26 to 50 of 1,176 ISO/IEC 27001 Jobs in the UK

and maintain the organization's information security strategy, policies, and procedures, aligning them with business objectives and risk tolerance. Oversee the maintenance and expansion of existing security certifications (ISO 27001, SOC 2) and drive initiatives for future certifications (e.g., ISO 22301, DORA). Direct regular security audits, risk assessments, and vulnerability analyses, ensuring that … of security architecture, technologies, best practices and IT-regulations that apply to financial institutions or its outsourcing partners. In-depth knowledge of relevant regulatory requirements and industry standards (ISO 27001, SOC 2, GDPR, DORA, etc.). Experience with cloud security (AWS, Google etc.), application security, and DevSecOps practices is a significant plus. Proven experience in developing More ❯

cyber security team! Working alongside the team you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools / technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department … projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc. Required experience: Minimum of 2 years' experience in a Security Engineer / Analyst role focusing on designing and implementing security solutions and managing security infrastructure. Previous experience working within a financial services environment and a working understanding of relevant regulations. Experience … Security Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self-starter with strong communication skills and be comfortable More ❯

cybersecurity trends, regulations, and best practices. Essential Requirements: Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security More ❯

cybersecurity trends, regulations, and best practices. Essential Requirements: Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security More ❯

Job Title: Cyber Security Test Analyst Location: Sheffield, UK (3 days / week Onsite) Duration: 6months+ Banking Client Experience required Job Summary: Required Experience Proven experience in software testing, preferably within Privileged Access Management (PAM) or Identity & Access Management (IAM). Experience with PAM solutions such as CyberArk, BeyondTrust, Delinea (Thycotic), or Microsoft PAM. Strong understanding of IAM principles … . Proficiency in test management tools such as JIRA Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Desirable: Experience working within an Agile (Scrum / Kanban) environment. Knowledge of CI / CD pipelines and DevSecOps practices. Experience with Cloud security testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM … or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). Kind Regards -- Priyanka Sharma Senior Delivery Consultant Office: 02033759240 Email: psharma@vallumassociates.com More ❯

in touch today! Responsibilities: Conducting regular security assessments and vulnerability testing. Developing and implementing security policies and procedures. Monitoring network traffic for unusual activity and potential threats using SOC / SIEM solutions. Responding to security breaches and carrying out forensic investigations. Ensuring compliance with industry standards and regulations, including ISO 27001 and GDPR. Delivering security … use of best-of-breed products. Collaborating with the IT team to design and implement secure network architectures. Generating automated security reports tailored for executive-level clients. Required Skills / Qualifications: A Bachelor's degree in Cyber Security, Information Technology, or a related field. A minimum of three years' experience in a cyber security role, infrastructure, or advanced third … line support. Strong knowledge of security frameworks and standards such as ISO 27001 and GDPR. Expertise in Microsoft 365, SharePoint, Azure architecture, security, and Entra. Proficiency in security tools and technologies, including firewalls, identity management, and layered security stacks. Experience in incident response and forensic analysis. Excellent problem-solving, analytical, and communication skills. Relevant certifications (e.g. More ❯

Cyber Security Engineer Reports to: Director / VP of Security Architecture & Engineering About Strada Global Strada Global is a leading provider of HR and payroll services, empowering businesses worldwide with innovative technology and secure, scalable solutions. As we continue to evolve, cybersecurity is at the core of our strategy, ensuring the protection of critical data, customer trust, and regulatory … and network security. Configure and maintain security tools, including SIEM, EDR, WAFs, firewalls, IAM, and vulnerability management platforms. Collaborate with infrastructure and DevOps teams to embed security into CI / CD pipelines. Lead the deployment of zero-trust architectures, security automation, and monitoring solutions. Support security incident detection, investigation, and response alongside the SOC and Red Team. Threat & Vulnerability … Extensive hands-on experience in cybersecurity engineering, security operations, or cloud security. Strong knowledge of Azure security controls, IAM, and cloud-native security services. Experience with endpoint security, SIEM / SOAR, network security, and automation tools. Familiarity with scripting (Python, PowerShell) and infrastructure-as-code (Terraform, Ansible). Deep understanding of vulnerability management, penetration testing, and security hardening. Knowledge More ❯

Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security … Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO … rd party operational infrastructure vendor management - i.e management of managed service partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy tech to Azure knowledge / experience, Prior to the last 5 years, a technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls / SDWAN, and Networks (WAN & / More ❯

control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001 / 27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency with security tools (SailPoint … we value yours. Experian's culture, people, and environments are main differentiators. We take our people's agenda very seriously. We focus on what matters; diversity and inclusion, work / life balance, flexible work, development, engagement, collaboration, wellness, rewards & recognitions, volunteering the list goes on! Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan … Flex Work / Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more. Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a More ❯

