1 to 25 of 532 ISO/IEC 27001 Jobs in the UK excluding London

strategic role where you’ll take ownership of security strategy, operations, and compliance across multi-cloud environments; ensuring systems remain robust, scalable, and compliant with key standards such as ISO27001, PCI / DSS, and GDPR. Location: Milton Keynes - hybrid - at least 2 - 3 times a week in office Salary: £50,000 – £60,000 per annum + benefits Requirements for … Information Security Officer Strong experience in information security within a SaaS or cloud-based software environment Proven success managing ISO27001 certification, audit cycles, and compliance programmes Excellent knowledge of GDPR and experience embedding data protection into software systems Hands-on experience managing cloud security within Azure and / or AWS environments Knowledge of PCI / DSS standards for … platforms Embed security best practices into development lifecycles and product roadmaps Oversee cloud infrastructure security, vulnerability management, and incident response Maintain security monitoring, alerting, and access management controls Lead ISO27001 certification maintenance and audits Ensure compliance with PCI / DSS, GDPR, and other relevant frameworks Complete client security assurance documentation and tender responses Act as the main security contact More ❯

Security Engineer - Cloud / Compliance / ISO 27001 Location: Knutsford (Cheshire) - Hybrid Salary: £65,000 - £80,000 DOE + benefits About the Role We're working with a rapidly growing, cloud-first technology business that provides secure, compliant software to global enterprise clients across regulated sectors. They're now looking for an experienced Security … policies, and frameworks. Oversee day-to-day security operations including access control, patching, log review, and alert response. Implement and manage controls across cloud and on-premises environments (Azure / AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR … Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM / PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent communication skills - able to collaborate across technical and non-technical teams. Relevant More ❯

and leading high-performing technical presales or sales engineering teams Broad technical foundation across areas such as cloud infrastructure, security and compliance, APIs, integrations, and modern approaches to AI / ML Demonstrated success in supporting large enterprise opportunities, from proof-of-value through to close This company values a top academic history so are looking for a 2.1 or … on with critical opportunities Responsibilities for Technical Presales Team Leader You will start leading a team of 4 Junior Pre-Sales Engineers in a role with an 80% sales / 20% solutions engineering split supporting how the software is integrated with customers: Lead, mentor, and grow a team of Tech Sales Specialists and Solutions Engineers Define best practices, playbooks … SaaS Integrations / APIs / Security / Compliance / AWS / Azure / GCP / NLP / ML / ISO27001 / SOC2 / GDPR More ❯

AI certification standards, complies with evolving global AI regulation, and delivers trusted assurance to customers. A central focus will be leading the delivery and maintenance of ISO / IEC 42001 certification for AI Management Systems, embedding its requirements into operations, and integrating AI governance into the wider assurance framework. The role will also provide direct … customer compliance queries, building trust in Bell’s AI solutions on a global scale. Responsibilities Certification and Compliance Delivery Lead the delivery and ongoing maintenance of ISO / IEC 24001 certification. Ensure AI governance, risk management, and lifecycle processes align with ISO 42001 requirements. Translate AI-specific risks (e.g. bias, transparency, explainability, accountability … and dashboards for AI compliance performance. Drive continuous improvement of AI governance, data management, and assurance practices. Qualifications Proven experience delivering ISO certifications (Ideally ISO / IEC 42001, ISO 27001, and other related standards). String knowledge of AI governance, model lifecycle assurance, and risk management frameworks. Familiarity with More ❯

on AWS; drive standards, patterns, and guardrails, including Android & applications Lead an effective blended development model with clear SOWs, SLAs, quality gates, secure access, and code ownership. Manage engineering / infrastructure budgets and provide strategic oversight for FinOps practices, unit economics tracking, and the maintenance of a transparent risk register and remediation plans. Execution and delivery Lead disciplined engineering … execution across distributed in-house and outsourced teams. Champion 24 / 7 / 365 platform operations with SLAs, capacity planning, incident response and post-mortems Implement structured software release governance, migration frameworks, and robust QA practices. Drive predictable delivery (quarterly planning, dependency / risk management, quality gates). Establish and enforce best … in-class DevOps, trunk-based, CI / CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity / authorisation, privacy by design; ISO27001 / 9001, security posture and customer due diligence. Cross-functional leadership Partner closely with Product leaders to ensure product discovery, prioritisation, and delivery processes are respected and aligned. Work More ❯

What youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO / IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance, review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. … the near term). Significant experience in cyber security consulting or assurance, ideally within the public sector. Deep knowledge of GRC frameworks and standards (e.g. CAF, ISO / IEC 27001, PCI DSS).Strong client-facing skills, able to communicate complex issues clearly to technical and non-technical audiences. Proven track record of delivering … on time and influencing decision-making. Excellent written and verbal communication, including the ability to produce polished consultancy reports. Desirable certifications: ISO 27001 Lead Auditor / Implementer, CISSP, CISM, CRISC, CCP (GRC), or equivalent. Driving license and willingness to travel to client sites across the UK as required. Why join 4C Strategies? Work with a More ❯

