26 to 50 of 471 ISO/IEC 27001 Jobs in the UK

What You'll Do: Provide accurate, valid, and appropriate responses to externally initiated security and data protection queries, questionnaires, or requests for information (RFI) / requests for proposals (RFP). Manage client-requested security reviews (on-site or virtual) including explanation of controls within the environment, presentation of evidence, planning and co-ordination of pre and post audit activities. … the Company works with to ensure appropriate controls are in place to maintain the Confidentiality, Integrity, and Availability of their environment(s). Perform the necessary on-site and / or remote third-party security assessments of critical third parties to ensure their controls are effective. Produce high quality reports which articulate the risks associated with third parties and … tailor communication of technically complex issues to various audiences. Demonstrable experience in a client facing aspect - as an assessor or as the assessed, consulting, account management, responding to security / operational / process questionnaires, bids, proposals, etc. Have a recognised security certification such as CISSP, CISA, CISM, ISO / IEC 27001 More ❯

Data Subject Access Requests, oversee DPIAs, Privacy Notices, and Information Sharing Agreements, and lead IG-related incident reporting and resolution. Strengthen Cyber Security resilience Create cyber playbooks, support ISO 27001 alignment, analyse incidents, and deliver tailored cyber threat training across the business, including at board level. Enhance Digital Clinical Safety Deliver training on DCB standards, publish … solutions. You will have: Essential qualifications: Postgraduate qualification in a relevant field (e.g., Law, Corporate Governance, Data Protection). A current Data Protection or Information Governance qualification (e.g., CIPP / E, BCS Practitioner Certificate, Level 4 Data Protection and IG Practitioner). Essential skills and experience: In-depth knowledge of data protection laws, cybersecurity frameworks, DCB safety standards, and … Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name InHealth Group Address London End Beaconsfield Buckinghamshire HP9 2JH Employer's website https: / / www.inhealthgroup.com / More ❯

levels. Demonstrated ability to establish lasting customer relationships. Framework fluency: familiarity with NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK and core domains (EDR / SIEM / IAM / Zero Trust; cloud security across AWS / Azure / GCP). Solution experience: selling MDR / XDR, IR retainers, and … / or risk & compliance services into mid-market / enterprise. Methodology: comfortable with MEDDICC / MEDDPICC or Challenger. Nice to have: experience with public sector frameworks and / or SC clearance eligibility. More ❯

AV Support Assistant / AV Specialist / Unified Communications Analyst A fantastic opportunity has arisen for a AV Support Assistant / AV Specialist / Unified Communications Analyst to join our London based global law firm on permanent basis. AV Support Assistant / AV Specialist / Unified Communications Analyst Summary: Our clients IT team is … work to the Infrastructure or Applications Support teams. This unique position within the team in our London office will specialise in our meeting and conferencing technologies. AV Support Assistant / AV Specialist / Unified Communications Analyst Key Responsibilities: - Deliver an excellent experience to users of the firm's AV and video conferencing technologies. This includes meeting room technologies … / 365), Outlook, Word, PowerPoint, and Excel - Knowledge of Remote Access systems and focusing on supporting remotely - Understanding of ITIL (v2 or v3), understanding of ISMS / ISO27001 would be desirable. AV Support Assistant / AV Specialist / Unified Communications Analyst In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised More ❯

in supporting sales and pre-sales activities across UK-based opportunities. If you're passionate about helping clients navigate complex risk landscapes and have a strong background in ISO, NIST, and NCSC frameworks, we'd love to hear from you. What You'll Do Lead and deliver GRC advisory engagements (SMA, CRA, SDaaS). Act as a trusted … scoping and proposal development. Comfortable managing multiple engagements in dynamic environments. Nice to Have Certifications such as CISSP , CISM , CRISC , or ISO 27001 Lead Auditor / Implementer . Experience working with UK public sector or regulated industries. Knowledge of GRC automation tools and emerging technologies. Why Join Us? Work with a collaborative and forward-thinking … cybersecurity team. Flexible working arrangements (remote / hybrid). Opportunities for career growth and professional development. Be part of shaping the future of GRC advisory services in the UK. Ready to apply? Send us your CV or reach out directly to learn more. Let's build a safer digital future together. More ❯

