26 to 50 of 850 ISO/IEC 27001 Jobs in the UK

in Identity Verification, Managed Endpoints, Threat Detection, Secure Remote Access, and Adaptive Security Policies, balancing exceptional user experience with enterprise grade security. We operate under an ISO / IEC 27001 certified ISMS and an ITIL aligned service management framework, ensuring integrity, resilience, and operational excellence. Joining Zero Plus means being part of a … plans, schedules, and resource models. Oversee functional, regression, integration, UAT, and performance testing. Manage test environments, data, automation frameworks, and tooling. Ensure coverage across EUC technologies including Windows 10 / 11, Microsoft 365, collaboration tools, and VDI platforms. Lead defect management, triage, and resolution processes. Provide clear reporting on test progress, risks, and issues to senior stakeholders. Ensure compliance … with ISO / IEC 27001, IT governance, and change management processes. Drive continuous improvement of testing methods, automation, and processes. This is a leadership role with real visibility, ensuring that secure, user-centric solutions are delivered consistently and effectively. What We’re Looking For We would love to hear from you if you More ❯

at its heart. As Cornerstone’s Information Security Manager, you will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS), ensuring alignment with ISO 27001:2022. You will be responsible for safeguarding our digital infrastructure, managing cyber risk, and embedding a security-first culture across the organisation. This is a strategic … security controls remain effective. Where gaps are identified, implement appropriate mitigation measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the IT & Digital function. Actively support and contribute to health and safety, environmental sustainability, business continuity, and … information security initiatives, ensuring we meet our obligations to customers and regulatory standards Delivery ISMS Leadership: Own and maintain the ISMS, ensuring it meets ISO 27001:2022 requirements and supports business objectives. Risk Management: Identify, evaluate, and mitigate information security risks across systems, suppliers, and processes. Maintain visibility over key cyber risks and report to senior More ❯

at its heart. As Cornerstone’s Information Security Manager, you will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS), ensuring alignment with ISO 27001:2022. You will be responsible for safeguarding our digital infrastructure, managing cyber risk, and embedding a security-first culture across the organisation. This is a strategic … security controls remain effective. Where gaps are identified, implement appropriate mitigation measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the IT & Digital function. Actively support and contribute to health and safety, environmental sustainability, business continuity, and … information security initiatives, ensuring we meet our obligations to customers and regulatory standards Delivery ISMS Leadership: Own and maintain the ISMS, ensuring it meets ISO 27001:2022 requirements and supports business objectives. Risk Management: Identify, evaluate, and mitigate information security risks across systems, suppliers, and processes. Maintain visibility over key cyber risks and report to senior More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm's long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / company / ryder-reid-legal More ❯

London - UK / IT / Navro - Pioneering the Future of Payments Architecting Trust: Information Security Manager This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. You won't have layers of approval slowing you down. You will have the freedom … Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture. Successfully lead internal and external security audits - ISO 27001 / SOC2 Type II / PCI DSS. Champion a company wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security … other key stakeholders on implementing and maintaining security policies and standards including disaster recovery and business continuity testing. Work with Sales and Operations on business critical procedures for onboarding / offboarding clients and vendors. Act as primary contact for security due diligence and assessments. Project manage initiatives with product and engineering teams to embed "security by design" into products More ❯

Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT) / SOC Level 3 Analyst … are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to test resilience and improve preparedness. Reporting: Develop and improve reporting dashboards and security / performance metrics to drive continuous improvement in security operations. Security Tools Support: Support the implementation, maintenance, and configuration of security tools and systems for prevention, detection, and response. Audit … OT environments. SOC-specific training, qualifications, or a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC / GCIA / GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO More ❯

ground up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO / IEC 27001, NIST 800-30 / 53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. … Collaborate with multi-disciplinary teams to ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-, and ISN 23 / 09 Secure by Design. Support incident response and remediation activities for security events affecting products and systems. Produce and maintain security documentation, policies, and training materials. Communicate risk findings, recommendations, and mitigation strategies to both technical and … the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001 / 2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who can balance More ❯

working in the building & construction industry to hire a CISO. This is a strategic leadership role which is responsible for defining, implementing, maintaining and evolving the firm's information / cybersecurity strategies. As part of the position, you will support the CDTO across Operational Resilience and Business Continuity practices, to ensure that systems, processes, and people are prepared for … threats and that firm practices remain aligned with relevant laws, regulations (including PRA, FCA, GCPR, UK DPA, etc). The company are looking for people with the following skills / experience: Previous experience and success working in a senior cybersecurity position. Experience working with modern cloud and SaaS based environments. Exeprience with legacy system migration. Experience working in a … possessing good knowledge of PRA regulation. Good knowledge of Operational Resilience. Solid understanding of relevant legal, regulatory and security management frameworks requirements, such as PRA, CBEST, ISO / IEC 27001, ITIL, COBIT or equivalent. Experience with vendor and contract negotiations. Excellent communicator and stakeholder management skills. Ability to lead and motivate InfoSec teams More ❯

