26 to 50 of 457 ISO/IEC 27001 Jobs in the UK excluding London

enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration Lead end-to-end migration from Legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (eg, NHS DSP Toolkit, HIPAA). Define data retention policies, PIA / DPIA frameworks … and lawful intercept / emergency call handling. DevOps & Automation Establish CI / CD pipelines for flows, Lambda, Lex bots, and infrastructure using CloudFormation / Terraform / CDK. Implement automated testing and version control for safe, repeatable deployments. Operational Excellence Define KPIs / SLAs (AHT, CSAT / NPS, abandonment rates) and build Real Time dashboards More ❯

for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities: * Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external … audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across … both written and verbal * Ability to build effective working relationships and influence at all levels * Comfortable working independently and proactively across teams Desirable: * Experience in supplier risk management and / or tender processes * ISO 27001 Lead Auditor / Implementer, PCIP, CISM, CompTIA Security+, or CISMP certification What you get in return: * Up to More ❯

enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration Lead end-to-end migration from Legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (eg, NHS DSP Toolkit, HIPAA). Define data retention policies, PIA / DPIA frameworks … and lawful intercept / emergency call handling. DevOps & Automation Establish CI / CD pipelines for flows, Lambda, Lex bots, and infrastructure using CloudFormation / Terraform / CDK. Implement automated testing and version control for safe, repeatable deployments. Operational Excellence Define KPIs / SLAs (AHT, CSAT / NPS, abandonment rates) and build Real Time dashboards More ❯

enterprise architecture standards for security, sustainability, and cost optimization. Implementation & Migration Lead end-to-end migration from legacy platforms (Avaya, Cisco, Genesys) to Amazon Connect. Design and implement IVR / contact flows, Lex conversational bots, Contact Lens analytics, and agent assist capabilities. Integration & Ecosystem Architect integrations with CRM / ITSM platforms (Salesforce, ServiceNow, Dynamics, Pega), WFM / … analytics pipelines using AWS services (Lambda, EventBridge, Kinesis, Glue, Athena). Security, Compliance & Governance Implement IAM, KMS encryption, VPC networking, and PrivateLink for secure connectivity. Ensure compliance with GDPR / UK GDPR, PCI-DSS, ISO 27001, and sector-specific standards (e.g., NHS DSP Toolkit, HIPAA). Define data retention policies, PIA / DPIA frameworks … and lawful intercept / emergency call handling. DevOps & Automation Establish CI / CD pipelines for flows, Lambda, Lex bots, and infrastructure using CloudFormation / Terraform / CDK. Implement automated testing and version control for safe, repeatable deployments. Operational Excellence Define KPIs / SLAs (AHT, CSAT / NPS, abandonment rates) and build real-time dashboards More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

maintain relationships with senior stakeholders (CIO, CFO, COO, CISO, Head of Technology) Strong track record in business development and sales within cyber security Experience applying standards such as ISO 27001, IEC 62443, NIS regulations, and NIS CAF Relevant certifications preferred: CISSP, CISM, GISCP, ISA 62443 (or equivalent) Overview Cyber Security Director – Transport … Sector Location: London, Bristol, Birmingham, Manchester area Salary: Competitive, dependent on qualifications and experience Key Skills Cyber security strategy, stakeholder engagement, transport sector expertise, business development, ISO / NIS / IEC standards, leadership, mentoring, hybrid working Why Apply? This is your opportunity to help shape the future of transport by delivering innovative cyber solutions … you don't hear from us within 7 working days, please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV / details in the future and we shall assess your suitability at that time. This role is a permanent position. More ❯

Access Control (RBAC) policies to ensure users receive appropriate access based on defined roles. Enforce access control standards and ensure alignment with organisational and regulatory requirements (e.g. GDPR, ISO Monitor IDAM systems for security incidents, vulnerabilities, and compliance risks, responding promptly to mitigate threats. Manage identity provisioning, de-provisioning and entitlement reviews across cloud and on-premise environments. … excellent documentation and communication skills. Relevant certifications (e.g. CISSP, CIAM, CISM) or equivalent experience. A proactive, collaborative approach and commitment to continuous improvement. Core Skills Identity & Access Management (IAM / IDAM) Azure Active Directory / Entra ID Role-Based Access Control (RBAC) Multi-Factor Authentication (MFA) Single Sign-On (SSO) Privileged Access Management (PAM) Authentication & Authorisation Security Administration … IT Governance & Compliance Cybersecurity / ISO 27001 / GDPR Active Directory Cloud Security (Microsoft 365 / Azure) Why Join? Work within a respected global organisation investing heavily in digital transformation and cyber resilience. Opportunity to lead on IDAM improvement projects and shape access governance strategy. Flexible hybrid working environment with excellent benefits. Ongoing More ❯

