1 to 25 of 39 Remote ISO 27001 Lead Implementer Jobs in the UK

manage internal and external Security Working Groups. Support Serco Defence projects and design activities, ensuring compliance with MOD Secure by Design, HMG policy, NCSC guidance, NIST 800, and ISO 27001. Advise on technical requirements and compliance with formal contract security schedules (Security Aspects Letters) and recommend security technologies and controls. Provide advice and guidance to maintain existing … cyber security compliances (e.g., ISO 27001, Cyber Essentials Plus), MOD certifications, and HMG security controls. Adopt a proactive approach to security management and assurance coordination, ensuring smooth running of scheduled activities and gaining trust of key stakeholders. Engage with external audit and assurance providers, scope test plans, help stakeholders interpret test results, and support … breaches. What you’ll need: In-depth knowledge and experience with MOD policies and standards, including Secure by Design, JSP 440, and DefStan 05-138 / DCPP. ISO27001 Lead Implementer / Auditor, CISSP or CISM. Strong understanding of data protection compliance and relevant privacy certifications. Proficiency in risk management using recognised frameworks like NIST. More ❯

expertise in information security to provide strategic guidance to clients on GRC activities, as well as on achieving their cyber and information security objectives. You will take the lead in managing technical consulting engagements and contribute to the successful delivery of complex security programs. Responsibilities Apply a strong knowledge of the cyber threats, hazards, risks, controls, and … cyber security threats and regulatory requirements relevant to their organisation. Design and deliver information security, cyber resilience and maturity assessments tailored to customer’s organisational and compliance needs. Lead and advise customers on the design, implementation and adoption of information security policies, procedures. Understand relevant frameworks for managing different areas of Information security, risk management and data … GRC initiatives to strengthen and manage information security frameworks Possess strong stakeholder engagement and management skills Hold relevant academic or professional certifications e.g. CISM, CISSP, PCIRM, MSc, ISO27001 (lead implementer / auditor), CIPPE Have the right to work in the UK and are eligible for UK security clearance What we look for in our More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

approval, candidates may be permitted to start the role prior to clearance being fully completed. Role Overview: We are seeking a highly experienced Senior Information Assurance Consultant to lead the development and implementation of security management processes for a new, high-profile service. This role will be instrumental in establishing and integrating a comprehensive Information Security Management … working on a critical and impactful programme. As the role involves working with sensitive information, eligibility for SC clearance or holding active SC clearance is essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO / IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed security best practices throughout the service lifecycle. Provide expert guidance on information assurance, governance, and risk management strategies. Support audit and certification activities, ensuring More ❯

Job Introduction We are seeking a skilled and motivated Information Security Lead to support the strategic and operational delivery of information security and infrastructure controls across our digital estate. Reporting to the Head of Information Security and Enterprise Architecture, this role is responsible for driving compliance with cyber and data protection standards (including DSPT, CE+, and CAF … robust security practices across business-as-usual operations and new service transitions. Working within the Information Security and Architecture team, the postholder will serve as a senior technical lead across key domains, including cyber assurance, infrastructure security, policy development, and risk mitigation. You will collaborate with technical teams, service management, suppliers, and transformation programmes to deliver a … vulnerability management. Practical experience supporting compliance with regulatory and best practice frameworks, including: Data Security and Protection Toolkit (DSPT) Cyber Essentials Plus (CE+) Cyber Assessment Framework (CAF) or ISO 27001 Ability to assess security risks, develop mitigation plans, and communicate recommendations to technical and non-technical audiences. Familiarity with NHS and public sector data More ❯

approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation … Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership … as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank's information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

Join to apply for the Group IT Risk Security Lead role at Finsbury Food Group 1 day ago Be among the first 25 applicants Join to apply for the Group IT Risk Security Lead role at Finsbury Food Group Location: UK (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) Shift: Monday to Friday Salary: Competitive + … Benefits We have an opportunity for a Group IT Risk Security Lead to join our IT Team. Finsbury Food Group is a leading speciality bakery manufacturer. We constantly raise quality and efficiency standards, and build long-term relationships with major multiple retailers and the foodservice channel. The bread for your morning toast, ready for butter-spreading or … party cakes like Caterpillar cakes This is what we do, and why we’re in business. Baking brilliance makes every day special. As our Group IT Risk Security Lead they will be our dedicated cybersecurity specialist responsible for strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

security audits to evaluate and improve the effectiveness of risk management, control and governance processes. Independently deliver a wide range of GRC consultancy projects across client environments, including ISO 27001 implementation and maintenance, SOC 2 readiness assessments, GDPR compliance, and broader information security frameworks. Conduct comprehensive internal audits, gap analysis, and maturity assessments aligned … and develop actionable risk treatment plans tailored to client needs and business context. Design, write, and maintain information security policies, procedures, and documentation for clients across multiple sectors. Lead governance and compliance initiatives, including client-facing reporting, audit readiness support, and continual service improvement. Build trusted relationships with clients through consistent, expert guidance and support across security … and compliance engagements. Mentor and develop junior consultants, supporting their delivery quality and professional growth. Requirements Minimum five years of experience in a GRC consultancy or lead security role with significant client-facing responsibilities. Proven ability to independently deliver information security engagements across ISO 27001, SOC 2, GDPR, NIST, or similar More ❯

Cyber Essentials Plus and IT risk frameworks Excellent problem-solving and analytical skills Able to work independently and cross-functionally Strong written and verbal communication Desirable Qualifications: ISO27001 Lead Auditor / Implementer Certification Certified Information Systems Auditor (CISA) or equivalent Degree in IT, Computer Science, or a related field Understanding of cloud and infrastructure More ❯

Compliance Analyst to join a dynamic team supporting the development and maintenance of an EMEA-wide Information Security Management System. This role plays a critical part in maintaining ISO 27001:2022 certification, ensuring compliance with legislation including NIS 2, GDPR, and the AI Act, and promoting a strong security culture across the business. Requirements … ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001 / 27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security More ❯

highly desirable. Experience of security transformation and delivery of security projects, particularly within a federated organisation. Desirable Skills Knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Good awareness of risk methodologies and ability … operating procedures. Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable What We Will Offer You Recognised and rewarded for a job well done More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA) One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA) One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