26 to 50 of 87 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs in the UK

Social network you want to login / join with: Information Technology Risk Manager, East Sussex Client: Lutine Bell Location: East Sussex, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 1 Posted: 25.05.2025 Expiry Date: 09.07.2025 Job Description: Lutine Bell is working with a leading … to strengthen operational resilience, evaluate third-party technology providers, and support incident response and investigations. Experience: Cyber Security Knowledge: Solid understanding of cyber / information security frameworks such as NIST and ISO / IEC 27002:2022. More ❯

to strengthen operational resilience, evaluate third-party technology providers, and support incident response and investigations. Experience: Cyber Security Knowledge: Solid understanding of cyber / information security frameworks such as NIST and ISO / IEC 27002:2022. More ❯

Senior / Lead IT Security Controls Analyst (Testing) Get AI-powered advice on this job and more exclusive features. Direct message the job poster from Meraki Talent Recruitment Consultant (IT and Change) at Meraki Talent Ltd Senior / Lead IT Security Controls Analyst (Testing) Competitive Day … Rate (Inside IR35) Fully Remote Posted 25 / 06 / 18 CVs Required by 13:00 on 25 / 06 / 20 Start Date: Immediately Meraki Talent is seeking a Senior / Lead IT Security Controls Analyst (Testing) to join … Background in creating automated testing methods for security controls. Familiarity with standards such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Certifications like CISA, CISM, CISSP, ISO 27001 Lead Auditor are preferred. Is this job More ❯

Social network you want to login / join with: Do you have experience in Security Infrastructure? Do you have experience in Secure by Design? Do you want to work with an industry-leading company? If your answers are yes to these, then this could be the role for … products Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC … NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply More ❯

teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO / IEC 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53. Strong understanding … of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138 / 139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this More ❯

of risk assessment processes (NIST SP800-30 and ISO 27005) Practical experience of applying security controls (NIST SP800-53 and ISO27002) Practical experience of Secure by Design requirements (ISN 2023 / 09) Demonstrable experience of writing IA Technical Risk Assessments and the management of … could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV).For more information and guidance please visit: https: / / careers.uk.leonardo.com / gb / en / security-and-vetting Why join us At Leonardo, our More ❯

of risk assessment processes (NIST SP800-30 and ISO 27005) Practical experience of applying security controls (NIST SP800-53 and ISO27002) Practical experience of Secure by Design requirements (ISN 2023 / 09) Demonstrable experience of writing IA Technical Risk Assessments and the management of … include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV). For more information and guidance please visit https / / careers.uk.leonardo.com / gb / en / security-and-vetting Why join us At Leonardo, our More ❯

Social network you want to login / join with: Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With four top-class Security … go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing … NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness More ❯

Social network you want to login / join with: OT Cyber Security Consultant, london (city of london) col-narrow-left Client: Integrity360 Location: london (city of london), United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 16.06.2025 Expiry Date: 31.07.2025 … go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing … NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness More ❯

not limited to: Technical & organizational security controls Cyber and digital transformation activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits / CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing … of security tooling BC / DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management Consultants must possess and be able to demonstrate credibility and experience as well as currency in these fundamental skill sets. Consultants will work with industry … reporting and feedback when required. Support, when necessary, the development of opportunities by contributing as an SME in response to client RFPs and / or the construction of proposal documents and responses. Develop timely, accurate reporting that can convey technical findings to non-technical audiences at all levels More ❯

Social network you want to login / join with: GRC - Cyber Assurance and Risk Lead, London col-narrow-left Client: NTT DATA Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: ce9f3718c6c4 Job Views: 24 Posted: 17.06.2025 Expiry Date: 01.08.2025 … quantify and lead risk mitigation plans Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify / evidence appropriate compliance and security KPIs Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information … 27001) within relevant geographic boundaries. Performs focused information risk assessments of existing or new services and technologies, alongside the Operational / Service Management team and technology subject matter experts. As required, will extend the assessment of existing and proposed services to third party suppliers, including More ❯

offers a base salary of £75,000 (with flexibility) plus an attractive benefits package. The client has offices across the UK and hybrid / remote working is available, with occasional travel. As a pivotal second-line team member, you will collaborate closely with the Information Security Manager to … From assessing technical controls and supplier risks to supporting incident response and contributing to the PCI-DSS and ISO 27002:2022 compliance, this is a role where you’ll make a visible impact. Candidate Qualifications and Skills Experience in Financial Services: Proven background working … and best practices to protect sensitive data and systems. Regulatory Framework Proficiency: Demonstrated experience with compliance frameworks, including ISO 27002, PCI-DSS, and GDPR, ensuring adherence to industry standards. Threat and Cloud Security Knowledge : Strong awareness of current threat landscapes and familiarity with cloud More ❯

Social network you want to login / join with: Job description Stott & May are keen to speak with an Information Security Architect ! We need someone with the confidence and a proven track record of successfully shaping the security landscape of a global organisation (10+ offices & Data Centres worldwide … . Type : Contract / freelance – Initially 6 months | Awaiting IR35 determination Day Rate : TBC – Market rate for this role Location : Hybrid working – Some availability to work in London office advantageous Our client values security highly, seeing it as a cornerstone of their operations. They are looking for someone … who can really influence and cement this focus. Responsibilities: Act as a Technical Design Authority for security Manage estate: Windows / Azure / Linux Support & control security stage gates Contribute to the vision and strategy for security platforms, both on-premises and in the cloud Participate More ❯

