376 to 400 of 738 ISO/IEC 27001 Jobs in the UK

vendor services. Track vendor spend and ensure alignment with financial goals. Risk & Compliance Management Ensure vendors comply with regulatory, security, and data protection requirements (e.g., PCI DSS, GDPR, ISO 27001). Conduct regular vendor risk assessments and monitor any security or compliance concerns. Partner with Security and Compliance teams to ensure third-party risk is actively … cost optimization, and risk assessment. Ability to lead Quarterly Business Reviews (QBRs) and drive service improvements. Understanding of regulatory requirements relevant to vendor management (e.g., PCI DSS, GDPR, ISO 27001). Excellent stakeholder management, communication, and negotiation skills. Strong analytical mindset with experience using data to assess vendor performance and impact. ?Education & Experience: Bachelors degree in More ❯

PureCyber combines both defensive & offensive cyber security, with expert governance & compliance consultancy - offering organisations a comprehensive service. Our all-in-one solution simplifies cyber security by providing 24 / 7 protection, proactive threat intelligence, expert consultancy, and real-world attack simulations - all from a single, trusted source. Our goal is to provide peace of mind to our clients, knowing … Drive awareness and education of cybersecurity risks and responsibilities throughout the organisation. Travel to client sites as required. Person Specification Essential: Experience implementing security standards and frameworks such as ISO27001, PCI DSS, NIST, IASME Cyber Assurance etc. Proven ability to lead risk assessments and manage control frameworks Strong written and verbal communication skills, with the ability to present risk topics … to both technical and non-technical stakeholders. ISO27001 Lead Implementer or Auditor certification Desirable: CISSP, CISM, CRISC or other relevant certification. Cyber Essentials certification More ❯

with senior stakeholders across the business while working closely with Technology Services colleagues to implement procedural and technical aspects of Security Operations, including liaison and engagement with the MSSP / SOC. What will you be doing? In this role, you will play a key role in implementing, optimizing, and maintaining the cloud infrastructure, ensuring robust performance, high availability, and … Automation Proven experience working with AWS and Azure, managing Virtual machines, Cloud Apps and Virtual Networking Strong background in on-prem technologies like vSphere, Active Directory and Exchange, WAN / LAN Strong troubleshooting skills and diagnostic abilities for BAU escalations An aptitude for Security and a keen eye for detail. Ideally but not mandatory - Load Balancing, IP Telephony and … will have a proven track record in cloud infrastructure with a sound understanding of security (anti-virus, firewalls, access control, etc.) and ideally bring knowledge of Cyber Essentials Plus, ISO27001, CIS, OR NIST. Your Benefits If flexible working is important to you, then look no further! At StepChange, we are proud of our culture and our commitment to flexible working. More ❯

compliance frameworks, and governance models, applying your expertise of best practices to help reduce security risks, strengthen compliance posture, and allow customers to accelerate their journey to their business / security outcomes on AWS. You'll help customers navigate complex regulatory requirements, design resilient cloud architectures that meet / exceed compliance standards, and implement effective security monitoring and … never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Work / Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as … consulting of Security and Compliance frameworks 4+ years of experience building security controls across cloud environments or experience with security protocols and standards such as NIST, IPCI-DSS, ISO27001, ISO27701, ISO42001, NIST 800-53 Experience in internal enterprise or external customer-facing environment as a security technical lead Experience in Security operations such as vulnerability management, security incident response More ❯

per annum Closing date: 19 Jun 2025 Sector: IT Job Role: Cyber Security Consultant Job Type: Permanent Job Description We are seeking an experienced Cyber Security Analyst / Engineer to join a large company based in West London. This full-time, permanent role offers a salary of up to GBP … benefits, and hybrid working arrangements. The successful candidate will be involved in operational security initiatives during a period of growth and change. Responsibilities Collaborate with the wider business on ISO27001 and Cyber Essentials compliance Monitor network and data security Respond to security tickets and work with teams on access control, malware, and vulnerabilities Deploy and manage SIEM solutions Support ongoing More ❯

Controls Manager UK based Department: Data & Technology Employment Type: Permanent - Full Time Location: UK (London) Description IT Risk & Controls Manager London or Malta Hybrid, two days in office Permanent / full-time We are a fast-growing global reinsurance speciality company servicing the insurance markets of Lloyd's, Europe and North America. Due to expansion and further regulatory obligations … group. An ideal opportunity to get your hands round a company-wide security strategy, you'll also be able to influence a major project to modernise our whole IT / cloud estate. Responsibilities • Collaborate with stakeholders to drive security initiatives and strategy • Implement a best practice IT Controls Framework • Act as the security SME across IT, overseeing security operations … of the DORA framework and know how to translate requirements into business deliverables • Track record of implementing and managing IT and cybersecurity control frameworks • Experience with security certification processes (ISO27001, NIST, etc.) • Demonstrated success in remediation of audit findings and control gaps • History of leading security awareness programs and training initiatives • Experience working with external auditors • Familiarity with cloud environments More ❯

