76 to 100 of 941 ISO/IEC 27001 Jobs in the UK

Onsite a Week) Start: ASAP Responsibilities: Security Leadership: Own and lead info security, align with business. ISO 27001 & ISMS: Maintain / evolve certification and ISMS. Risk & Compliance: Risk assessments, remediation, audits, GDPR compliance. Policies & Training: Create / manage policies, deliver security training. Security Operations … Implement controls (access, encryption, logging), lead incident response, manage pen tests / vulnerabilities. Customer / Vendor Security: Support security questionnaires / due diligence, review vendor security. Requirements: 3-5 years hands-on info security or IT risk / compliance. SaaS or fast-paced startup / scale-up experience. Good ISO 27001 knowledge (certification maintenance / achievement). Understanding of cloud (AWS preferred) and SaaS security risks. Hands-on with endpoint protection, SIEM, DLP, IAM, SSO. Clear understanding of GDPR. Familiarity with security tooling (endpoint, SSO / IAM, monitoring More ❯

operational security, and environmental sustainability. Key Responsibilities: Develop, implement, and maintain quality assurance policies and systems. Ensure compliance with relevant quality standards (e.g., ISO 9001, Six Sigma). Oversee the development and enforcement of security policies, including data security and physical security measures. Ensure compliance with relevant security … frameworks (e.g., ISO 27001, GDPR, etc.). Develop and manage the environmental management system (EMS) in line with relevant standards (e.g., ISO 14001). Ensure compliance with environmental regulations, permits, and reporting requirements. ABOUT YOU Skills and Competencies A strong understanding of integrated management … systems (IMS) and relevant regulatory frameworks (ISO 9001, ISO 27001, ISO 14001). Experience conducting internal and external audits for quality, security, and environmental compliance. Education: A higher education course at UK level 4 or above in any related field such as More ❯

definition of policies, standards and procedures for information security and data governance, moving Metro Bank towards alignment with industry good practice standards (e.g. ISO 27001, ITIL). Direct day-to-day management of information security and data controls, monitoring and incident response, with support from your … practice in Banking and the established approaches to mitigating these. A deep understanding of information and data risk and control frameworks and standards, e.g. ISO27001, PCI DSS, NIST+. Strong leadership skills and proven ability to build, inspire, direct, motivate and performance-manage a multi-disciplinary team. MSc Information Security / MCIISec / CISSP / CISM / ISO27001 Lead Auditor or equivalent. Our promise to you We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension More ❯

providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence, contract oversight, and continuity planning. Audit & Assurance: Participate in internal / external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes … risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management , endpoint security (EDR / XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management … Experience: 4+ years in GRC roles ; financial services or banking experience is a strong plus . Understanding of GDPR , DORA , PCI DSS, and outsourcing / third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools . Proficiency in IAM More ❯

providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements , including due diligence, contract oversight, and continuity planning. Audit & Assurance: Participate in internal / external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes … risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management , endpoint security (EDR / XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management … Experience: 4+ years in GRC roles ; financial services or banking experience is a strong plus . Understanding of GDPR , DORA , PCI DSS, and outsourcing / third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools . Proficiency in IAM More ❯

providers, and outsourced services. Ensure compliance with DORA's outsourcing requirements , including due diligence, contract oversight, and continuity planning. Audit & Assurance: Participate in internal / external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes … risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management , endpoint security (EDR / XDR) , and cloud compliance . Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management … years in GRC roles ; financial services or banking experience is a strong plus . Regulatory Knowledge: Understanding of GDPR , DORA , PCI DSS, and outsourcing / third-party risk requirements. Technical Skills: Hands-on experience with ISO 27001 implementation and third-party risk tools . Proficiency More ❯

and repair of hardware and software, either in-house or through service providers. Manage information security protocols in line with Cyber Essentials Plus, ISO 27001, and ISO 19650 – with regular audits and user education. Set, manage, and monitor the IT budget for the organisation … not necessarily in the AEC space. Strong understanding of network management, cyber security frameworks, cloud services, and infrastructure. Familiarity with standards such as ISO 27001, ISO 19650, and Cyber Essentials Plus. Experience managing budgets, IT procurement, and vendor relationships. Excellent communication and leadership skills More ❯

and repair of hardware and software, either in-house or through service providers. Manage information security protocols in line with Cyber Essentials Plus, ISO 27001, and ISO 19650 – with regular audits and user education. Set, manage, and monitor the IT budget for the organisation … not necessarily in the AEC space. Strong understanding of network management, cyber security frameworks, cloud services, and infrastructure. Familiarity with standards such as ISO 27001, ISO 19650, and Cyber Essentials Plus. Experience managing budgets, IT procurement, and vendor relationships. Excellent communication and leadership skills More ❯

