226 to 250 of 904 ISO/IEC 27001 Jobs in the UK

strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying More ❯

strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying More ❯

strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying More ❯

strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying More ❯

strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying More ❯

strategy, cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying More ❯

GRC framework across the group Conduct regular risk assessments and support vulnerability management Maintain and evolve security controls, policies, and standards Ensure compliance with GDPR, CIS18, PCI DSS, and ISO27001 Lead on third-party audits and provide documentation and evidence Support cybersecurity programmes and incident response planning Provide GRC advisory to senior leadership and cross-functional teams Promote a culture More ❯

financial services sector, including leading private equity, venture capital, and top UK law firms. We have four Microsoft Solution Partner designations, a Tier 1 Microsoft CSP relationship, and are ISO27001 & ISO9001 accredited. Our clients rely on us to bring specialist expertise across cloud solutions, hybrid working, modern workplace, data and BI, cyber security, governance and compliance, and networking. We have More ❯

management. Stay updated on emerging IT risks, technologies, and regulatory changes. Provide guidance and training to junior audit staff on IT audit methodologies. Qualifications: Traditional accounting qualifications i.e. ACA / ACCA / CIMA or CISA, CISSP, or other relevant certification preferred. Minimum of 3 years of experience in IT auditing or a related field. Strong understanding of IT … Unix environments. Database Management: Knowledge of SQL, Oracle, and other database management systems. Cybersecurity: Experience with vulnerability assessments, penetration testing, and incident response. IT Governance: Knowledge of ITIL, ISO 27001, and other IT governance frameworks. Software Development: Understanding of SDLC, DevOps practices, and application security. Data Analytics: Proficiency in data analytics … tools and techniques to enhance audit processes. For example: Excel: Advanced skills in data manipulation, pivot tables, and data visualisation. SQL: Ability to query and analyse large datasets. Python / R: Experience with programming languages for data analysis and automation. Tableau / Power BI: Expertise in creating interactive dashboards and visualisations. ACL / Galvanize: Familiarity with audit More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

Operations Centre (SOC). Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. Perform additional security-related tasks as directed by the Head of Information Security Essential Skills & Experience Proven experience in … and cloud security. Ability to assess and communicate technical vulnerabilities in business terms. Experience working with or within a SOC environment . Familiarity with risk management frameworks (e.g. ISO 27005, NIST RMF). Excellent communication and reporting skills. Due to the volume of applications received for positions, it will not be possible to respond to all applications and … personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http: / / proactive.it / privacy-notice / More ❯

Developing and implementing comprehensive security solutions, policies, and frameworks ️ Conducting security audits, risk assessments, and penetration testing ️ Advising on data protection, incident response, and regulatory compliance (e.g., GDPR, ISO 27001) ️ Providing training and guidance to clients on best practices for cybersecurity What We … re Looking For: ️ Proven experience as a Cybersecurity Consultant or in a similar role ️ Strong knowledge of security frameworks, risk management, and cybersecurity protocols ️ Experience with firewalls, VPNs, IDS / IPS, and endpoint security solutions ️ Certifications such as CISSP, CISM, CEH, or equivalent highly valued ️ Excellent communication skills to interact with technical and non-technical stakeholders More ❯

in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 / +44 204 520 2575 with the subject line: “Application Support Request”. Role: DLP Support Specialist Location: London / Watford Mode of working: Hybrid (3 days) Careers at … and implement new DLP solutions, techniques, and updates to enhance protection. Support Integration – Assist in integrating DLP solutions with broader IT security measures and infrastructure. Your Profile Essential skills / knowledge / experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts … employees on data protection best practices and ensure compliance with DLP measures. Continuous Learning & Improvement – Commitment to staying updated on emerging DLP technologies, threats, and security trends. Desirable skills / knowledge / experience: Experience with Cloud Security – Exposure to cloud-based DLP solutions (e.g., Microsoft 365, AWS, Google Cloud). Forensic Investigation Skills – Ability to conduct forensic analysis More ❯