aligned to the Client's Company Management System & information & configuration management requirements. This will include developing the appropriate strategy, KPIs, dashboards, procedures, best practices, lessons learned and reporting systems / applications which align to the Client's policies, procedures, and legal requirements. The position is open to United Kingdom (UK) Nationals only. Some UK dual citizens may be considered. … and issuing transmittals, library management, etc Lead the delivery of information management processes appropriate for each category and classification of information to ensure effective control and management of documents / records Education and Experience Requirements: Requires bachelor's degree (or international equivalent) and a number of years of relevant experience. Required Knowledge … and Skills: 15+ years' experience in Information & Configuration Management across infrastructure programmes of significant size and complexity, preferably within nuclear or highly regulated industry Hands on experience of a ISO27001 or equivalent environment In-depth knowledge of designing and implementing information & configuration management strategies and process improvement practices across large programmes and multi-disciplinary teams Ability to set up and More ❯

aligned to the Client's Company Management System & information & configuration management requirements. This will include developing the appropriate strategy, KPIs, dashboards, procedures, best practices, lessons learned and reporting systems / applications which align to the Client's policies, procedures, and legal requirements. The position is open to United Kingdom (UK) Nationals only. Some UK dual citizens may be considered. … and issuing transmittals, library management, etc Lead the delivery of information management processes appropriate for each category and classification of information to ensure effective control and management of documents / records Education and Experience Requirements: Requires bachelor's degree (or international equivalent) and a number of years of relevant experience. Required Knowledge … and Skills: 15+ years' experience in Information & Configuration Management across infrastructure programmes of significant size and complexity, preferably within nuclear or highly regulated industry Hands on experience of a ISO27001 or equivalent environment In-depth knowledge of designing and implementing information & configuration management strategies and process improvement practices across large programmes and multi-disciplinary teams Ability to set up and More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯

member firms and stakeholders in the global firm to participate in the Technology Standards and Maturity Assessment with the objective to assess the member firm's overall IT capability / maturity and to help them establish their own priorities. Keep abreast of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied and advise on … decisions with technology risk impacts as new activities and other change management / transformational initiatives. Leverage available technical resources / tools to research; expand technology risk knowledge to enhance work product, to remain up to date on member firms and line of businesses hot topics while sharing the technology risk knowledge amongst the team where applicable. Advise member … programme process including the use of ServiceNow Integrated Risk Management module to support integrated IT risk Management processes. An understanding of the principals around CMMI, COBIT, ITIL, PMI, Prince2, ISO27001, SOC2. Cybersecurity or IT Risk Management experience which should include either control testing or compliance assessment experience. A strong understanding of system development life cycles approaches and concepts (CMMI knowledge More ❯

solutions for the past 30 years to world-renowned, international clients. We are a Microsoft Gold Partner with six gold competencies, a Tier 1 Microsoft CSP relationship and are ISO27001 & ISO9001 accredited. Our clients rely on our specialist expertise across infrastructure, cloud solutions, hybrid working, modern workplace, data and BI, cyber security, governance and compliance, and networking. We have built … project management team and this new position will suit an experienced IT Project Manager, with a deep understanding of delivering managed services projects, predominantly in the Microsoft Modern Work / M365 space. Responsibilities Client Engagement Act as the primary point of contact for clients, understanding their needs and expectations. Collaborate with clients to define project requirements, scope, and objectives. … Prince 2 Practitioner or other (equivalent) industry-recognised qualifications. Background of working as a Project Manager in a Managed Service Provider environment, delivering cloud-based projects (Microsoft Modern Work / M365 technology stack) Solid understanding of both, Waterfall and Agile methodologies, with the ability to apply the most appropriate project controls to suit the situation. Strong understanding of IT More ❯

business systems. Scripting or automation skills (PowerShell, Python, etc.) and experience with source control tools (e.g., Git). Strong awareness of cybersecurity and data protection principles (e.g., GDPR, ISO 27001). Interpersonal skills, with the ability to influence without authority and foster collaboration across disciplines. Clear communication skills to engage both technical and non-technical stakeholders. More ❯

meet business needs Capacity management Basic hardware maintenance of servers and PCs Significant experience of the following will be beneficial: Microsoft Exchange Server IT security frameworks such as ISO 27001, Cyber Essentials DevOps tools and processes, including Team Foundation Server and containerization Free on-site gym 5% contributory pension Annual Team Tour 33 days holiday If More ❯