working in the building & construction industry to hire a CISO. This is a strategic leadership role which is responsible for defining, implementing, maintaining and evolving the firm’s information / cybersecurity strategies. As part of the position, you will support the CDTO across Operational Resilience and Business Continuity practices, to ensure that systems, processes, and people are prepared for … threats and that firm practices remain aligned with relevant laws, regulations (including PRA, FCA, GCPR, UK DPA, etc). The company are looking for people with the following skills / experience: Previous experience and success working in a senior cybersecurity position. Experience working with modern cloud and SaaS based environments. Experience with legacy system migration. Experience working in a … possessing good knowledge of PRA regulation. Good knowledge of Operational Resilience. Solid understanding of relevant legal, regulatory and security management frameworks requirements, such as PRA, CBEST, ISO / IEC 27001, ITIL, COBIT or equivalent. Experience with vendor and contract negotiations. Excellent communicator and stakeholder management skills. Ability to lead and motivate InfoSec teams More ❯

27001:2022 certification and ensure adherence to health, safety, financial, and privacy regulations. What are we looking for? Degree level qualified or equivalent - essential. CISM and / or CISSP or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is highly desirable Demonstratable experience in an … Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Experience of information security management and / or security awareness. Good knowledge of industry standard frameworks and best practices – ISO 27001: 2022, NIS2, AI Act etc. and their practical application in a … maintain data classification standards within a corporate environment. Experience in developing and executing an Information Security awareness training across multi-business units. Experience with ensuring corporate compliance with UK / EMEA data protection legislation such as DPA and GDPR. Good knowledge of a broad range of IT technology platforms, products, services. Stakeholder management experience at both a technical and More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO More ❯

Incident Response (CSIRT) / SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high … in incident response and advanced threat hunting. A degree in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC / GCIA / GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS / IPS, NAC, DLP, and related security technologies. Familiarity … with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO / IEC 27001 / 27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT More ❯

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST 800-53 or OWASP … Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

Name: Contact No: Email Id: Total Years of Experience Vendor Name Notice Period Willing to work in client location- 2 days onsite Email confirmation from candidate before client int / v Visa Status Day Rate / Salary Current Location Current Company Open for Permanent / Contract Current offers / Interviews in pipeline Interview availability Holidays booked … enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration Lead end-to-end migration from legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (e.g., NHS DSP Toolkit, HIPAA). Define data retention policies, PIA / DPIA frameworks More ❯

Senior OT / CNI Security Architect UK-based | Remote with client travel | Must be eligible for UK Gov Security Clearance We’re seeking a Senior OT Security Architect to join a fast-paced consulting engagement within a complex, high-impact technology environment. The Senior OT / CNI Security Architect will help secure some of the most critical environments … CNI clients. You’ll blend hands-on technical expertise and security architecture with a consulting mindset, acting as a trusted advisor to clients and shaping secure-by-design OT / ICS and hybrid IT / OT solutions. What you’ll do: Design and deliver OT / CNI security architectures for ICS / SCADA, industrial networks and … hybrid IT / OT environments Produce key artefacts: threat models, risk assessments, high / low-level designs, security roadmaps Work with client engineering, ops and security teams in a trusted advisor capacity Lead or support cyber / OT security assessments and transformation projects Contribute to the development of our OT / CNI consulting offerings and collateral More ❯

Senior OT / CNI Security Architect UK-based | Remote with client travel | Must be eligible for UK Gov Security Clearance We’re seeking a Senior OT Security Architect to join a fast-paced consulting engagement within a complex, high-impact technology environment. The Senior OT / CNI Security Architect will help secure some of the most critical environments … CNI clients. You’ll blend hands-on technical expertise and security architecture with a consulting mindset, acting as a trusted advisor to clients and shaping secure-by-design OT / ICS and hybrid IT / OT solutions. What you’ll do: Design and deliver OT / CNI security architectures for ICS / SCADA, industrial networks and … hybrid IT / OT environments Produce key artefacts: threat models, risk assessments, high / low-level designs, security roadmaps Work with client engineering, ops and security teams in a trusted advisor capacity Lead or support cyber / OT security assessments and transformation projects Contribute to the development of our OT / CNI consulting offerings and collateral More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business … wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO / IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and … Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust More ❯

automation, enhancing client experiences, and building strong team dynamics. Because client communication and information security are vital to the service we deliver, you’ll receive Client Communication and ISO 27001 awareness training, delivered as part of your onboarding. This will ensure you’re confident not only in the technical aspects of your role, but also in … our Python automation framework, by writing plugins • Collaborate with colleagues to continuously improve internal processes and automation • Document fixes and create knowledge base articles • Operate in line with ISO 27001 standards and best practices for security and compliance • Participate in the on-call rota (after probation) • Support the wider team, sharing knowledge and contributing ideas for … continuous improvement What You’ll Gain • Client Communication and ISO 27001 awareness training • Hands-on experience with GitOps and infrastructure as code from the start • Mentoring to grow your Python, DevOps, security, and automation skills • Regular opportunities to contribute to automation and tooling • A friendly, supportive team culture where learning is encouraged • The chance to directly More ❯

