101 to 125 of 424 ISO/IEC 27001 Jobs in the UK excluding London

tight SLA’s and KPI’s for our customers leveraging vulnerability and assessment tools such as Qualys and Microsoft’s EDR offering. Analyse vulnerability test reports and provide remediation / mitigation plans to the team. Integrate with our vendors and security providers to identify the most up-to-date information on the latest vulnerabilities and deliver key awareness and … LIMA’s Operation team to plan and implement internal security adoption across all our platforms including our hosted cloud platform, aligning to CE+, ISO 27001 / 27002 and ITIL. With the Technical Services Manager, identify and implement the best practice security posture for LIMA’s Managed Services Engineers when working with customers and vendors. Produce … experience with technical accreditations or demonstrable experience in security and vulnerability remediation technologies: Security Tooling: OWASP ZAP, Nmap, Wireshark Assessment Tooling: Nessus, Qualys, etc Remediation Tooling: Microsoft Endpoint Management / Intune Microsoft Security / Compliance: MFA,?Conditional Access, SSPR, DLP, IPM, IRM, DKIM, MCAS Application packaging for automated deployment Intermediate scripting experience utilising PowerShell or Python You should More ❯

IT Solutions Architect (Aberdeen / Scotland) As an IT Solutions Architectwithin Redsquid , you will be responsible for designing and delivering best-in-class IT solutions tailor ed to the evolving needs of our clients. This is a hands-on, client-facing role that combines deep technical expertise with strong commercial awareness and strategic thinking. About the Job Permanent, Full … role that combines deep technical expertise with strong commercial awareness and strategic thinking. You will lead technical discovery sessions, design scalable solutions acrossMicrosoft 365, Azure, Microsoft Sentinel, Intune, andnetwork / firewall infrastructure, and support the sales team with pre-sales input and client proposals. You will also guide project delivery, ensuring solutions are implemented to a high standard with … governance including policies, management groups, tagging, cost control, and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating workbooks / dashboards, and writing KQL queries. Understanding of incident response, security event correlation, and automation via Logic Apps. Solid grasp of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection More ❯

Assurance and Certification Manager Location: Portsmouth, Hybrid (2 days p / week) Employment Type: Permanent Salary: £65,000 - £75,000 Are you passionate about driving compliance, risk management, and organisational excellence in a dynamic, collaborative environment? Robert Half we are seeking an experienced Assurance and Certification Manager to work with their leading MSP client Responsibilities: Lead the development, implementation … and continuous improvement of assurance, compliance, and certification frameworks. Manage and sustain ISO accreditations (e.g., ISO 9001, 14001, 27001, and others) and integrate emerging AI standards into organisational processes. Conduct comprehensive internal and external audits, risk assessments, and compliance gap analyses across multiple regions. Collaborate with cross-functional teams to align certification objectives with … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

failure. Essential Skills & Experience: At least 2 years of hands-on experience in information security or IT infrastructure within an enterprise environment. Familiarity with security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk … apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

thorough evaluations of supplier policies and procedures, current security controls, third party pen testing reports, vulnerability management reports, and information security reports such as SOC2 Reports, NIST or ISO 27001 reports, PCI DSS etc). Manage relationships with large third-party suppliers involved in transformative, high-impact projects and Business as usual activities. This included facilitating … these vulnerabilities Work with internal stakeholders (procurement, legal, IT, compliance) to integrate third-party risk considerations into vendor selection and contract management processes. Responsible for confirming the Inherent Risks / Residual Risks and the effectiveness of Supplier security measures and controls. Reviewing and analysing the daily vulnerability reports generated by the third party risk management tool. Confirm reported vulnerabilities … stakeholder management skills. Experience with risk assessment tools and methodologies. Ability to work independently and manage multiple priorities You'll have the right to work in Ireland (EU Citizen / Stamp 4 Visa) Happy to work in a hybrid model and be on-site for meetings as required Salary Starting salary is €81,000 with a leading benefits package More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer – Responsibility: Carry out daily security engineering / operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make … recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application / web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer – Skills: Experience in Security Engineering, Network Security, and / … protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA / CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants More ❯

now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer - Responsibility: Carry out daily security engineering / operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make … recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application / web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer - Skills: Experience in Security Engineering, Network Security, and / … protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA / CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants More ❯

failure. Essential Skills & Experience: At least 2 years of hands-on experience in information security or IT infrastructure within an enterprise environment. Familiarity with security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk … apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

