 is beneficial Strong communication skills for technical and non-technical audiences We encourage applications even if More ❯

Endpoint Security Network Security Vulnerability Management Responsibilities As an Operational Security Analyst, you will: Investigate security events from our SIEM, security tools, and vendor / partner reports Actively contribute to enhancing our ability to detect, investigate, and resolve anomalies and threats, while developing and improving response plans and playbooks … diligent, reliable, self-motivated, and a natural problem-solver Knowledge of the following technical areas, along with general awareness of others: Cloud Security (Azure / AWS) Windows Security Linux Security Active Directory / LDAP Authentication Mechanisms (Kerberos, NTLM, etc.) Basic programming / scripting (e.g., PowerShell, Bash) Vulnerability … or more of the following: Prior experience in information security or systems administration / engineering Discipline-specific qualifications (e.g., SANS, CEH, OSCP, CRT, ISO27001 LA, CISMP) Bachelor's degree in a related field (e.g., Computer Science, Computer Security) Knowledge of ISO / IEC More ❯

Endpoint Security Network Security Vulnerability Management Responsibilities As an Operational Security Analyst, you will: Investigate security events from our SIEM, security tools, and vendor / partner reports Actively contribute to enhancing our ability to detect, investigate, and resolve anomalies and threats, while developing and improving response plans and playbooks … diligent, reliable, self-motivated, and a natural problem-solver Knowledge of the following technical areas, along with general awareness of others: Cloud Security (Azure / AWS) Windows Security Linux Security Active Directory / LDAP Authentication Mechanisms (Kerberos, NTLM, etc.) Basic programming / scripting (e.g., PowerShell, Bash) Vulnerability … or more of the following: Prior experience in information security or systems administration / engineering Discipline-specific qualifications (e.g., SANS, CEH, OSCP, CRT, ISO27001 LA, CISMP) Bachelor's degree in a related field (e.g., Computer Science, Computer Security) Knowledge of ISO / IEC More ❯