Division, the Enterprise Infrastructure Solutions unit is responsible for the design, delivery, and management of centrally supported IT infrastructure and applications. This includes enterprise compute platforms, data networks, UNIX / Linux / Windows environments, cloud services, data centres, commercial software solutions, and end-user support across all UKAEA sites. Role Overview : The Cyber Security Specialist plays a pivotal … o Experience conducting or supporting security audits and implementing remediation plans. o Proficiency in assessing and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS / PaaS, Windows / Linux / Unix. o Strong knowledge of security tooling such as SIEM, endpoint detection (EDR / XDR), and vulnerability management platforms. o Hands … Experience working in a regulated or government environment, particularly within research, energy, or national infrastructure. o Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems. o Knowledge of OT / ICS / SCADA security principles and industrial control environments. o Experience designing or reviewing secure software supply chain and CI / CD security. o Practical experience in More ❯

fast-growing Managed Service Provider (MSP). Youll generate new business, nurture relationships, and sell managed IT servicesthink ongoing IT support, Microsoft 365, cyber security, backup & disaster recovery, networks / Wi-Fi, and VoIPtailored to each clients goals. Youll own the end-to-end sales cycle, working closely with pre-sales and engineering to scope solutions and convert opportunities … networking, referrals and inbound leads; build a strong pipeline. Discovery & solutions:Understand each clients business needs and translate them into clear, value-led proposals. Present & demo:Run meetings (virtual / in-person), presentations and light demos; coordinate technical deep dives when needed. Full sales cycle:From first contact and proposal / SOW through to negotiation, close, and smooth … handover to service delivery. Land & expand:Run regular account reviews to identify upsell / cross-sell (security, backup / DR, VoIP, cloud). Forecasting & CRM:Keep pipeline, activity and forecasts accurate; report on performance and targets. What were looking for - Essentials MSP or B2B tech sales experience(selling recurring services or solutions), with a track record against targets. More ❯

fast-growing Managed Service Provider (MSP). Youll generate new business, nurture relationships, and sell managed IT servicesthink ongoing IT support, Microsoft 365, cyber security, backup & disaster recovery, networks / Wi-Fi, and VoIPtailored to each clients goals. Youll own the end-to-end sales cycle, working closely with pre-sales and engineering to scope solutions and convert opportunities … networking, referrals and inbound leads; build a strong pipeline. Discovery & solutions: Understand each clients business needs and translate them into clear, value-led proposals. Present & demo: Run meetings (virtual / in-person), presentations and light demos; coordinate technical deep dives when needed. Full sales cycle: From first contact and proposal / SOW through to negotiation, close, and smooth … handover to service delivery. Land & expand: Run regular account reviews to identify upsell / cross-sell (security, backup / DR, VoIP, cloud). Forecasting & CRM: Keep pipeline, activity and forecasts accurate; report on performance and targets. What were looking for - Essentials MSP or B2B tech sales experience(selling recurring services or solutions), with a track record against targets. More ❯

a fast-paced environment, and want to make real impact at Europe’s leading frozen food company. Responsibilities: Overseeing cyber security governance efforts, ensuring alignment with frameworks like ISO 27001, NIST, NIS2 and GDPR, and regulatory standards. Identify, assess, and mitigate security risks across the organisation. Implement and maintain risk management processes, ensuring effective controls are … experienced in operating a risk management framework across multiple entities and territories, including risk appetite and impact / likelihood calibration. Has familiarity with regulations and standards such as ISO27001, NIST CSF, NIS2, COBIT, ITIL, GDPR, and SOC2, including developing and maintaining frameworks, policies and guidance, and implementation and monitoring strategies. Some of the key skillset required for this position … are: Graduate level in Cyber Security, Computer Science or similar. CRISC, CISM, CRM, CISA, CCP Practitioner SIRA, ISO / IEC 27001 Lead Auditor, or similar. 3-5 years’ experience in cyber governance, risk and compliance roles, preferably in the FMCG sector. What we can offer you: We’re on an exceptional adventure and More ❯