failure. Essential Skills & Experience: At least 2 years of hands-on experience in information security or IT infrastructure within an enterprise environment. Familiarity with security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk … apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

in relation to Data Protection and Information Management. The successful candidate will be responsible for: Develop, own and implement our Data Protection Strategy, including associated policies. Lead the UK / EU data privacy compliance framework and ensure its continuous improvement. Be the named point of contact with the regulatory bodies,s seeking advice where necessary. Ensure serious information breaches … business operations. Oversee Data Protection Impact Assessments (DPIAs), advising stakeholders on risks and guiding mitigation efforts. Development and upkeep of the required Records of Processing Activities (ROPA) documentation. Experience / Qualifications Must have: Degree or Relevant Experience Expert knowledge of UK / EU GDPR and Data Protection Act 2018. Hands-on experience leading a data compliance programme or … Management Systems. Ability to communicate, negotiate and influence at all levels of the Group. Knowledge of global privacy regulations (e.g. UK, EU, Middle East). Desirable: Certifications like CIPP / E, CIPM, CIPT C-DPO or similar. Leadership experience and team development skills. Background in Aviation, Technology. What We Offer: Competitive salary Generous holiday allowance and company pension scheme. More ❯

including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and / or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders … up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us who we … our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who can influence More ❯

management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and … practices, while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems More ❯

Job Title: IT Banking Auditor Location: Birmingham (5 days on-site, full-time) Employment Type: / Contract Salary: Competitive, based on experience Company Overview: We are a leading financial institution committed to excellence in compliance, risk management, and technological advancement. We are currently seeking an experienced IT Banking Auditor to join our Internal Audit team in Birmingham. This is … to explain technical issues to non-technical stakeholders. Ability to work independently and manage multiple audit assignments concurrently. Desirable: Experience with core banking platforms, digital banking, cloud services, and / or fintech integration. Knowledge of data analytics tools (e.g., ACL, IDEA, Power BI) and scripting languages (e.g., Python, SQL). Previous Big 4 or internal audit experience in a … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

will be directly responsible for continued success of the entire Aforza product suite. As such, the ideal candidate must be hands-on, flexible, and used to working in startup / scale up environments, where every employee has a direct impact on the company's success. All of Aforza's cloud applications, microservice and websites are hosted on Google Cloud … with IaC tools such as Terraform Strong understanding of authentication and authorization protocols such as OAuth 2.0, OIDC, SAML etc Experience with SQL and NoSQL databases Experience with Docker / Kubernetes Knowledge of security and IAM best practices You might not have all of the above, but don't let that stop you. We're excited to hear from … benefits, including: Work on cutting edge technologies with world leading customers Stock options 25 days PTO & bank holiday Pension Private health cover & income protection Flexible hours and hybrid remote / office working Fantastic, brand new office space in the heart of Cardiff city centre Our Interview Process Director, Cloud Infrastructure Cardiff / Remote (UK only) About Aforza Aforza More ❯

audiences. Undergraduate Degree in an IT or cyber security discipline, or equivalent experience and relevant qualifications. Knowledge of common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL) or the National Institute of Standards and Technology Cybersecurity Framework. Understanding of networks … systems, applications and Cloud technologies. Familiarity with the principles of cryptography. Knowledge of security testing. Experience of working and learning within a fast-moving, changeable environment with new technology / services / infrastructure / priorities and working practices (processes). Excellent organisational, planning and administrative skills and a good eye for detail. Highly analytical with the ability More ❯

of our legacy systems to the Microsoft cloud. Your responsibilities will include: Evaluate and enhance existing IT systems, management procedures, and security protocols to ensure robust protection. Oversee ISO 27001 and other key accreditations by collaborating with internal teams and external auditors. Manage information security requests and compliance reports, ensuring adherence to GDPR and other relevant … have the opportunity to leverage your existing skills while developing new ones, contributing to the strategic security objectives of the Company and ensuring adherence to critical accreditations, including ISO 27001, GDPR, Cyber Essentials, and PCI DSS. The successful candidate will demonstrate: Strong analytical skills with a meticulous approach to identifying and resolving security issues. Excellent verbal … attitude towards learning and developing expertise in information security. Happy to travel occasionally to other sites as required. Desirable Experience: Demonstrable expertise in external audit, compliance, and security processes (ISO27001, GDPR, Cyber Essentials and PCI DSS). Microsoft accreditation or other recognised certifications (e.g. Microsoft Learning, CISA, CISM, CRISC, CCSP) would be very beneficial. Benefits: £25,000 - £35,000 salary More ❯