reporting. Liaise with customers and provide regular updates. Coordinate product support and resolve technical issues. Maintain documentation and configure products for delivery. Ensure compliance with ISO 9001 / 27001 standards. Requirements: Degree in STEM or equivalent experience. Strong project management and communication skills. Familiarity with Linux and collaboration tools (e.g. Jira, Confluence). Experience working … to ISO 9001 / 27001 quality and security processes. Software Development background highly beneficial, coding skills in Python, JavaScript would be of benefit Previous experience in defence / security and software / hardware development is a plus. Full UK driving licence and willingness to travel in the UK and potentially overseas This role More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

operations team. This role is central to maintaining uptime, monitoring critical systems, and responding to incidents in a high-availability environment. The successful candidate will work in a 24 / 7 control room environment, ensuring the smooth operation of electrical, mechanical, and IT infrastructure systems that support our data centre. Key Responsibilities Monitoring & Operations Monitor all Building Management Systems … as the first point of contact for incidents and outages. Coordinate communication between on-site engineers, external vendors, and management. Execute and document emergency procedures in line with SLA / OLA requirements. Reporting & Documentation Maintain accurate shift logs, incident reports, and escalation records. Support audit and compliance requirements (ISO 27001, ISO 22301, Uptime … or similar monitoring platforms. Strong technical awareness of HVAC, UPS, generators, fire systems, and networking fundamentals. Excellent communication skills for incident management and escalation. Ability to work rotating 24 / 7 shifts (including nights, weekends, and holidays). Desirable: Certifications: CompTIA Server+, CCNA, or equivalent facilities / technical qualifications. Familiarity with Uptime Institute Tier standards, ISO More ❯

Outside IR35, Dev / Sec Ops Engineer, Azure, AWS, Technical Blueprint, Best practice, Regulatory Environment background. West Midlands, London We are seeking a Senior DevSecOps Engineer to lead governance, architecture guidance, and assurance for cloud and infrastructure security across Microsoft Azure, AWS, and key SaaS platforms. This role is pivotal in defining technical blueprints, setting security standards, and ensuring … best practices, validate implementations, and support audit readiness across IaaS, PaaS, and SaaS environments. Key Responsibilities Define and maintain multi-cloud security standards and reference blueprints (e.g. Azure Policy / Initiatives, AWS Control Tower / SCPs) Own security architecture patterns and contribute to HLD / LLD, threat models, and risk assessments Set assurance criteria and control evidence … standards (Entra ID Conditional Access, MFA, PIM; AWS IAM federation) Govern SaaS security onboarding (SSO, OAuth governance, DLP controls, vendor assessments) Specify telemetry and logging requirements for Microsoft Sentinel / SOC and review analytics / reporting Lead compliance mapping for ISO 27001 and curate audit-ready evidence packs Chair Cloud & Platform Security design reviews More ❯

fostering a culture of security awareness throughout the organisation. Security Strategy Development: Design and implement a comprehensive information security strategy that aligns with business objectives and complies with ISO 27001 standards. Microsoft 365 Expertise: Leverage Microsoft 365 tools to enhance security measures, ensuring optimal configuration and deployment to protect data and information assets. Data and Information … s security posture. Requirements Bachelor's degree in Information Security, Computer Science, or a related field. 5+ years of experience in information security management, with a focus on ISO 27001 and compliance. Strong expertise in Microsoft 365 security features and configurations. Proven background in cybersecurity, risk management, and data governance. Excellent analytical and problem-solving skills … with the ability to think strategically. Strong communication and interpersonal skills, with a focus on collaboration and teamwork. Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable. Other information Your package and perks At M247, we go beyond the pay check to bring you a package of perks that truly enrich your journey More ❯

Outside IR35, Dev / Sec Ops Engineer, Azure, AWS, Technical Blueprint, Best practice, Regulatory Environment background. West Midlands, London The experience expected from applicants, as well as additional skills and qualifications needed for this job are listed below. We are seeking a Senior DevSecOps Engineer to lead governance, architecture guidance, and assurance for cloud and infrastructure security across Microsoft … best practices, validate implementations, and support audit readiness across IaaS, PaaS, and SaaS environments. Key Responsibilities Define and maintain multi-cloud security standards and reference blueprints (e.g. Azure Policy / Initiatives, AWS Control Tower / SCPs) Own security architecture patterns and contribute to HLD / LLD, threat models, and risk assessments Set assurance criteria and control evidence … standards (Entra ID Conditional Access, MFA, PIM; AWS IAM federation) Govern SaaS security onboarding (SSO, OAuth governance, DLP controls, vendor assessments) Specify telemetry and logging requirements for Microsoft Sentinel / SOC and review analytics / reporting Lead compliance mapping for ISO 27001 and curate audit-ready evidence packs Chair Cloud & Platform Security design reviews More ❯