Experience working with core Linux distributions (Debian, RHEL, SUSE, Slackware) Familiarity with container orchestration technologies (EKS or AKS preferred) Experience with deployment pipeline tools such as Ansible, Jenkins, and / or GitHub Actions Proficiency working with Infrastructure as Code (IaC) A desire to adopt and implement emergent technologies and best practices Strong verbal and written communication skills in English … Administration Linux Administration Software engineering disciplines Proficiency developing for serverless frameworks such as Azure Functions or AWS Lambda Experience with compliance frameworks such as SOC 2 Type 2, ISO-27001, FedRAMP, or IRAP and privacy regulations suchas GDPR and PIPEDA Roadmap for Success 90 Days: Onboarding and role-training is complete You're building foundational knowledge of the More ❯

AWS environments and our multi- cloud infrastructure services. Ensure robust architecture, high availability, scalability, and security of managed AWS accounts. Implement and refine DevOps best practices, automation, and CI / CD pipelines to enhance service delivery. Own resource management and planning to ensure suitable capacity to deal with workload fluctuations. Customer Engagement & Escalation Management: Overseeing project-based engineering and … Duty, AFT, EC2, S3, RDS, etc.) and the six pillars of the well- architected framework. Proficiency in infrastructure-as-code (e.g. Terraform, CloudFormation) and automation tools. Familiarity with CI / CD pipelines, containerisation (Docker, Kubernetes), and monitoring / alerting systems. Strong grasp of security, compliance, and disaster recovery strategies in cloud environments. Soft Skills: A data obsessed mindset More ❯

AWS environments and our multi- cloud infrastructure services. Ensure robust architecture, high availability, scalability, and security of managed AWS accounts. Implement and refine DevOps best practices, automation, and CI / CD pipelines to enhance service delivery. Own resource management and planning to ensure suitable capacity to deal with workload fluctuations. Customer Engagement & Escalation Management: Overseeing project-based engineering and … Duty, AFT, EC2, S3, RDS, etc.) and the six pillars of the well- architected framework. Proficiency in infrastructure-as-code (e.g. Terraform, CloudFormation) and automation tools. Familiarity with CI / CD pipelines, containerisation (Docker, Kubernetes), and monitoring / alerting systems. Strong grasp of security, compliance, and disaster recovery strategies in cloud environments. Soft Skills: A data obsessed mindset More ❯

to multitask and prioritise in a fast-paced environment. Desirable: Experience using Power BI to visualise and communicate data insights. Awareness of international information security standards and frameworks (e.g. ISO27001, ISO27017, GDPR, Cyber Essentials Plus). Understanding of common security risks, threats, and mitigation approaches. Tenacity, attention to detail, and a problem-solving mindset. Willingness to learn and develop in More ❯

be between £40,000 and £50,000 plus benefits depending on experience. Key Responsibilities * Develop, implement and maintain comprehensive IT security processes and procedures in support of achieving ISO 27001. * Conduct security audits, risk assessments and compliance reporting to identify vulnerabilities and recommend corrective actions. * Collaborate with various departments to ensure comprehensive security awareness and adherence to established More ❯

clearly to non-technical stakeholders Work closely with teams to support data-driven decisions Compliance & Lifecycle Support GDPR compliance and Data Lifecycle Management Contribute to maintaining Cyber Essentials and ISO27001 standards Training & Culture Promote data literacy across teams Deliver internal training on Power BI, Excel and other data tools Embed data metrics into team performance tracking What You’ll Need More ❯

clearly to non-technical stakeholders Work closely with teams to support data-driven decisions Compliance & Lifecycle Support GDPR compliance and Data Lifecycle Management Contribute to maintaining Cyber Essentials and ISO27001 standards Training & Culture Promote data literacy across teams Deliver internal training on Power BI, Excel and other data tools Embed data metrics into team performance tracking What You'll Need More ❯

Hands-On): - Cloud & Modern Workplace: Microsoft 365, Azure AD, Intune, Teams, Conditional Access - On-Premise Infrastructure: Windows Server, VMware, Hyper-V, DNS, DHCP, Active Directory - Security & Compliance: Cyber Essentials+, ISO27001, Firewalls, SIEM, EDR, VPN - Remote Monitoring & Management (RMM): Patch Management, NAble, Proactive Monitoring - Licensing Models: Microsoft CSP, NCE, OV, SPLA, Volume Licensing This is a brilliant opportunity for a results More ❯

to be a multi award-winning workplace, recognized by Best Companies as Best Company To Work For in the UK, Tech, and the South East in 2023. We are ISO27001 and ISO9001 certified by UKAS, a CREST approved penetration testing and SOC company, and hold IASME Cyber Essentials Certification and Cyber Essentials Plus certification. Learn more about our awards here More ❯