1 to 25 of 37 ISO/IEC 27005 Jobs in the UK

Compliance is a plus. Certifications (Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for data protection compliance) Experience Requirements: 3-5+ years of … experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if handling payment data) Experience in: Managing vendor risk assessments for third-party … Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief executives and More ❯

the Security Operations Centre (SOC). - Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). - Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience … endpoint, and cloud security. - Ability to assess and communicate technical vulnerabilities in business terms. - Experience working with or within a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory … You will always however hear from us by phone if we are able to take your CV forward to the next stage. You can also follow us at Twitter / Facebook / LinkedIn or via our website . More ❯

in the short, medium or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity / Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR … Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients. Able to always deliver projects within time and in budget and to a high level of customer satisfaction - exercising customer care. Demonstrate … of the below: Excellent attention to detail and documentation. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS. Customer facing experience at senior levels. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage Outputs Ability to successfully compile accurate reports within defined timescales. More ❯

in the short, medium or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity / Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR … Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients. Able to always deliver projects within time and in budget and to a high level of customer satisfaction – exercising customer care. Demonstrate … of the below: Excellent attention to detail and documentation. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS. Customer facing experience at senior levels. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage Outputs Ability to successfully compile accurate reports within defined timescales. More ❯

in the short, medium or long term. Our core consulting and implementation services include: Strategy & transformation On-demand virtual roles Data discovery and mapping Risk advisory and assurance Continuity / Resilience Data privacy and GDPR ISO 27001 & NIST CSF Supplier assurance PCI, PA & P2PE Incident response planning Card production audits Cyber security review SOC advisory & implementation XDR … in Azure Resource Manager template, Git, KQL, PowerShell Ability to work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as requested by clients. Able to deliver projects within time and budget and to a high level of customer satisfaction – exercising customer care. Strong ability to … of the below: Excellent attention to detail and documentation. Industry standards such as ISO 27001 Series, GDPR, NIST, PCI DSS. Customer-facing experience at senior levels. CISSP / CISM / ISO 27001 LA or LI / PCI DSS QSA would be an advantage Outputs Ability to successfully compile accurate reports within defined timescales. More ❯

management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal … and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information … obligations include security clauses as relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience in an Information Security, IT More ❯

and provide expert guidance on remediation. Collaborate with cross-functional teams to embed security within agile project delivery. Keep up to date with emerging threats, technologies, and security frameworks (ISO27005, NIST). Provide training and advisory services to clients on cyber security best practices. What We're Looking For Strong knowledge of cyber risk management and frameworks (ISO27005, NIST). … risks into business terms . Ability to work independently and collaboratively in a client-facing environment. Desirable Skills & Qualifications CIISEC Membership or UK Cyber Security Council professional registration (Chartered / Principal Level). Hands-on experience reviewing and implementing network and cloud security solutions . Familiarity with Zero Trust architectures and modern security frameworks. What We Offer Competitive salary … and benefits package 25 days annual leave + birthday off (option to buy / sell additional 5 days) Private medical cover, pension scheme, and life assurance Ongoing professional development and career growth opportunities #J-18808-Ljbffr More ❯

Cybersecurity Consultant - CISSP, OWASP, Azure Up to £495 per day (Inside IR35) London / Hybrid (3 days per week in London) 12 months initially My client is a London-based firm who urgently require a Cybersecurity Consultant with proficiency in Azure, with CISSP and ideally OWASP (for Application Security) certification to play a key role in a small project … providing expertise for Information Security Risk and Governance Frameworks, performing Info Security Technical Risk Assessments as well as analysis and reporting. Key Requirements: Proven commercial expertise as a Cyber / Info Security Consultant Previous experience within a large, complex enterprise-scale organisation Information Security certifications (CISSP, OWASP) Demonstrable experience of working in Application Security Expertise within Azure (Cloud platform … Ability to communicate highly technical problems / solutions to non-technical audiences across multiple geographical regions / sites Capability to unpick High Level Designs (HLD) with ease Proven experience of working closely with TDA Strong knowledge of conducting Information Security technical Risk Assessments Exceptional communication skills and stakeholder management skills (at all levels) Strong knowledge of working within More ❯

code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … . Conduct penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138 / 139). Proficiency in security testing More ❯

Social network you want to login / join with: Information Security Compliance Analyst, Hertfordshire Client: Cpl Life Sciences Location: Hertfordshire, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 28.04.2025 Expiry Date: 12.06.2025 Job Description: We are seeking an Information Security Compliance Analyst for a 12-month fixed-term contract in a hybrid setting … maintaining security policies, managing security awareness training, advising on security matters, and supporting audits. Qualifications and Experience: Degree level qualification or equivalent (highly desirable) Relevant certifications like CISM and / or CRISC (highly desirable) Experience in information security, IT governance, risk, and compliance, especially with ISO 27001 Knowledge of industry frameworks such as ISO … development, and third-party due diligence Proven ability to lead audits and establish data classification standards Project management experience in security, data protection, and compliance initiatives Knowledge of UK / EMEA data protection laws like DPA and GDPR Stakeholder management skills at technical and executive levels #J-18808-Ljbffr More ❯