in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 / +44 204 520 2575 with the subject line: “Application Support Request”. Role: DLP Support Specialist Location: London / Watford Mode of working: Hybrid (3 days) Careers at … and implement new DLP solutions, techniques, and updates to enhance protection. Support Integration – Assist in integrating DLP solutions with broader IT security measures and infrastructure. Your Profile Essential skills / knowledge / experience: DLP Technologies Expertise – Hands-on experience with Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, or similar solutions. Incident Response & Troubleshooting – Ability to investigate security alerts … employees on data protection best practices and ensure compliance with DLP measures. Continuous Learning & Improvement – Commitment to staying updated on emerging DLP technologies, threats, and security trends. Desirable skills / knowledge / experience: Experience with Cloud Security – Exposure to cloud-based DLP solutions (e.g., Microsoft 365, AWS, Google Cloud). Forensic Investigation Skills – Ability to conduct forensic analysis More ❯

Security Architect (Microsoft) | Manchester, Birmingham, Sheffield, Edinburgh, or Glasgow | £600-£800 p / day (IR35) | 3 days on-site | 6 month contract (possible extension) Location: Manchester, Birmingham, Sheffield, Edinburgh or Glasgow (dependent on which is closer) Working pattern: 3 days on-site, 2 days remote Contract length: Until the end of November, extensions likely Start date: Immediate A global … Stack (E5 Security, Defender, Endpoint, Sentinel) Strong knowledge of Microsoft Licensing and governance Experiecne designing reusable security architecture patterns and templates Ideal certifications: Microsoft Security Architect Expert (SC100) CISSP / CISM Public Cloud Architect Certification (Azure, AWS, GCP) UML visualisation tools (BizzDesign, Archi) Apply now for the chance to work for a notable client, especially as interviews are commencing … imminently! Security Architect (Microsoft) | Manchester, Birmingham, Sheffield, Edinburgh, or Glasgow | £600-£800 p / day (IR35) | 3 days on-site | 6 month contract (possible extension) Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section More ❯

manage responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security, Legal, IT … a related field. Experience supporting sales processes, including responding to RFx security assessments. Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.). Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences. Strong organizational skills with the ability to … attention to detail. Experience working in a SaaS, cloud, or technology-driven company is preferred. Professional certifications (such as CISM, CRISC, ISO 27001 Lead Implementer / Auditor, or similar) are a plus Additional Information We are proud to foster a diverse and inclusive workplace, where every individual's unique background, perspective, and contribution is celebrated. More ❯

and deploy AI-powered automations that turn manual compliance tasks into real-time, self-service workflows. Skills you should HODL 7+ years in security engineering or technical external audit / advisory, including hands-on experience with industry frameworks (e.g. ISO 27001, SOC 2, PCI DSS, FedRAMP, NIST). Strong long-form and asynchronous writing skills … for a fully remote, globally distributed team. Built and / or made substantial contributions to a common controls framework. Knowledge of infrastructure as code, CI / CD, orchestration tools, and private key management. Familiarity with security capabilities for major cloud service providers (e.g. AWS, Azure, GCP). Ability to white-board architectures and technical process flows. Communicate limitations … controls with ease. Nice to haves Certifications: CRISC, CISSP, CCNA, CCSP Experience at a public technology, financial services, fintech, etc. company. Hands-on with blockchain relevant security standards and / or crypto-custody controls. Built or advised on LLM-based or general automations to manage stages of an assessment or control process. This job is accepting ongoing applications and More ❯

consultancy enables quantifiable compliance with key information security legislation, regulations, and industry standards, including PCI DSS, the UK Data Protection Act 2018 (DPA 2018), GDPR, and ISO / IEC 27001. If you would like to learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Conduct web, mobile, API, infrastructure, cloud … wireless penetration testing. Create detailed technical reports and deliver test findings directly to clients. Provide remediation advice and post-assessment consultancy. Contribute to internal testing methodologies and Red Team / social engineering activities. Mentor junior team members and support collaborative delivery of projects. Occasionally support the creation of marketing materials such as research papers and articles. Skills / Must have: Strong knowledge of OWASP methodologies and offensive testing across black / grey / white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS, Azure, GCP). Understanding of mobile security (Android & iOS), networking protocols, and the OSI model. Excellent verbal and written communication skills More ❯