26 to 50 of 76 ISO 27001 Lead Implementer Jobs in the UK

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank's information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

Join to apply for the Group IT Risk Security Lead role at Finsbury Food Group 1 day ago Be among the first 25 applicants Join to apply for the Group IT Risk Security Lead role at Finsbury Food Group Location: UK (Hamilton, Manchester, Sheffield, Salisbury or Cardiff) Shift: Monday to Friday Salary: Competitive + … Benefits We have an opportunity for a Group IT Risk Security Lead to join our IT Team. Finsbury Food Group is a leading speciality bakery manufacturer. We constantly raise quality and efficiency standards, and build long-term relationships with major multiple retailers and the foodservice channel. The bread for your morning toast, ready for butter-spreading or … party cakes like Caterpillar cakes This is what we do, and why we’re in business. Baking brilliance makes every day special. As our Group IT Risk Security Lead they will be our dedicated cybersecurity specialist responsible for strengthening security posture, delivering against the cybersecurity strategy and ensuring alignment with the Cyber Governance Code of Practice. The More ❯

s Global Security Office is committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Information Security Risk Manager to lead on A&M wide information security risk management program and join our dynamic and growing team based in either our London or Tampa office. Position Summary: The Information … on the managing and maintaining the Global Security Office Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the GRC Tool and can effectively assess and communicate technical security requirements to teams across the firm. Key Responsibilities: Risk … Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the end-to-end information security risk management process, to ensuring risks are proactively identified, assessed, recorded, and mitigated. Assess and prioritize security risks based on enterprise-wide impact, likelihood, and mitigation strategies. Act as a trusted security advisor, working cross-functionally with More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

and operational guidance on cybersecurity, data protection, and regulatory compliance to ensure the bank’s information assets and customer data remain secure and compliant with applicable standards (e.g., ISO 27001, GDPR, FCA requirements). Key Responsibilities: Serve as the SME for all matters related to information security and privacy. Advise on the development and … security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current on emerging threats, regulatory changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and / or … Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with C-level stakeholders and influence decision-making. Relevant certifications preferred: CISSP More ❯

Client: Expleo Location: London, United Kingdom Job Category: Other - EU work permit required: Yes Job Reference: c9b40ca495cb Job Views: 4 Posted: 29.06.2025 Expiry Date: 13.08.2025 Job Description: Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential skills Strong understanding of cybersecurity assurance principles, risk management More ❯

regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance. Key Responsibilities Build and refine information security governance and risk frameworks Lead audits (internal / external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and … policies across the business Support KPI development and risk strategy planning Requirements Degree in Computer Science / IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor / Implementer Working knowledge with legal / security needs in housing association sector and its regulatory environment … Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately as first stage interviews will be taking place this week. More ❯

standards. The role offers the opportunity to influence mission-critical projects within the marine and defence domain, applying structured cybersecurity assurance approaches to complex, multidisciplinary delivery environments. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential skills Strong understanding of cybersecurity assurance principles, risk management More ❯

standards. The role offers the opportunity to influence mission-critical projects within the marine and defence domain, applying structured cybersecurity assurance approaches to complex, multidisciplinary delivery environments. Responsibilities Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects. Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases … capabilities. Qualifications A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Evidence of ongoing professional development aligned with cybersecurity assurance, defence sector standards, and engineering-led delivery models. Essential Skills Strong understanding of cybersecurity assurance principles, risk management More ❯

security audits to evaluate and improve the effectiveness of risk management, control and governance processes. Independently deliver a wide range of GRC consultancy projects across client environments, including ISO 27001 implementation and maintenance, SOC 2 readiness assessments, GDPR compliance, and broader information security frameworks. Conduct comprehensive internal audits, gap analysis, and maturity assessments aligned … and develop actionable risk treatment plans tailored to client needs and business context. Design, write, and maintain information security policies, procedures, and documentation for clients across multiple sectors. Lead governance and compliance initiatives, including client-facing reporting, audit readiness support, and continual service improvement. Build trusted relationships with clients through consistent, expert guidance and support across security … and compliance engagements. Mentor and develop junior consultants, supporting their delivery quality and professional growth. Requirements Minimum five years of experience in a GRC consultancy or lead security role with significant client-facing responsibilities. Proven ability to independently deliver information security engagements across ISO 27001, SOC 2, GDPR, NIST, or similar More ❯