the Security Operations Centre (SOC). Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. Perform additional security-related tasks as directed by the Head of Information Security Essential Skills & Experience Proven experience in … and cloud security. Ability to assess and communicate technical vulnerabilities in business terms. Experience working with or within a SOC environment . Familiarity with risk management frameworks (e.g. ISO 27005, NIST RMF). Excellent communication and reporting skills. Due to the volume of applications received for positions, it will not be possible to respond to all … personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http: / / proactive.it / privacy-notice / More ❯

the Security Operations Centre (SOC). Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). Review security aspects of tenders and conduct third-party / vendor risk assessments to ensure alignment with organisational security requirements. Perform additional security-related tasks as directed by the Head of Information Security Essential Skills & Experience Proven experience in … and cloud security. Ability to assess and communicate technical vulnerabilities in business terms. Experience working with or within a SOC environment . Familiarity with risk management frameworks (e.g. ISO 27005, NIST RMF). Excellent communication and reporting skills. Due to the volume of applications received for positions, it will not be possible to respond to all … personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http: / / proactive.it / privacy-notice / #J-18808-Ljbffr More ❯

Senior Cybersecurity Risk Analyst (Interim) Fully Remote | 3-Month Contract | £260 / day (Inside IR35 via umbrella) We’re working with a leading UK charity who are looking to bring in a Senior Cybersecurity Risk Analyst to support during a critical period. This is a hands-on, technically focused interim contract — ideal for someone with strong experience in risk … cloud security principles. Comfortable working alongside or within a Security Operations Centre (SOC) . Able to communicate technical risks in plain business terms. Familiar with frameworks such as ISO 27005, NIST RMF , or similar. Available to start immediately or within short notice . Bonus Points For: Certifications: CISSP, CISM, CRISC, CEH or equivalent. Experience using GRC More ❯

rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs, across More ❯

rely on and trust us to go above and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role / Responsibilities Assisting our clients in securing their information systems (defining target objectives, developing action plans, implementing actions (organizational or technical), coordination, monitoring and managing these plans) Assessing our clients … against current norms and regulations (ISO 27001, NIS 2, IEC 62443, Cyber Resilience Act...) and through cybersecurity risk analysis (ISO 27005 / EBIOS RM) Integrating cybersecurity into our clients' projects Supporting our clients' CISOs in their daily activities: defining cybersecurity processes, drafting policies and documentation, conducting awareness sessions, organizing cyber crisis … exercises, animating the client's cyber community Leading or deploying cybersecurity solutions specific to industrial environments. We work under fixed-price projects and / or in Time and Material mode. The duration of assignments depends on client needs, topics, and consultant aspirations – ranging from a few days to several months. Our clients vary widely: large enterprises and SMEs, across More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯

Expertise 4–6 years’ experience in cybersecurity, with a focus on IT risk or governance Solid understanding of cybersecurity frameworks (ISO 27001, NIST, DORA) Familiarity with identity / access management, secure software development, vulnerability management Experience with tools such as ServiceNow, Excel, and basic security testing platforms Strong organizational, communication, and documentation skills Bachelor’s or master … s degree in IT, Computer Science, or related field Fluent in English, team-oriented mindset Recognized certifications (CISSP, CISM, CRISC, ISO 27005) are a plus #J-18808-Ljbffr More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to change based on the specific requirements of the role. Quick call More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to change based on the specific requirements of the role. Quick call More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process ️ Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯

critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99 / IEC 62443 NIST CSF. Additional Information Assessment process ️ Please note that the interview stages may be subject to change based on the specific requirements of the role. More ❯

strategy, translating them into reusable templates and guardrails. Lead architecture reviews for high risk projects, providing actionable recommendations and tracking remediation through to closure. Perform and interpret threat modelling / pen test results, converting findings into road mapped improvements and measurable risk reductions. Advise on security controls for hybrid and cloud platforms (AWS, Azure, Kubernetes, serverless), balancing usability, cost … or mitigation strategies. Oversee vendor and SaaS evaluations, ensuring contracts include appropriate security clauses and ongoing assurance. Essential skills: Risk based decision making: expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost effective controls. Technical depth: hands on knowledge of cloud security, IAM, container & API security … ability to engage C suite and delivery squads alike, adapting style to gain agreement and drive secure by design culture. Mentoring & governance: experience line managing or coaching security architects / engineers and running architecture assurance or design review boards. At the Home Office, your work has real-world impact, shaping the safety and security of millions. We offer: Meaningful More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Check compliance with … applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this role? Ideally you'll be familiar with the main risk analysis methods (EBIOS … a leading Engineering Group In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Check compliance with … applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this role? Ideally you’ll be familiar with the main risk analysis methods (EBIOS … Engineering Group #LI-SW1 In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯

with insight into the security solutions adapted to their needs Check compliance with applicable regulations, standards, policies and guidance on cybersecurity and information risk management (PCI DSS, NIST, ISO 27000, Privacy, etc) Support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Right for this … role? Ideally you'll be familiar with the main risk analysis methods (EBIOS, ISO 27005), regulatory constraints (LPM, NIS, RGPD, II 901, IGI 1300) and security standards (ISO 27000, NIST, ANSSI, etc). You are able to identify, analyse and evaluate cybersecurity and information risks. Have knowledge of Authentication and Identity management solutions. Experienced … a leading Engineering Group In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and / or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence More ❯