Design and implement a comprehensive security strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems … experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯

Design and implement a comprehensive security strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems … experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯

secure cloud infrastructure using Oracle Cloud Infrastructure (OCI). Develop and manage Infrastructure as Code (IaC) with tools like Terraform to enable secure, repeatable deployments. Implement and manage CI / CD pipelines, focusing on automated security testing, deployment, and monitoring. Ensure all aspects of the data platform OCI infrastructure, data ingest pipelines, tool deployments, access controls, and monitoring are … Hands-on experience with cloud infrastructure, ideally Oracle Cloud (OCI), including provisioning, configuration, and service management. Proficient with Terraform or similar IaC tools. Skilled in implementing and maintaining CI / CD pipelines (e.g., GitHub Actions), especially with automated security testing. Strong knowledge of containerisation (e.g., Docker) and orchestration (e.g., Kubernetes). Deep understanding of cloud security principles: IAM, network … security, encryption. Experience with monitoring / alerting tools (e.g., Prometheus, Grafana, ELK stack). Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g. More ❯

is hiring for Security Audit Analyst for London, UK location, Job: Security Audit Analyst Job Type: Open for both Permanent and Fixed Term Contract Location: London, UK(3 Days / Week onsite) Job Description: Overview The Third-Party Audit Consultant is responsible for conducting customer audits, managing short-term projects, and assessing third-party security compliance. This role requires … ISO 27001 Lead Auditor certification and a solid understanding of risk management principles. Requirements Certification as an ISO 27001 Lead Auditor, with hands-on experience conducting audits and managing audit processes. Ability to manage short-term projects independently, from planning to execution, including audit preparation and report generation. Familiarity with technology systems … of third-party vendors or partners to ensure compliance with security standards. Understanding of risk management principles and their application in security audits. Knowledge of compliance frameworks like ISO 27001, SOC 2, or similar, and their implementation within enterprise environments. Experience with audit tools and software used for planning, executing, and documenting audits. Experience in writing More ❯

in the days that you work, and the opportunity to work across diverse industries. Our client works with a range of standards including the main international standards (e.g., ISO 9001, ISO 14001, ISO 27001, ISO 45001). They are seeking someone to focus on mainly information security so experience or … sessions to staff on system awareness, compliance, and continual improvement. Advise on integration of multiple standards into a unified management system. Requirements Essential Skills & Attributes Strong understanding of ISO standards and management system principles. Excellent analytical and problem-solving abilities. Exceptional written and verbal communication skills. Ability to work independently and manage multiple client projects. High level of … not essential. Training & Development Training will be provided where required to support specific standards, tools, or client needs. Opportunities for ongoing professional development and certification support. Engagement Terms Freelance / Contract basis with flexible working arrangements. Project-based or retainer agreements depending on client scope. Competitive day rates based on experience and project complexity. More ❯

isn't the Trusts normal practice, adverts may close early, so you are encouraged to submit an application as soon as possible. A video about the Royal Surrey - https: / / www.youtube.com / watch?v=R96pMboIYdo Job description Job responsibilities The Clinical Informatics Programme Manager is responsible for the delivery of all aspects of the Clinical Informatics … roadmaps Strong interpersonal skills & able to develop and maintain effective and credible relationships with business leaders and supplier management Knowledge of Service and Security Management standards (such as ISO20000, ISO27001) Knowledge of IT concepts and systems Knowledge of contracting trends, licensing models, and traditional and emerging contract and vendor performance models Deep market knowledge of IT and Healthcare Technologies Strong … responsibilities - Previously responsible for a budget, involved in budget setting and working knowledge of financial processes Desirable Excellent working knowledge and experience of implementing standards and controls e.g. ISO20000, ISO27001 Management experience of ITIL disciplines Experience of working in an IT service provider Where applicable, understanding of government and industry regulations that will influence contracting approach and vendor behaviour Disclosure More ❯