Cyber Security Engineer – MSP | £50,000–£60,000 + Benefits | Hybrid (London / Home Counties) Are you a rising star in cyber security looking to sharpen your skills across multiple environments? Join a fast growing MSP that delivers high-impact security solutions to a diverse client base across finance, legal, and SaaS sectors. We’re hiring a Cyber Security … ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR / XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking For: 5 years’ experience in a cyber security role (ideally within an MSP or multi-client More ❯

Cyber Security Engineer – MSP | £50,000–£60,000 + Benefits | Hybrid (London / Home Counties) Are you a rising star in cyber security looking to sharpen your skills across multiple environments? Join a fast growing MSP that delivers high-impact security solutions to a diverse client base across finance, legal, and SaaS sectors. We’re hiring a Cyber Security … ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR / XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking For: 5 years’ experience in a cyber security role (ideally within an MSP or multi-client More ❯

solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS / IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming / scripting skills for security automation Microsoft 365 Security Administration certification Cloud security certifications … Azure Security Engineer, AWS Security) Fortinet NSE certification (Level 7 or 8) Experience with security automation and orchestration Knowledge of compliance frameworks (ISO 27001, NIST More ❯

solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS / IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming / scripting skills for security automation Desirable: Microsoft 365 Security Administration certification Cloud security … certifications (Azure Security Engineer, AWS Security) Fortinet NSE certification (Level 7 or 8) Experience with security automation and orchestration Knowledge of compliance frameworks (ISO 27001, NIST More ❯

solutions Advanced knowledge of Microsoft Active Directory and Entra ID administration Demonstrated experience with SIEM implementation and management Strong background in network security and infrastructure protection Experience with IDS / IPS systems and security monitoring tools Proven incident response and threat hunting experience Programming / scripting skills for security automation Desirable: Microsoft 365 Security Administration certification Cloud security … certifications (Azure Security Engineer, AWS Security) Fortinet NSE certification (Level 7 or 8) Experience with security automation and orchestration Knowledge of compliance frameworks (ISO 27001, NIST More ❯

risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications / Skills Required Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. 5+ years of experience in information security, with a strong focus on risk assessment … and / or internal security audits. Demonstrated experience working with compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (e.g., NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and More ❯

key stakeholders to ensure risk levels are fully understood. Focus on building relationships and growing business with the customer, identifying new opportunities for the business. Your Profile Essential skills / knowledge / experience: Skilled in architecture design for systems and the underlying security infrastructure (i.e. firewalls). Holder a recognised, current security certificate (e.g., CISSP / CISM … security, zero trust models and low latency applications. Good communication and negotiation skills. A team player. Result oriented. Possess good problem-solving skills, planning and organizing skills. Desirable skills / knowledge / experience: Experience of designing security architecture within the retail sector. Rewards & Benefits TCS is consistently voted a Top Employer in the UK and globally. Our competitive … applicant who needs any adjustments to the application process or interview, please contact us at UKI.recruitment@tcs.com with the subject line: “Adjustment Request” or call TCS London Office 02031552100 / +44 204 520 2575 to request an adjustment. We welcome requests prior to you completing the application and at any stage of the recruitment process. Beware of Fraudulent offers More ❯

and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8 / 5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender. Role This company is seeking an experienced DevSecOps … testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI / CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident … GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com / privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8 / 5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender. Role This company is seeking an experienced DevSecOps … testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines (CI / CD) and security hardening. Deep understanding of PCI DSS compliance, security frameworks, and audit processes. Familiarity with SIEM solutions, security orchestration platforms, and log management. Strong experience with incident … GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com / privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London TPBN1_UKTJ More ❯

brands, ensuring our security approaches and technology align. Cloud Security Integration: You'll work with development, DevOps, and cloud engineering teams to embed cloud security controls into our CI / CD workflows and infrastructure-as-code. Cloud Security Posture: You'll utilise cloud-native and third-party security tools to keep an eye on our cloud security posture and … mix of Linux, Windows, Apple & Android OS. Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre. Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR. Experience … operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and / or SecOps oriented teams. A proven track record of analysing security requirements and applying architectural best practices. Previous work experience in an IT, InfoSec, or system administration role. Commercial More ❯

brands, ensuring our security approaches and technology align. Cloud Security Integration: You'll work with development, DevOps, and cloud engineering teams to embed cloud security controls into our CI / CD workflows and infrastructure-as-code. Cloud Security Posture: You'll utilise cloud-native and third-party security tools to keep an eye on our cloud security posture and … Linux, Windows, Apple & Android OS . Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience … operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for security automation. Experience working in or with agile and / or SecOps oriented teams . A proven track record of analysing security requirements and applying architectural best practices. Previous work experience in an IT, InfoSec, or system administration role. More ❯