problems through to completion in line with service levels. Strong experience working with public cloud platforms with a particular focus on Microsoft Azure including but not limited to PaaS / Key Vault / Bastion / NSGs / PrivateLinks. Experience with Azure AD Premium 2 including Single Sign on configuration. Experience working with Microsoft Server environments) including … server 2016 / 2019 and common desktop environments using Windows desktop operating systems such as Windows 10. Working knowledge of Microsoft Active Directory and its associated tools. (Domains & Trusts, Sites and Services, Users & Computers, Distributed File System, DHCP & DNS etc). Knowledge of virtualisation technologies such as Microsoft Hyper V. Strong experience with Scripting languages such as Python / … advanced penetration test and audit tools notably Kali Linux. Knowledge and experience working with at least one of the IT security frameworks such as NIST 800 series / ISO27001 / CIS control suites. Offensive Security mindset. Proven excellent customer service skills. Sound relationship management and communication skills. Excellent working knowledge of core Microsoft products; Word, Excel, PowerPoint, Outlook More ❯

Information Security Manager (3 days / week, permanent pro-rata) Location: Leeds-hybrid (on-site 1-2 day / week, typically Mon / Tue) Reports to: VP, Information Security Team: 5 in security (within a wider UK tech org of ~25, multi-region) We’re looking for a hands-on InfoSec Manager to take pressure off the … shape the control environment, and keep the security operations and compliance moving at speed. You’ll blend GRC and technical oversight , working closely with two security engineers (vuln scanning / IDS, external pen-test liaison) and two GRC specialists. What you’ll do Drive and extend ISO 27001 implementation / maintenance (UK certified; expanding … to Madrid and Manila ). Support SOC 2 Type 2 maintenance (already accredited)—expert level not required. Oversee SIEM operations with the tech team: ensure log ingestion / coverage , daily monitoring, and follow-up. Guide vulnerability management, alert triage (Alert Logic), and external pen-test cycles. Keep evidence flows tight: client questionnaires, audit responses, security awareness, and user access More ❯

security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data … Protection teams on policy alignment and compliance. Technical Review and Oversight Lead or oversee reviews of system architectures, applications, cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM / PAM implementations and M365 / Azure / Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution … security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track More ❯

Trust. Person Specification Qualifications Essential ITIL v3 Service Management Qualification Educated to degree level or equivalent Formal certification (ISACA: Certified Information Security Manager (CISM). CISSP, or CRISC) and / or formal training in information security standards and best practice (e.g.: ISO 27001 / 2, COBIT), or equivalent work experience demonstrating understanding of the … same. Experience Essential Extensive experience of developing and delivering an Information Security service to a large complex organisation using confidential and / or sensitive information Desirable IT experience gained in both and Acute and Community setting Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will … for any previous criminal convictions. Employer details Employer name Royal Berkshire NHS Foundation Trust Address Royal Berkshire Hospital Princes House, London Road Reading RG1 5UZ Employer's website https: / / www.royalberkshire.nhs.uk / More ❯

of the job Develop and implement a comprehensive cyber and information security strategy across the Trust and ICS. Lead risk management, resilience planning, and compliance with national frameworks including ISO27001, DSPT, and Cyber Essentials+. Provide expert advice to senior stakeholders and technical teams on emerging threats and mitigation strategies. Chair assurance groups and lead internal audit controls for DDaT security. … Governance policies. Person Specification Qualifications Essential Masters level degree or equivalent experience in a related subject Formal certification (ISACA: Certified Information Security Manager (CISM). CISSP, or CRISC) and / or formal training in information security standards and best practice (e.g.: ISO 27001 / 2, COBIT), or equivalent work experience demonstrating understanding of the … for any previous criminal convictions. Employer details Employer name Royal Berkshire NHS Foundation Trust Address Royal Berkshire Hospital Princes House, London Road Reading RG1 5AN Employer's website https: / / www.royalberkshire.nhs.uk / More ❯

ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health / Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management System (ISMS … in accordance with ISO27001 in a company that manages highly sensitive data. You will support the firm's governance, addressing areas of risk and supporting plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber threat security. … System Assurance. What you'll need to succeed You will ideally have the following experience and qualifications:Professional certifications such as ISO 27001 Lead Implementer / Auditor as well as hands-on experience with auditing and maintaining accreditation for ISO 27001:2022 You will have a strong background in enterprise risk More ❯

central leader responsible for the company's overall security and compliance posture. You will manage the entire Information Security Management System (ISMS), ensuring the continuous maintenance of the ISO 27001 standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and … overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information risk management across the organisation, including identification, assessment, treatment, and ongoing tracking of risks, non-compliances, and associated action plans. Coordinate Information Asset Owners … good teacher Ability to work independently and with ad hoc teams Rigour, precision and attention to details Writing skills Ensuring technological and regulatory watch IT tools skills (Microsoft Office / Google Workspace / Jira) Policies and procedures related to information security, in particular ISO 27001 Project management techniques Control of the audit activity: procedure More ❯

central leader responsible for the company's overall security and compliance posture. You will manage the entire Information Security Management System (ISMS), ensuring the continuous maintenance of the ISO 27001 standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and … overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end-to-end Information Security Management System (ISMS), ensuring continued ISO 27001 compliance. Drive information risk management across the organisation, including identification, assessment, treatment, and ongoing tracking of risks, non-compliances, and associated action plans. Coordinate Information Asset Owners … good teacher Ability to work independently and with ad hoc teams Rigour, precision and attention to details Writing skills Ensuring technological and regulatory watch IT tools skills (Microsoft Office / Google Workspace / Jira) Policies and procedures related to information security, in particular ISO 27001 Project management techniques Control of the audit activity: procedure More ❯

I and EU regulations. You will chair status review sessions, maintain accreditation tracking systems, and provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials / Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid … Nottingham-based role reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials / Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance … Partner with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001 / 2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows / More ❯

We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools. Your wellness: We care about your holistic wellbeing Your work / life blend: We know that work is just one aspect of your life - we want to help you create your ideal work / life blend, rather than squeezing … lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. You … of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as: Cortex XDR / Palo Alto Networks Splunk (SIEM and dashboarding) Abnormal Security (email security) Prisma Cloud (cloud security posture management) Airlock (application and API security) Nucleus (vulnerability management and reporting) Deep knowledge More ❯

We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools. Your wellness: We care about your holistic wellbeing Your work / life blend: We know that work is just one aspect of your life - we want to help you create your ideal work / life blend, rather than squeezing … lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements.This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. You'll … security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR / Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma Cloud (cloud security posture management)o Airlock (application and API security)o Nucleus (vulnerability management More ❯

cycle (aligned to the PLP) of their digital products in order to generate maximum repeatable income, increase market share, increase profit, ensure return on investment and improve customer satisfaction / experience while responding and aligning to the Division and Group's overall portfolio strategy. The role’s workstreams / packages are validated by the Industry Director and their … beyond the industry or site where they are located, to apply globally and across all industries within the division. Duties & Responsibilities: Manage the resources necessary to deliver the Product / s that they are accountable for efficiently and effectively between the relevant site (Centre of Excellence (CoE / manufacturing facility) and the Regions, Markets, contract / client … the PRD meets the market demand and is fit for purpose aligned to the Product roadmap and business strategy. Develop, release, and manage plans necessary to deliver the Product / s project / program that they are accountable for efficiently and effectively between the site (CoE / manufacturing facility) and the Regions, Markets, contract / client More ❯

cycle (aligned to the PLP) of their digital products in order to generate maximum repeatable income, increase market share, increase profit, ensure return on investment and improve customer satisfaction / experience while responding and aligning to the Division and Group's overall portfolio strategy. The role’s workstreams / packages are validated by the Industry Director and their … beyond the industry or site where they are located, to apply globally and across all industries within the division. Duties & Responsibilities: Manage the resources necessary to deliver the Product / s that they are accountable for efficiently and effectively between the relevant site (Centre of Excellence (CoE / manufacturing facility) and the Regions, Markets, contract / client … the PRD meets the market demand and is fit for purpose aligned to the Product roadmap and business strategy. Develop, release, and manage plans necessary to deliver the Product / s project / program that they are accountable for efficiently and effectively between the site (CoE / manufacturing facility) and the Regions, Markets, contract / client More ❯