Social network you want to login / join with: VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions – faster. Powered by the Asgard Platform, the industry’s largest repository of … enforcement of a password Understanding of multiple standards and regulatory areas including, but not limited to: PCI ISO 27001 / 27002 SWIFT Understand the creation, management, and oversight of Information Security Programs, Business Continuity Planning and Change Control functions Excellent written and … verbal communications. Technical Responsibilities and Skills Technical and enterprise problem / resolution skills 5+ years of information security experience preferably with prior management experience. Mid to advanced level knowledge of one of the following: Policy DevelopmentProgram Development (Risk Management, Incident Response, BCP, Training & Awareness)Risk AssessmentAssessments and / More ❯

compliance responsibilities Supports documentation and tracking of policies, procedures, standards and system configurations and recommends and implements changes as necessary Participates in goals / KPIs setting, budget creation and performance management of Information Security Strategy team Leads security team in validating and evidence gathering for escalated security incidents … and identifies root cause for application and / or network-related security issues and advises on remediation options Contributes to the review of internal processes and activities and assists in identifying potential opportunities for improvement and further automation Provides technical / management leadership on assignments and … implement information security programs that can keep pace with the ever-changing security requirements Provides leadership over corporate business resiliency, which includes business / service continuity planning, business impact management, and disaster recovery measures Leads the strategy, design, engineering and implementation of robust security strategies, frameworks, platforms, and More ❯

Security Control Tester / Security Control Assessor Our client is a global information services company and is seeking 3 seasoned security experts to lead the assessment and evaluation of security controls across systems and processes. As a Lead Security Control Assessor, you will oversee and conduct security control … 27001 Lead Auditor, or equivalent Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT Strong communication and stakeholder management skills Experience with automated testing tools such as Sailpoint, Rapid7, Wiz.io, MS Defender More ❯

essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security training programs. Excellent stakeholder management, communication, and … CV and a good time to speak at oloveland@planet-pharma.co.uk . About Planet Pharma: Planet Pharma is an American parented Employment Business / Agency that provides global staffing services with its head-quarters in Chicago and our EMEA regional office located in Central London. We have invested … us to work compliantly in 30+ countries with a current network of 2500+ active contractors globally as well as a very strong permanent / direct hire recruitment offering. Our specialist knowledge and close relationships with our clients and the wider industry really makes us unique in our field. More ❯

27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on Perm and in cloud environments. … and control principles. Proficiency in automation and data analytics tools (e.g., Excel, Tableau, Alteryx, and Power-BI). Ability to apply critical reading / thinking skills to identify systemic issues from analysing testing data. Ability to facilitate small to medium sized group meetings and communicate complex ideas. Agile More ❯

a comprehensive security architecture aligned with Casella's business goals, objectives, and regulatory requirements. Design and review security solutions, including firewalls, intrusion detection / prevention systems, antivirus software, and encryption protocols. Conduct regular risk assessments to identify vulnerabilities and recommend security measures through company-wide testing. Collaborate with … testing, and debugging technologies. Experience or interest in environmental and sustainability fields is a plus. Knowledge of ISO 27001 / 27002, ITIL, and COBIT frameworks is preferred. A Bachelor's Degree in IT, Cybersecurity, or Information Security, or equivalent experience, is required. More ❯

improvement of the control testing programme. I am therefore keen to speak with candidates who have: A proven background in Security Controls Assesment / IT Audit for large corporate clients. Professional certifications in CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent experience Familiarity … with frameworks such as NIST 800-53, ISO 27001 / 27002, CIS, COBIT Strong skills in security control tools like SailPoint, Wiz, or Rapid7 Comfortable using tools like RSA Archer, ServiceNow, Kanban Boards and Jira Adept at working in agile teams and More ❯

improvement of the control testing programme. I am therefore keen to speak with candidates who have: A proven background in Security Controls Assesment / IT Audit for large corporate clients. Experience of working in a Lead role, coordinating and managing work deliverables of other members of the team … 27001 Lead Auditor, or equivalent experience Familiarity with frameworks such as NIST 800-53, ISO 27001 / 27002, CIS, COBIT Strong skills in security control tools like SailPoint, Wiz, or Rapid7 Comfortable using tools like RSA Archer, ServiceNow, Kanban More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP More ❯

developers, and technical teams on options to mitigate risk. The candidate must have excellent verbal, written, analytical and interpersonal communication skills. Essential Functions / Major Duties and Responsibilities Strategic Provide strategic direction specific to data security management. Build and maintain a robust data security program while aligning closely … strategy in its annual iterations. Provide strong knowledge of building security into business expectations for the utilization and hosting of critical CLS data / information assets. Work with the Security Architects to build security into infrastructure and architecture designs and guide the implementation with the Operations team. Provide … the overall controls around data security. Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook. Keep informed of new and emerging More ❯