findings to stakeholders or clients. Maintain thorough documentation of investigation steps, timelines, and decisions taken. ⚖️ Compliance & Risk Mitigation Ensure all incident handling aligns with frameworks such as NIST, ISO 27001, and GDPR. Work with compliance teams to manage regulatory reporting during security incidents. Your Profile 🔑 Essential Skills & Experience: Bachelor’s degree in Computer Science, Information Security … and threat hunting. Proven experience investigating APTs, ransomware, and data exfiltration attempts. Deep knowledge of SIEM platforms (e.g., Splunk, LogRhythm, ArcSight) and EDR solutions. Hands-on experience in network / system forensics and malware analysis. Familiarity with operating systems (Windows, Linux) and cloud environments (e.g., AWS, Azure). Proficiency in scripting languages like Python or PowerShell for automation and More ❯

our Security Operations Centre, Application Security, and Security Engineering teams. The successful candidate will play a crucial role in continuing to improve organizational maturity in line with our existing ISO27001 and ISO22301 certifications and implementing SOC2 controls. This role demands an experienced, highly skilled, and motivated professional committed to advancing our security strategies to protect critical assets and ensure operational … Management. • Conduct regular 1-2-1s, Performance Reviews, and Personal Development Plans of team members. • Develop and implement security policies, processes, and procedures to comply with SOC2 and ISO27001 standards. • Participate in Steering groups for Identity and Access Management and Data Protection • Setting and aligning team objectives and tasks to help achieve the overall Information Security and Compliance function … Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials. • Proven experience in managing security operations teams in a similar industry. • Familiarity with SOC2, PCI-DSS, ISO22301 and ISO27001 standards. Desirable Qualifications: • Bachelor’s or masters degree in CyberSecurity, Computer Science, Information Technology, or a related field • Cloud security qualifications such as ISC2 CCSP, CSA CCSK and AWS Security More ❯

This role requires an energetic self-starter that can liaise with Engineering teams and business both regionally and globally. Experience and knowledge in a financial institution's technology infrastructure / applications and control requirements are required together with strong interpersonal and analytical skills for this role. EXPERIENCE & SKILLS REQUIRED 10+ years of experience in Technology Risk, Technology Audit, Application … Security, Software / Infrastructure Engineering, or related fields. Experienced in regulatory technology related examinations. Proven ability to perform test of controls (design and operating effectiveness) e.g. Cloud, SDLC, AI / ML, Change Management, Identity and Access Management, Third Party, Encryption, Configuration Management, Patching, Network Security, Incident Response, Capacity and Resiliency. Knowledge with technology application and infrastructure components such … job / batch management) Email, messaging, and collaboration systems (Office 365, Exchange, SharePoint, instant messaging) Strong understanding of technology control frameworks and industry guidance such as COBIT, NIST, ISO27001, and FFIEC. Professional certifications such as CRISC, CISA, CISM, CISSP, CCSP, and AWS Certified Solutions Architect. Experience in managing regulatory exams and relationships with examiners and auditors Ability to work More ❯

and a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote Close Date: 04 / 07 / 2025 We also provide the following additional benefits Reservist Leave - Additional 18 days full pay and 22 unpaid Personal Pension Plan - Personal contribution rates of … integrate them with other systems. Monitor and analyse the security logs and alerts generated by these technologies and take appropriate actions. Cyber Security Frameworks : Working knowledge of Cyber Essentials, ISO27001:2022, CSA Cloud Controls Matrix, NCSC CAF and GDPR, is important to ensure that data is being managed. Programming and scripting: Proficient programming and scripting skills to automate security tasks … Networking, Firewall, SIEM, PAM or VM Products are beneficial. Technical Capabilities : Technical competence in one or more of the following areas IPSec VPN's, Networking, Network Security, MFA, AIX / Microsoft / Linux Operating Systems, Virtualization Platforms such as (VMware, Hyper-V, OpenShift), Cloud Security in Azure, End Point Security, Email Gateways, Enterprise Web Gateways, PKI and Certificates. More ❯

product development from requirements gathering through deployment. Collaborate with developers to identify, triage, and remediate application and cloud security vulnerabilities (e.g., XSS, SSRF, CSRF, CORS, SQL Injection, broken authentication / authorization, encryption flaws). Provide expert guidance on secure coding practices, common vulnerability classes (e.g., OWASP Top 10), and threat modeling for modern web applications. Conduct security reviews of … frameworks (e.g., Django, Node.js , React). Expert-level scripting and automation skills (e.g., Python, Bash, PowerShell) for workflow automation, tooling, and log analysis. Proficient in log analysis, SIEM usage / configuration, threat hunting, and querying tools to support detection and response. Familiarity with static and dynamic analysis techniques and vulnerability mitigation. Strong understanding of modern cloud platforms-especially AWS … EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering for a SaaS-based company. Experience leveraging automation or AI / ML tools to improve secure development, detection, incident response, or code analysis workflows. Benefits: (US-ONLY) 100% of medical, dental, and vision covered including 75% for dependents Flexible vacation More ❯