1 to 25 of 99 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK

with multiple activities, including but not limited to: Technical & organizational security controls Cyber and digital transformation activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits / CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC / … outputs and outcomes and provide reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels when necessary. When required, work … time. Comply with applicable legislation, codes of conduct, and company policy - such as Health and Safety procedures as outlined by the Companies Health and Safety Policy. Essential Skills / Attributes: 3+ years in a client-facing information / cyber security / GRC role or 5+ years in a directly related field / More ❯

experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets More ❯

experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets More ❯

experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work / life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five … platforms. In addition, you may be encouraged to undertake line management responsibilities developing and managing a team. You may be expected to own and develop CSTS capabilities and / or services. Person specification Ideal candidate: A business and technology leader in the strategic selection, development and delivery of technical security controls and services. Focused expertise to develop and … and Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets More ❯

whitelisting and approval process Oversee vulnerability and patch management workflows Maintain sandbox and production environments; support workflow and network hardening (e.g., Microsoft 365, HiBob) Own and manage I / O and data transfer security procedures Participate in systems design and implementation from a security perspective Develop user and technical security documentation and training resources Document and maintain critical … collaboration with vendors Advise on on-set data handling procedures, ensuring certified media and secure practices are in place Legal & Regulatory Compliance Act as the liaison between IT / InfoSec and Legal on matters related to GDPR, data retention policies, and compliance Ensure proper documentation, communication, and enforcement of data protection practices in line with regulatory standards Requirements … Five plus years of hands-on experience in security and / or infrastructure within an enterprise environment Familiarity with enterprise information security standards such as Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR Proficiency in Microsoft O365 Security solutions, Networking, Security operations, Vulnerability Management, and Security Auditing Experience in security More ❯

security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy / standards as well as industry recognised frameworks and best practice What you'll be doing: Develop, deliver and continually enhance a coherent approach to the design of secure client … threats. The subsequent analysis to quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy … that documentation relating to process and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation More ❯

Social network you want to login / join with: GRC - Cyber Assurance and Risk Lead, London col-narrow-left Client: NTT DATA Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: ce9f3718c6c4 Job Views: 24 Posted: 17.06.2025 Expiry Date: 01.08.2025 col-wide Job Description: Job Description The team you'll … threats. The subsequent analysis to quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy … industry standards (e.g., ISO 27001) within relevant geographic boundaries. Performs focused information risk assessments of existing or new services and technologies, alongside the Operational / Service Management team and technology subject matter experts. As required, will extend the assessment of existing and proposed services to third party suppliers, including the facilitation of IT Security More ❯

Degree in Cyber Security, Computer Science, or equivalent hands-on experience Active certifications such as CISSP, CISM, CRISC, or CISA Experience with ISO 27001 / 2, NIST, ISF, CMMI, or UK Government / Defence security frameworks Strong communication skills with the ability to brief stakeholders at all levels Background in threat intelligence … Kingdom . London, England, United Kingdom 1 month ago Senior Security Consultant, Digital Forensics & Incident Response Warwick, England, United Kingdom 2 weeks ago Senior Cyber Security Consultant - Defence / Gov London Area, United Kingdom £40,000.00-£50,000.00 1 month ago London, England, United Kingdom 1 day ago London, England, United Kingdom 3 weeks ago Identity Security Consultant More ❯

Degree in Cyber Security, Computer Science, or equivalent hands-on experience Active certifications such as CISSP, CISM, CRISC, or CISA Experience with ISO 27001 / 2, NIST, ISF, CMMI, or UK Government / Defence security frameworks Strong communication skills with the ability to brief stakeholders at all levels Background in threat intelligence More ❯

role is offering a base of £75,000 (with flexibility) plus an attractive benefits package. The client has offices in London and on the South Coast, and hybrid / remote working is available. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to safeguard the organisation against cyber, information, physical, and … with security standards and regulations. From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services : Proven background working within the financial services sector … cybersecurity principles, risk management methodologies, and best practices to protect sensitive data and systems. Regulatory Framework Proficiency : Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud security principles (experience with Azure More ❯

Working remotely with occasional be in office in Essex. What You’ll Do Assess compliance with internal security policies and industry standards (e.g., ISO / IEC 27001 / 2, PCI-DSS). Conduct supplier risk assessments and third-party due diligence. Support vulnerability assessments, incident investigations, and operational … friendly advice. Stay on-call during scheduled weeks for incident support and response. Requirements Essential: Solid understanding of cyber security, governance, and risk management principles. Experience with risk / vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001 / 27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Financial services / FCA experience Desirable: Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL, data protection laws (UK GDPR), and payment card security. Security More ❯

a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote. Close Date: 25 / 03 / 2025 We also provide the following additional benefits: Reservist Leave - Additional 18 days full pay and 22 unpaid. Personal Pension Plan - Personal contribution rates of … metrics and management reporting. Information Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO 27001 / 27002 including the governance forum agenda and minutes. Policies and Standards: Establish GRC policies, standards and procedures to monitor UKPN information security controls, exceptions, risks, and testing … laws, regulations, and industry standards. We are looking for a detailed knowledge and practical expertise in at least 3 of the following specialist areas: Specific Industry Standards. IS / IT Operational Controls and Governance. Business Continuity Planning and Disaster Recovery. Supply Chain and 3rd Party Risk Management. Problem Solving: The role must have strong analytical and problem-solving More ❯