Head. Work across multiple business functions, supporting both on-prem and cloud environments (primarily AWS , with some GCP and Azure ). Apply knowledge of security frameworks such as ISO 27001 and NIST to ensure compliance and assurance. Maintain a calm, focused approach under pressure, especially when dealing with sensitive or high-stakes projects. About You Strong … management skills. Able to lead by influence, not authority, and support a high-performing team culture. Technical Skills Cloud Platforms: AWS (primary), GCP, Azure (basic familiarity) Security Frameworks: ISO 27001, NIST Tools: Jira, Confluence, GitHub, Microsoft Teams, Slack Methodologies: Agile, DevSecOps Other: Strong understanding of data flows, integration patterns, and secure system design Carbon60, Lorien & SRG More ❯

a wide range of infrastructure improvements. From migrating to Azure AD and Intune, to rolling out Defender across the business and helping push toward Cyber Essentials Plus and ISO 27001 compliance; there's a lot going on, and you'll be in the thick of it. Alongside cloud migration work, you'll also be involved in … telephony platforms in a business environment Exposure to cloud migrations, ideally Azure (some AWS experience also fine) Experience supporting enterprise platforms like IIS & SQL Familiarity with compliance standards (ISO 27001, Cyber Essentials, NIST) There's no on call requirement, though some flexibility around out of hours work may occasionally be needed. This is a genuinely varied More ❯

down to the successful candidate. You can expect: Design and manage scalable, secure cloud environments using Azure Bicep, ARM, or Terraform Lead the implementation of DevSecOps practices including CI / CD, secrets management, zero-trust security, and vulnerability management Develop secure cloud-native architectures including microservices, containers, and serverless patterns Ensure compliance with industry security and privacy standards ( e.g. … ISO 27001, SOC 2, GDPR) Secure containerised environments, including Kubernetes and Docker Collaborate with developers to integrate secure deployment pipelines across the SDLC Support deployments in client environments, including on-prem and multi-cloud Continuously improve infrastructure processes for performance, reliability, and security Where you'll be stretched (and thrive): We're growing fast: That means … skillsyou'll need to succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI / CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as More ❯

Flexible, Hybrid working available. Join us as an Information Security Officer! You'll play a central role in shaping and implementing our security strategy, ensuring it aligns with ISO 27001 standards. You'll manage and monitor risks, maintain compliance with legal and regulatory requirements, and lead our response to cyber incidents, including simulations and investigations. Your … and assessments, while promoting a strong security culture through awareness initiatives and tailored training programs. What we are looking for: Professional certifications such as CISSP, CISM, CISA, CCSP, ISO 27001 Implementor, or equivalent. Strong knowledge of information security, risk management, and data protection-ideally within the financial sector. Proven ability to build effective relationships with stakeholders More ❯

Information Security Analyst Hull / Hybrid A great opportunity for an Information Security Analyst to join one of the UK’s leading enterprise manufacturing businesses. You will join a company that has experienced year on year growth and is looking to hire due to the expansion of the team. You will be part of a business driving innovation in … the business is investing in to grow and become a critical function within its IT landscape. You will play a key role in the organisation’s journey to ISO 27001 and CES, and be instrumental in implementing the GDPR, DLP compliance and security awareness initiatives. To be successful in this role you must have the following … experience: At least 3 years’ experience working as an Information Security Analyst Strong understanding of ISO 27001 Experience GDPR Compliance Experience of Microsoft environment Security certifications such as CISM are a bonus The role is based in Hull and has a two stage interview process that can be wrapped up within a week. Please apply or More ❯

processes, and systems. - Assess and remediate gaps in security practices and influence operational teams to adopt security-first approaches. - Drive adherence to industry standards and frameworks such as ISO 27001, NIST, or similar. - Provide expert input to enhance security frameworks, policies, and procedures. - Lead and support security awareness initiatives across business units. What We’re Looking … For - Strong understanding of information security principles, particularly in GRC. - Hands-on experience with ISO 27001, NIST, or similar standards. - Excellent communication and stakeholder engagement skills - able to translate technical security concepts into clear business language. - Proven ability to embed governance and compliance into large, complex organisations. - Ability to balance technical, operational, and business priorities. Why More ❯