recruiting an Infrastructure Specialist Engineer to join its delivery function. This is a hands-on, delivery-oriented role acting as the technical deployment lead across projects and programmes, installing / decommissioning services and delivering multiple IT platforms across hybrid and on-prem environments using Microsoft technologies (Windows Server and Azure). You’ll build secure, resilient, and supportable platforms … that align with architectural standards and project timelines. The ideal candidate will work from high- / low-level designs to implement and integrate infrastructure, plan and schedule deployments, manage risk and change, design test scripts and environments, and produce clear build / operational documentation for seamless service transition into BAU. Close collaboration with solutions architects, project / … site as projects require. Candidates must be eligible to obtain SC security clearance Duties and responsibilities Build and configure on-prem infrastructure (Windows Server, virtualisation, storage, networking) and deploy / integrate Azure services (IaaS / PaaS / SaaS, VMs, storage, networking, identity). Deliver to approved designs; collaborate with architects, PMs and cyber engineers to meet specification More ❯

Plus, ISO 27001, DSPT and GDPR. Responsibilities Conduct risk assessments for systems, projects and third parties; document findings and remediation. Review and respond to supplier / security questionnaires and tender submissions. Support vulnerability and patch management; interpret scans and prioritise fixes. Advise IT teams on alerts, incidents and security configuration (M365 / Azure / Defender / DLP / Conditional Access). Maintain risk register and track remediation actions from audits or incidents. Support compliance activities (ISO 27001, Cyber Essentials Plus, DSPT) and contribute to policy updates. Provide clear security advice to projects and senior stakeholders. What you'll need to succeed Proven experience in information security, with … M365, Defender suite, DLP, Conditional Access). Skilled in evaluating supplier security through questionnaires, procurement documents, and assurance reviews. Knowledgeable in risk management practices and frameworks such as ISO 27005 and NIST RMF. Familiar with key compliance standards including ISO 27001, Cyber Essentials Plus, DSPT, and GDPR. Capable of interpreting vulnerability assessments and advising More ❯

Location: London / Leicester / Essex Hybrid: 2-3 days in office Our client is financial service company. They are looking for a passionate and detail-oriented Information & Cyber Security Executive to join the teams. The role encompasses all aspects of information security including organisational security and governance, people security, physical (site) security and technical security controls. The … salary up to £80k base + £5k car allowance and other benefits. What You'll Do Assess compliance with internal security policies and industry standards (eg, ISO / IEC 27001 / 2, PCI-DSS). Conduct supplier risk assessments and third-party due diligence. Support vulnerability assessments, incident investigations, and operational resilience More ❯

Location: London / Leicester / Essex Hybrid: 2-3 days in office Our client is financial service company. They are looking for a passionate and detail-oriented Information & Cyber Security Executive to join the teams. The role encompasses all aspects of information security including organisational security and governance, people security, physical (site) security and technical security controls. The … salary up to £80k base + £5k car allowance and other benefits. What You'll Do Assess compliance with internal security policies and industry standards (eg, ISO / IEC 27001 / 2, PCI-DSS). Conduct supplier risk assessments and third-party due diligence. Support vulnerability assessments, incident investigations, and operational resilience More ❯

organisations build trust, security, and resilience across their digital operations. Their specialist services span AI Governance as a Service (AIGaaS) , Virtual Data Protection Officer (vDPO) support, ISO / TISAX compliance , and digital resilience strategy . To support their next phase of growth, they're seeking a commercially driven Business Development professional to accelerate expansion across the SME … makers. Highly self-motivated with a proactive, start-up mindset. Excellent communication, negotiation, and commercial acumen. Organised approach to pipeline management and CRM usage. Familiarity with AI governance, GDPR / data protection, and cyber risk frameworks . Understanding of ISO / TISAX / ISO 27001 or other compliance standards desirable. More ❯

Please follow this link to apply: https: / / hr.breathehr.com / recruitment / vacancies / 43566?identifier=oxforddynamics Role Summary We are seeking a senior full-stack AI / ML engineer with deep expertise in agentic AI frameworks such as LangGraph (or equivalent) and proven commercial experience building complex, multi-agent systems with more … production-ready ML pipelines from ingestion to inference. Infrastructure & Deployment - Implement, and maintain multi-account, multi-region AWS environments using IaC (Terraform, Helm, CloudFormation). - Manage Kubernetes clusters (EKS / OpenShift), service meshes, and container registries. - Implement GitHub Actions / Argo CD pipelines for automated, zero-touch deployments. - Lead security hardening efforts using GuardDuty, CloudWatch, IAM best practices. … equivalent agentic AI projects with more than four agents in production. - Strong grasp of multi-agent orchestration, memory, and tool integration. - Proficiency in Python for AI development and Bash / Go for automation. - Familiarity with AWS core services (EC2, VPC, IAM, S3, ALB / ELB, CloudFront, ECR / ECS, Elastic Beanstalk, Control Tower). - Familiarity with IaC More ❯