Cyber Essentials Plus and IT risk frameworks Excellent problem-solving and analytical skills Able to work independently and cross-functionally Strong written and verbal communication Desirable Qualifications: ISO27001 Lead Auditor / Implementer Certification Certified Information Systems Auditor (CISA) or equivalent Degree in IT, Computer Science, or a related field Understanding of cloud and infrastructure More ❯

network you want to login / join with: Head of Information Security Required for an online retail business. The role will initially focus on ISO27001 & ISO9001 recertifications. Responsibilities Lead on information security strategy and implementation of security roadmap. Develop security KPIs and track their progress. Advise senior management on risk levels and any changes impacting security posture … including emerging threats. Create, maintain, and implement information security policies. Continuously validate the firm against policies and procedures to ensure compliance with ISO 27001, ISO 9001, Cyber Essentials+, and GDPR. Manage and continuously improve the firm's Information Security Management System. Oversee the information security training and awareness program. Lead … enhance security procedures to mitigate potential threats. Ensure cybersecurity requirements are embedded into new programs of work. Provide management and mentorship to security teams and staff. Create and lead the Security Operations Centre (SOC), ensuring real-time monitoring and incident response. Drive security awareness training and GRC initiatives. Report to senior stakeholders on threats, compliance gaps, and More ❯

highly desirable. Experience of security transformation and delivery of security projects, particularly within a federated organisation. Desirable Skills Knowledge of Information Security and compliance frameworks, including NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, and DORA, and the ability to design controls that align with these standards. Good awareness of risk methodologies and ability … operating procedures. Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders. Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer are highly desirable What We Will Offer You Recognised and rewarded for a job well done More ❯

reviews related to InfoSec and privacy compliance. You will work closely with IT and business functions to identify risks, manage incidents, and advise on good practices aligned with ISO 27001 and / or NIST. Key Responsibilities Develop, review, and update the Bank's Information Security and Personal Data Protection (PDP) Frameworks (policies, directives, guidance … in IT, Security, Risk Management, or a related field (other fields will also be considered). Certifications : At least one recognised information security qualification (e.g., CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer). At least one data protection certification (e.g., EU-GDPR-P, CIPP / E More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA) One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against … accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. What You'll Do Lead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities, tasks and … when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA). One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

e.g. to NCSC guidance, CAF etc. Knowledge and understanding of NIS Directive and UK NIS Regulations. Security related qualifications such as CISSP, CISM, NIST Foundation / Practitioner, ISO27001 lead implementer or auditor and Security+. A good communicator, with the ability to contribute confidently to technical security discussions with peers and management. Please note that More ❯

high-impact role where you’ll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large-scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non-compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi-threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

high-impact role where you'll work closely with customers, delivery colleagues, and operational teams to shape and maintain secure, compliant environments across large-scale programmes. Key Responsibilities Lead security assurance activities on major customer contracts or portfolios. Act as a trusted advisor embedded in agile delivery teams, working closely with clients. Track and manage contractual security … obligations, ensuring timely review and mitigation of any non-compliance. Oversee IT Health Checks (ITHC) and lead remediation efforts. Deliver and implement Security Information Assurance work packages. Operate and maintain an Information Security Management System (ISMS) aligned to ISO27001. Manage vulnerabilities, security incidents, and operational risks. Maintain and improve security documentation and controls. Mentor and review work … ISMS frameworks and ISO27001 compliance. Strong experience in vulnerability management, risk mitigation, and incident response. Excellent communication and stakeholder engagement skills, including at senior levels. The ability to lead on complex, multi-threaded deliveries. Comfortable working in agile environments and adapting to changing security and delivery requirements. SC and NPPV3 clearance or eligibility to obtain them. You More ❯