a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote. Close Date: 25 / 03 / 2025 We also provide the following additional benefits: Reservist Leave – Additional 18 days full pay and 22 unpaid. Personal Pension Plan – Personal contribution rates of … metrics and management reporting. Information Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO 27001 / 27002 including the governance forum agenda and minutes. Policies and Standards: Establish GRC policies, standards and procedures to monitor UKPN information security controls, exceptions, risks, and testing … laws, regulations, and industry standards. We are looking for a detailed knowledge and practical expertise in at least 3 of the following specialist areas: Specific Industry Standards. IS / IT Operational Controls and Governance. Business Continuity Planning and Disaster Recovery. Supply Chain and 3rd Party Risk Management. Problem Solving: The role must have strong analytical and problem-solving More ❯

a permanent basis. The role offers a base salary of £75,000 (with flexibility) plus an attractive benefits package. The client has offices across the UK and hybrid / remote working is available, with occasional travel. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to safeguard the organisation against cyber … with security standards and regulations. From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services: Proven background working within the financial services sector … cybersecurity principles, risk management methodologies, and best practices to protect sensitive data and systems. Regulatory Framework Proficiency: Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud security principles (experience with Azure More ❯

a permanent basis. The role offers a base salary of £75,000 (with flexibility) plus an attractive benefits package. The client has offices across the UK and hybrid / remote working is available, with occasional travel. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to safeguard the organisation against cyber … with security standards and regulations. From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services: Proven background working within the financial services sector … cybersecurity principles, risk management methodologies, and best practices to protect sensitive data and systems. Regulatory Framework Proficiency: Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud security principles (experience with Azure More ❯

a permanent basis. The role offers a base salary of £75,000 (with flexibility) plus an attractive benefits package. The client has offices across the UK and hybrid / remote working is available, with occasional travel. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to safeguard the organisation against cyber … with security standards and regulations. From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services: Proven background working within the financial services sector … cybersecurity principles, risk management methodologies, and best practices to protect sensitive data and systems. Regulatory Framework Proficiency: Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud security principles (experience with Azure More ❯

Social network you want to login / join with: Euroclear is a global critical financial market infrastructure company. Strong IT Risk Management and Security are at the core of the company’s services, firmly embedded in their management systems and processes. The Regulatory Watch, Policies and Controls team is part of the Cyber Information Security Office Division and … Management, Security Monitoring and Incident Management, Platform, Network and Application Security among others. The Euroclear security control framework is built upon the ISO 27001 / 2 and CIS industry standards and is currently being implemented within the ServiceNow GRC platform. Your active role will encompass both defining and implementing controls during the change phase … or equivalent experience (education in computer science, engineering or cybersecurity is a plus) 5+ years field experience in the security risk and control environment, preferably in controls design / implementation area in large / enterprise multi-platform-based IT environments Good knowledge of the key principles of the Information Security Management Systems and various Security Technology More ❯

protocols and technologies (e.g. VPN, TLS, DMZ). Practical knowledge of cloud security across AWS, Azure, or GCP (e.g. CloudTrail, Sentinel). Experience with endpoint protection, DLP, IDS / IPS, MFA, and content filtering. Familiarity with SIEM platforms and vulnerability management tools. Exposure to SOAR platforms and scripting or development skills (e.g. Python, Bash). Understanding of frameworks … such as ISO 27001 / 2, NIST, SOC, or COBIT. Excellent communication skills, both verbal and written. Location & Workplace Type: This role will be based in Newry, Belfast or Dublin with a Hybrid working model Why Choose KX? Data Driven: We lead with instinct and follow fact. Naturally Curious: We lean in, listen and More ❯

degree level (or equivalent) ideally in computer science or a related field Familiarity with internationally recognised IT Security standards and frameworks such as Cyber Essentials, NIST, or ISO27001 / 2 Understanding of how IT Security tooling such as Firewalls, AV, Proxies and IDS / IPS operate Familiar with the Microsoft stack including desktops, servers and cloud More ❯

Social network you want to login / join with: Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With four top-class Security Operation Centers, we offer a complete end-to-end security … on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis More ❯

on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs More ❯

on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs More ❯

Social network you want to login / join with: OT Cyber Security Consultant, london (city of london) col-narrow-left Client: Integrity360 Location: london (city of london), United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 16.06.2025 Expiry Date: 31.07.2025 col-wide Job Description: About Us Integrity360 is one of … on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis More ❯

candidate will advise Business Owners, developers, and technical teams on options to mitigate risk. The candidate must have excellent verbal, written, analytical and interpersonal communication skills. Essential Functions / Major Duties and Responsibilities Strategic Provide strategic direction specific to data security management. Build and maintain a robust data security program while aligning closely with CLS's mission. Improve … Contribute to the overall security strategy in its annual iterations. Provide strong knowledge of building security into business expectations for the utilization and hosting of critical CLS data / information assets. Work with the Security Architects to build security into infrastructure and architecture designs and guide the implementation with the Operations team. Provide direction and advice on projects … continually review opportunities to improve the overall controls around data security. Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook. Keep informed of new and emerging security threats & assess effectiveness of More ❯

technical concepts to non-technical people. Please note the minimum criteria for this role is: Practical experience of operating certified ISMS using ISO 27001 / 2, NIST CSF and other security standards in the design and management of information security controls. Practical experience working with third party suppliers to audit and evidence compliance with … more, as required) reduce or vary working hours reduce or vary the days worked work compressed hours job share For more information about our recruitment processclick here Directorate / Department Overview The Risk and Compliance vision is to become a trusted partner for the business. To enable this, the directorate teams’ shared objective is to enable the first … to ensure that no applicant or employee receives less favourable treatment because of their age, disability, gender identity, marital status, national origin, pregnancy or caring responsibilities, race, religion / belief, sex, sexual orientation or socio economic background. We also recognise the importance of diversity of thought and other forms of neurocognitive variation. Nest is a Disability Confident Leader More ❯