to replace legacy on-premises applications, further reinforcing it as the single data source for our business users. Hybrid working Inside IR35 Key Deliverables / Responsibilities ' • Lead the development of Dynamics 365 CRM solutions and integrated systems' • To act as the conduit for work requirements to more junior devs … visualisation using available platforms, such as PowerBI, CRM Dashboards and SSRS' • Participate in all aspects of the platform's development life cycle Key Skills / Experience ' • Led the Development and support of Microsoft Dynamics 365' • Development of CRM extensions and plugins with C# and JavaScript' • Development experience using Web … Platform (Power Apps, Power Automate etc.)' • Data analysis skills to assist in the troubleshooting of data related problems to provide resilient fixes Desirable Skills / Experience ' • Simego synchronisation' • Power BI' • Microsoft SQL / SSIS / SSRS' • PowerShell' • Microsoft SharePoint' • Understanding of ISO 27001 More ❯

in being a highly skilled Cybersecurity practitioner in primary skills associated with GRC, as well as secondary skills - Technical (e.g., IDAM, Engineering, Network, IoT / OT security). The successful candidate will play a critical role in the Practice in support of clients and their security roadmap, business G … meet the changing needs of the global landscape. Required: Industry experience working in enterprise cyber security domain Security Practitioner, which includes execution of operational / tactical as well as strategy & program cyber security. Able to support the cyber security roadmap and management inclusive of security risk management, its development … lead a team and align security measures with enterprise IT security frameworks. Understanding of Security Solutions: MS Sentinel / Defender / Entra, Zscaler ZPA ZTMA, CrowdStrike, CyberArk, SailPoint, Ping, and ability to design and build a controls dashboard from evidence outputs from MS solutions, using ISO27K, NIST, NIS More ❯

requirements. Assisting in the maintenance of M&A playbooks based on company security standards, procedures, and best practices including account management, tenant management, information / IP protection management, proxy server management, security ingress / egress management, domain trusts posture, SSL / IPsec, security incident and event management … SIEM), data protection (DLP, encryption), and password / key management, vulnerability / threat assessment. Collaborating with security team members to develop all M&A security requirements for all hardware and software computing platforms, environments and solutions including developing and or modifying existing policies, procedures, hardening guides, based on … on areas of highest IT and cyber risk, to continuously improve on controls or automate compliance activities. Maintaining ongoing communication with the business, external / internal auditors as it relates to alignment on audit planning, walkthroughs / testing, audit requests, impact assessments, and deficiency evaluation of IT controls More ❯

Senior Infrastructure Engineer / IT Manager Glasgow - Hybrid (3 days in the office) FPSG seek an experienced Infrastructure Engineer / hands-on IT Manager to join an exciting market sector leader in Glasgow City Centre, to take ownership for the maintenance, enhancement and security for core systems. The … Sen Engineer / IT Manager will have responsibility for maintaining IT systems, policies and processes across all locations internationally. Driving system improvements and owning planning, deployment and security, also monitoring, maintaining and innovating multi-site infrastructure. The successful candidate will have key responsibilities including the following: Provide IT support … across all locations Implement / maintaining group-wide IT policies and processes (inc ISO 27001 and Soc2) Maintenance and improvement of infrastructure of critical business systems Managing Windows Server, Active Directory, LAN / WAN, Microsoft O365 Taking ownership for infrastructure improvement such as Cloud More ❯

. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote Close Date: 09 / 05 / 2025 . We also provide the following additional benefits Reservist Leave - Additional 18 days full pay and 22 unpaid Personal Pension … Monitor and analyse the security logs and alerts generated by these technologies and take appropriate actions. Cyber Security Frameworks : Working knowledge of Cyber Essentials, ISO27001:2022, CSA Cloud Controls Matrix, NCSC CAF and GDPR, is important to ensure that data is being managed. Programming and scripting: Proficient programming and scripting … VM Products are beneficial. Technical Capabilities : Technical competence in one or more of the following areas IPSec VPN's, Networking, Network Security, MFA, AIX / Microsoft / Linux Operating Systems, Virtualization Platforms such as (VMware, Hyper-V, OpenShift), Cloud Security in Azure, End Point Security, Email Gateways, Enterprise More ❯

to HS2. It is an SCSJV requirement that all employees, Design House, and Supply Chains must implement and comply with the requirements of ISO 9001:2015 Quality Management System, ISO 14001:2015 Environmental Management System with guidance for use", OHSAS 18001:2017 Occupational Health and Safety Management Systems and ISO / IEC 27001:2013 Information Security Management System, Policies, Plans, Procedures and Processes, and statutory requirements as they affect the Joint … and value diversity at our company. we do not discriminate on the basis of age, disability, sex, race, religion or belief, gender reassignment, marriage / civil partnership, pregnancy / maternity, or sexual orientation SCS Railways is a Disability Confident Leader. We want to encourage disabled people to apply More ❯

latest security trends, vulnerabilities, and emerging threats, and provide recommendations for improvements. Required Skills & Experience: Networking Expertise: Strong understanding of network protocols, including TCP / IP, DNS, DHCP, and routing. Experience with firewalls, VPNs, IDS / IPS systems, and network traffic analysis. Cloud Security: Deep experience securing cloud … Center, and identity management solutions like Azure Active Directory. Cisco Meraki: Hands-on experience configuring and managing Cisco Meraki firewalls, switches, and other networking / security appliances. Palo Alto Networks / Panorama: Expertise with Palo Alto Networks firewalls, including configuration, management, and troubleshooting of security policies and threat … to improve response efficiency. Automation & Scripting: Proficient in scripting languages such as Python, PowerShell, or Bash to automate tasks and security operations. Preferred Qualifications / Not Essential: Certifications: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) Azure certifications (e.g., Microsoft Certified More ❯