backend systems at the core of cutting-edge AI, with a strong focus on performance, reliability, and security. Key Responsibilities Architect and evolve scalable backend services in Python (FastAPI / Django / Flask). Design and operate RESTful APIs aligned with OpenAPI / Swagger. Implement authentication and authorization (OAuth2 / OIDC, permissions, session management). Optimise … caching, rate limiting, and queuing to meet performance goals. Integrate with AI pipelines and model-serving endpoints (async inference, streaming). Containerise services with Docker; maintain IaC with Terraform / CloudFormation. Operate services on AWS with CI / CD pipelines (GitHub Actions / Argo CD). Lead security hardening, monitoring, and compliance readiness. Own backup, disaster recovery … REST APIs. Deep expertise in relational database design, performance tuning, and migrations (PostgreSQL). Strong knowledge of Docker, Git workflows, and AWS core services (EC2, VPC, IAM, S3, ALB / ELB, ECR / ECS). Familiarity with API versioning, testing strategies, and documentation best practices. Eligible for SC clearance (or ability to obtain; DV clearance required later). More ❯

Network Infrastructure Security Manager - HYBRID WORKING Position Summary: We are seeking an experienced Infrastructure / Security Manager to lead our IT operations and cybersecurity initiatives. The ideal candidate will have a strong technical background, with the ability to combine hands-on technical expertise with leadership capabilities. Responsible for driving company IT security, and stability of all IT systems and … SIEM, MFA, PKI, DLP). Nessus VAPT reporting and remediation Strong expertise in: Microsoft technologies (Windows Server, Azure Active Directory) Virtualization platforms (VMware ESXi, Proxmox) Networking including Layer 2 / 3 switching, routing, VLANs, VPNs. Cloud environments (IBM Cloud,AWS, Azure) – deployments and architecture. Proficient in backup and disaster recovery technologies. Supporting end users Certifications (Preferred): Microsoft Certified Professional … AWS Certified Solutions Architect – Associate / Professional VMware Certified Professional (VCP) Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation More ❯

Compliance Coordiantor ISO Standards, H&S, and Data Protection Location - Beaconsfield (Hybrid) Part time (15-20hrs a week which can be structured however best suits the succesful candidate, perfect for candidates returning to work with childcare or similar responsibilities) About the Company A long-established technology services provider with more than 20 years experience, delivering managed and … to take ownership of compliance across quality, environmental, health & safety, information security, and data protection standards. This role will be central in achieving and maintaining certifications such as ISO 9001, ISO 14001, ISO 45001, ISO 27001 , as well as SafeContractor, Constructionline, and Avetta accreditations. The Compliance Manager will also support … Health & Safety and HR functions, oversee GDPR and data protection obligations, and manage client pre-qualification documentation for tenders. Key Responsibilities Lead the implementation and maintenance of ISO 9001, 14001, 45001, and 27001 standards. Manage renewals and audits for SafeContractor, Constructionline, and Avetta. Develop and maintain Integrated Management System (IMS) documentation. Complete Pre-Qualification Questionnaires (PQQs More ❯

Expertise Cloud-Native Architectures: - Deep understanding of AWS, Azure, and GCP services, including compute (EC2, Lambda), networking (VPC, Transit Gateway), storage (S3, Blob), and container orchestration (ECS, Fargate, Kubernetes / EKS / GKE). - Familiarity with IaC tools such as Terraform, CloudFormation, and Helm for scalable deployments. AI / ML Fundamentals: - Knowledge of Natural Language Processing (NLP … model lifecycle management, and explainability techniques. - Ability to articulate how AI models integrate into enterprise workflows and compliance frameworks. Security & Compliance: - Strong grasp of SOC 2, ISO 27001, GDPR, and enterprise security best practices. - Understanding of identity and access management (IAM), encryption standards, and secure API design. Integrations & APIs: - Experience with RESTful APIs, webhooks, and SDKs … on the client's supplier list for this position. Useful Keywords Technical Presales Lead, Solutions Engineering, Pre-Sales Manager, Cloud Architecture, AWS, Azure, GCP, Kubernetes, ECS, Fargate, Terraform, AI / ML, NLP, Security Compliance, SOC2, ISO 27001, GDPR, SaaS, Enterprise Software, API Integrations, Player-Coach, Technical Leadership, Proof of Value, Enterprise Presales More ❯