Key Responsibilities Act as the Bank's IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Conduct security assessments and technical risk evaluations. Liaise with IT and MSSP teams to identify and remediate security risks … / incidents. Draft reports, risk register updates, and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business … What We're Looking For A Bachelor's or Master's degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in More ❯

Key Responsibilities Act as the Bank’s IS technical consultant on Supplier and Project Assurance activities. Oversee the administration of the SureCloud platform and baseline control set maintenance. Lead security triaging and approvals of new projects and suppliers. Conduct security assessments and technical risk evaluations. Liaise with IT and MSSP teams to identify and remediate security risks … / incidents. Draft reports, risk register updates, and maintain documentation aligned with best practice (ISO 27001, NIST CSF). Track and advise on industry security trends and their implications. Contribute to social engineering assessments, BAU risk mitigation, and business process evaluations. Influence and support change by aligning policy updates with new regulations and business … What We’re Looking For A Bachelor’s or Master’s degree (preferably in IT, Security, or Risk). At least one recognised IS qualification (CISM, CISA, CISSM, ISO 27001 Lead Auditor / Implementer, CIPP / E). Proven experience in delivering project and supplier assurance activities in More ❯

and maturity. Stay updated on relevant frameworks and regulatory requirements. Required Skills, Qualifications, and Experience Bachelor’s degree in Information Security or related field; relevant certifications (e.g., ISO27001 Lead Implementer, CIPP, CRISC) are a plus. At least 2-3 years of experience in GRC, Information Security, or related fields. Experience with GRC platforms like … OneTrust is advantageous. Knowledge of risk management methodologies and frameworks such as CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2. Experience with audits, privacy breach investigations, and legal / regulatory interpretation. Ability to guide teams on privacy standards and compliance. Exposure to cloud environments and AI systems risk controls is a bonus. Strong understanding More ❯

Stay up-to-date with relevant frameworks and regulatory requirements. Required Skills, Qualifications, and Experience Bachelor’s degree in Information Security, or related field. Relevant certifications (e.g., ISO27001 Lead Implementer, CIPP, CRISC etc.) are a plus. At least 2-3 years of experience in GRC, Information Security, or related fields. Hands-on experience with … GRC platforms, OneTrust is a bonus. Experience with risk management and risk assessment methodologies. Knowledge of frameworks like CIS 8.0, ISO 27001, NIST CSF, GDPR, NIS2, or similar. Experience in auditing, reporting, and investigating privacy breaches. Ability to interpret and apply complex legal and regulatory requirements. Experience working with cross-functional teams to implement More ❯

join the CCoE’s Cyber Security Operations Centre (CSOC), responding to incidents, working on projects and providing excellent services to NHSScotland’s Health Boards. The post holders will lead and contribute to projects that extend and improve the capabilities of the CCoE, and that improve the cybersecurity stature and awareness of our customer base. They will engage … candidate will have achieved Chartered Professional status of the British Computer Society (MBCS CITP) and should have obtained a post-graduate qualification in the specialist area e.g. ISO27001 Lead Implementer, CISM, CISA, CISSP, GIAC certifications, CCP accreditor or have equivalent additional experience / expertise. The candidate should have excellent interpersonal, communication and organisational skills. More ❯

leading to nationally recognised qualifications, such as chartered or principal status with the UK Cyber Security Council, or certifications such as CompTIA, NIST, PCiIAA, CISMP, CISSP, CREST, ISO27001 Lead Implementer / Auditor, SABSA, and TOGAF. A Mentor will be on hand to provide support and guidance throughout your journey with Actica. You will also More ❯