latest security trends, vulnerabilities, and emerging threats, and provide recommendations for improvements. Required Skills & Experience: Networking Expertise: Strong understanding of network protocols, including TCP / IP, DNS, DHCP, and routing. Experience with firewalls, VPNs, IDS / IPS systems, and network traffic analysis. Cloud Security: Deep experience securing cloud … Center, and identity management solutions like Azure Active Directory. Cisco Meraki: Hands-on experience configuring and managing Cisco Meraki firewalls, switches, and other networking / security appliances. Palo Alto Networks / Panorama: Expertise with Palo Alto Networks firewalls, including configuration, management, and troubleshooting of security policies and threat … to improve response efficiency. Automation & Scripting: Proficient in scripting languages such as Python, PowerShell, or Bash to automate tasks and security operations. Preferred Qualifications / Not Essential: Certifications: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) Azure certifications (e.g., Microsoft Certified More ❯

Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP … cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS / NIS2, DORA, UK CNI / OT / IIOT compliance. Hands-on experience building credibility with external stakeholders through More ❯

our Technical Services team where you will provide technology and data consultancy to clients covering areas including ad technology, web analytics, conversion optimisation, technology / data integration and data management. The work will encompass digital adtech / martech operations; the project management, trafficking, quality assurance and monitoring of … ongoing queries. Providing data extraction, reporting and analysis to clients in accordance with our processes. Assisting sales and account management teams on conference calls / meetings with clients. Providing technical support on the Leadscale Engine software platform in accordance with our processes including campaign setup and modification, user management … Sponsorship is not offered for this role. Desirable Experience in the digital marketing space. Experience of using and configuring online platforms such as SalesForce / Wordpress / Google Adwords Basic knowledge of HTML / Javascript / Jquery. As a member of our team, you will benefit More ❯

our Technical Services team where you will provide technology and data consultancy to clients covering areas including ad technology, web analytics, conversion optimisation, technology / data integration and data management. The work will encompass digital adtech / martech operations; the project management, trafficking, quality assurance and monitoring of … ongoing queries. Providing data extraction, reporting and analysis to clients in accordance with our processes. Assisting sales and account management teams on conference calls / meetings with clients. Providing technical support on the Leadscale Engine software platform in accordance with our processes including campaign setup and modification, user management … Sponsorship is not offered for this role. Desirable Experience in the digital marketing space. Experience of using and configuring online platforms such as SalesForce / Wordpress / Google Adwords Basic knowledge of HTML / Javascript / Jquery. As a member of our team, you will benefit More ❯

Smart Building Technical Project Manager Introduction / What we do at Hereworks Hereworks is a provider of commercial Smart Building & Technology solutions throughout Ireland, UK and beyond. We offer end-to-end solutions including Smart Building Technologies, IoT, Audio Visual Solutions, Telecommunication Systems and much more. We are unique … and usable, while developing software layers for integration, aggregation and communication of the buildings systems including but not limited to: Amazon (AWS) IoT Core / Google (GCP) IoT Core Safety & Security - Intruder, Fire, Access Control, CCTV, Lifts Telecommunications & IT Systems - UC, In-Building Cellular Room, Desk & Parking Booking Systems … Compliance with Security Standards: The Project Manager is responsible for ensuring that data migration processes are conducted securely and in accordance with the ISO 27001 standard. This involves implementing and maintaining security conscious practices throughout the project lifecycle. Program Development: The role may involve contributing to More ❯

SENIOR SOC ANALYST Up to £80,000 / Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite / 3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software … Technologies. Excellent Analytical & Problem-Solving Skills. Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Knowledge of Security Tools & Technologies such as SIEM, IDS / IPS & Firewalls Knowledge of Security Incidents & Attack Methodologies Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills Leadership, Coaching & Mentoring Skills. Strong … with Industry Standard Security Frameworks such as ISO 27001 or SOC2 Understanding of Common Network Protocols & Technologies such as TCP / IP, DNS & DHCP Searches: SOC Analyst / Lead SOC Analyst / Principle SOC Analyst / Senior SOC Analyst / Information More ❯

and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. … diverse teams and stakeholders. Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape. Experience of manufacturing and / or supply chain industry is preferred. Able to operate in a multinational corporation with several locations. Competencies You have expertise within Customer / … With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. External recruitment services / agencies will not be used for this position. More ❯

select networking technologies, vendors, and solutions. Provide guidance and mentorship to network engineers and operational teams. Ensure compliance with security and regulatory requirements (ISO 27001, NIST, PCI-DSS, etc.). Troubleshoot complex networking issues and drive continuous service improvements. Key Skills & Experience Proven experience as a … customers’ lives and communities. If you want to know more about the total package we offer, please see our future employee page here https: / / deltservices.com / careers / benefits-and-perks / If you’re a passionate Network Architect looking for a new More ❯

reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents … vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP, CEH More ❯

reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents … vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP, CEH More ❯