summaries Coordinate secure changes and maintenance windows with engineering teams Respond to security incidents and support root cause analysis and reporting Participate in the deployment of new applications and / or changes, ensuring that all service components are documented and monitored and integrated into the company’s operational processes. Work with stakeholders across the solutions lifecycle to ensure that … with technical stakeholders (including customers) on the delivery of hosted solutions. Experience & Qualifications Good experience in a hosting provider or managed service provider environment Strong working knowledge of ISO 27001, ISO 27017, ISO 27018, and ISO 22301 Hands-on experience with scanning and vulnerability detection applications Hands-on experience of … domain and AD management experience Strong troubleshooting skills Strong scripting skills Enthusiasm and talent for acquiring complex technical skills Good customer service attitude Knowledge of configuration management (Puppet and / or Red Hat Satellite preferred) Scripting for automation using technologies (e.g. Powershell, Puppet, Ansible, Python) ITIL knowledge – principles and application Ability to support and develop junior colleagues More ❯

QA / RA Assistant – £28,000 depending on experience + Benefits – Liverpool The Role Are you looking to kickstart your career in quality management and regulatory affairs within the medical device industry? MyCardium is offering an exciting opportunity for a QA / RA Assistant to join our team and play a key role in ensuring compliance with international … to the success of a leading medical device company, we want to hear from you! Key Responsibilities: Assist in maintaining compliance with certifications and regulatory approvals such as ISO 27001, ISO 9001, ISO 13485, UKCA, CE, and FDA 510(k). … Support the update and maintenance of QMS and ISMS documentation. Help coordinate and conduct internal audits, document findings, and ensure corrective actions are followed up on. Deliver basic QMS / ISMS training to staff, including during induction sessions. Assist in vendor approval processes and monitor adherence to MyCardium's quality standards. Support post-market surveillance activities in collaboration with More ❯

with regulatory requirements, and conducting thorough security audits.You will be part of the IT committee and work closely with the risk and compliance team.Ideally, having a background in IT / Network security, progressing into information security and cybersecurity.**Key Responsibilities:**- Develop, draught, implement, and maintain information security policies, procedures, and guidelines.- Conduct regular security audits and assessments to identify … vulnerabilities and ensure compliance with industry standards (e.g., ISO 27001).- SIEM & Vulnerability Management.- Monitor and respond to security incidents, conducting investigations and implementing corrective actions.- Collaborate with IT and other departments to ensure the security of network infrastructure and data.- Manage risk assessments and vulnerability assessments to identify potential security threats.- Oversee the implementation of … interpersonal skills.**Preferred Qualifications:**- Experience with regulatory compliance requirements such as GDPR, HIPAA, or SOX.- Familiarity with security tools and technologies such as SIEM, DLP, and endpoint protection. CISA / CISSP / CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional;CCNA / CCNP Hays Specialist Recruitment Limited More ❯

Security, A+, Server), Microsoft Certifications (e.g. Azure Administrator, Security, Server Hybrid Admin, Power Platform Fundamentals). Membership in relevant bodies such as BCS, IEEE, ISACA, (ISC) , CompTIA, or ITIL / AXELOS. Skilled in LAN / WAN management, VLANs, routers / switches, VPNs (Azure or Always On), firewall configuration, and protocols (DNS, DHCP, TCP / IP). … Proficient in PowerShell for automation and reporting. Knowledge of Power Automate and CI / CD pipelines. Knowledge of disaster recovery and business continuity planning. Experience with storage solutions and playbook maintenance. Experience with Microsoft Defender, Sentinel or equivalent SIEM tools, RBAC, PIM, and awareness of ISO 27001 / Cyber Essentials. Familiarity with IAM, PAM … Exchange, Purview, Intune, Teams, Power Platform, and other Microsoft services. Experience in Windows Server admin, OS hardening, patching, Hyper-V, VM provisioning, backup, HA, and clustering. Knowledge of AD / AAD, GPOs, Entra ID, SSO, MFA, and Conditional Access. Open to adopting new tools, technologies, and methodologies. Clear in both verbal and written communication; confirms understanding when conveying information. More ❯