Looking for a strong Network Security professional responsible for Designing / Architecting / Implementing / Maintaining enterprise Network Security Infrastructure. Location: Warwick / Wokingham Mode: Hybrid (3-days work from Office) Experience Required: 8–10 Years Must Have / Mandatory Skills Palo Alto Networks – Firewalls (MUST) Network Security Architecture IAM, MFA, AAA, RBAC, Privilege Access … Cloud Security (OCI / Azure / AWS) SIEM / Vulnerability Management / PKI / Cryptography LAN / WAN / DMZ / Routing / Switching / Subnetting Key Responsibilities Design / Architect network security infra solutions like Firewalls, IDPS, Proxy, Load Balancers, VPN, WAF Build and optimize firewall policies + … network access controls Ensure compliance alignment (GDPR / PCI DSS / HIPAA etc.) Perform regular audits + risk assessments, close compliance gaps Evaluate / Recommend new security tools & methodologies Monitor network traffic & identify operational security threats Work closely with Network, Infra, Cloud & Engineering teams Communicate complex technical security topics to non-technical audience Provide guidance / More ❯

communication while driving compliance excellence, this opportunity is for you! What We're Looking For: Qualifications and Experience: Proven experience delivering and managing cybersecurity certifications (e.g., ISO / IEC 27001, SOC2 Type II, Cyber Essentials Plus, CREST). A strong understanding of SOC operations and security assurance frameworks. Experience engaging with customers during … audits and RFP / RFI processes, showcasing security-driven solutions. Familiarity with regulatory frameworks such as NIST CSF, GDPR, and UK NCSC guidance. Experience liaising with external auditors and certification bodies. Skills: Exceptional documentation and evidence collection capabilities. Strong communication skills to articulate technical assurance challenges to leadership and customers. Analytical and detail-oriented with a systematic approach to … Superb collaboration and stakeholder management abilities. Highly organised, able to manage multiple certifications and assurance projects simultaneously. Key Responsibilities Certification Leadership: Deliver and maintaincertifications such as ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST accreditation. Manage sector-specific frameworks, like PCI DSS for payment card data and NCSC More ❯

customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO / IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for … external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR / CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy Drive continuous improvement in assurance processes and evidence collection efficiency Produce regular reports and … audit outcomes, and assurance performance Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams Essential Qualifications & Requirements: Proven experience delivering and maintaining cybersecurity certifications (ISO / IEC 27001, SOC 2 Type II, Cyber Essentials Plus, CREST) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About … the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant … audit readiness, evidence gathering, and control implementation. Excellent attention to detail, analytical thinking, and confident stakeholder communication. Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP / E, GDPR Practitioner, CISM, or CISA. Why Apply? Join a modern, compliance-driven business where security and governance are at the heart of operations. Visible More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. JBRP1_UKTJ More ❯

standards, ensuring compliance with emerging global AI regulations, and building trust in our AI solutions. A primary focus will be leading the implementation and upkeep of ISO / IEC 42001 certification for AI Management Systems while embedding AI governance, risk management, and lifecycle processes into our wider assurance framework. You will act as the key … collaborate with product, customer, and technology teams to strengthen our compliance posture and enhance adoption. Required Qualifications & Experience Proven experience delivering ISO certifications (e.g., ISO / IEC 42001 , ISO 27001 , or similar standards). Strong knowledge of AI governance, risk management, and model lifecycle assurance frameworks. Familiarity with ISO … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb / en / privacy-notice. More ❯

operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and / … organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security … Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001 / 2, PCI, CIS 18, CMMC Principal Cloud Security: 4+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards Hands-on experience with a More ❯

operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response / Next Gen Protection and Response (EDR / XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired) : Experience in security operations design, engineering and / … organisations security operations capabilities such as improvements in asset visibility, threat detection capabilities, automation techniques, case management, enablement of compliance and regulatory requirements Experience in conducting threat hunting and / or compromise assessments to identify active or dormant indicators of compromise (IoCs) or evidence of unknown threats within an organisations digital environment Relevant industry certifications including GIAC Defensible Security … Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON), CISSP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO 27001 / 2, PCI, CIS 18, CMMC Principal Cloud Security: 4+ years of experience performing cloud security advisement and risk assessments based upon industry-accepted standards Hands-on experience with a More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by ControlCase) while working in an international … security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German strongly preferred. • At least one certification … from each of the following groups preferred: Group 1: CISA, ISO 27001 Lead Auditor Group 2: CISSP, ISO 27001 Lead Implementer, CISM More ❯

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm's long-term security strategy, drive ISO … controls and security operations across enterprise platforms Excellent communication and stakeholder engagement skills Desirable Attributes: Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer / Auditor Experience working with MDR / XDR partners and tools like Trustwave, Mimecast, or FortiGate A background in mentoring and promoting a security-conscious culture This is a … over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies. https: / / company / ryder-reid-legal More ❯

Incident Response (CSIRT) / SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high … in incident response and advanced threat hunting. A degree in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC / GCIA / GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS / IPS, NAC, DLP, and related security technologies. Familiarity … with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO / IEC 27001 / 27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT More ❯

Incident Response (CSIRT) / SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high … in incident response and advanced threat hunting. A degree in Computer Science, Cybersecurity, IT, or a related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC / GCIA / GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS / IPS, NAC, DLP, and related security technologies. Familiarity … with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO / IEC 27001 / 27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensic analysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT More ❯

breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO / IEC 27001, NIST 800-30, NIST 800-53 or OWASP … Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