26 to 50 of 506 ISO/IEC 27001 Jobs in the UK excluding London

Information and Cyber Security within EMEA. Manage the intragroup relationships across AD and EMEA for Information and Cyber Security, ensuring service levels are met for all services received and / or provided. Accountabilities & Responsibilities : Define intra group security governance and service management framework Enhance and embed the operating / engagement model and service level agreement to ensure continuous … depth knowledge of third-party regulations across UK and EU such as ECB's EBA, DORA and related standards Information and Cyber Security Frameworks and industry Standards (e.g., NIST / ISO 27001 / COBIT / ITIL) Experience creating and delivering presentations and concise writing skills to produce clear documentation (security policy, senior management More ❯

levels. Demonstrated ability to establish lasting customer relationships. Framework fluency: familiarity with NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK and core domains (EDR / SIEM / IAM / Zero Trust; cloud security across AWS / Azure / GCP). Solution experience: selling MDR / XDR, IR retainers, and … / or risk & compliance services into mid-market / enterprise. Methodology: comfortable with MEDDICC / MEDDPICC or Challenger. Nice to have: experience with public sector frameworks and / or SC clearance eligibility. More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

ROLE OVERVIEW / / We are recruiting for an experienced IT Security and Resilience Specialist to join the IT Infrastructure Engineering Team. Which is part of the Technology Department, and the wider Business Services function based at the firm’s head office in London. This is a hybrid role that is both hands-on and process-focused, ensuring … standards. This is not a purely administrative role; the successful candidate will work directly with infrastructure and security teams to fix issues as well as document them. KEY RESPONSIBILITIES / / The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work … Candidates for this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at More ❯

reporting. Liaise with customers and provide regular updates. Coordinate product support and resolve technical issues. Maintain documentation and configure products for delivery. Ensure compliance with ISO 9001 / 27001 standards. Requirements: Degree in STEM or equivalent experience. Strong project management and communication skills. Familiarity with Linux and collaboration tools (e.g. Jira, Confluence). Experience working … to ISO 9001 / 27001 quality and security processes. Software Development background highly beneficial, coding skills in Python, JavaScript would be of benefit Previous experience in defence / security and software / hardware development is a plus. Full UK driving licence and willingness to travel in the UK and potentially overseas This role More ❯

Information Security Regulatory Support Lead. You will engage with a wide range of stakeholders to deliver the required outcomes, obtaining evidence of assurance activities and adherence to security policy / standards across the EMAP region, assessing both technical and organisational controls against Information Security Regulatory requirements, provide input on regular reporting of support activity progress as required and completing … agreed objectives are delivered within the engagement timescales. Background: • A bachelor’s degree in computer science, management information systems, relevant field, or equivalent demonstrable experience • Experience of performing IT / Information Systems & Information Security Governance Auditing • 5+ years’ of experience in Information Security and / or Information Technology • Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent• Familiarity with industry standards and frameworks e.g., NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT• Experience with risk assessments, and familiarity with IT systems, cybersecurity practices and domain • Strong analytical, problem solving and critical thinking skills with meticulous attention to detail• Excellent verbal and More ❯

Governance Specialist. You will be responsible for engaging with a wide range of stakeholders to deliver the required outcomes, obtaining evidence of assurance activities and adherence to security policy / standards across the EMAP region, assessing both technical and organisational controls against Information Security Regulatory requirements, producing regular reporting on support activity progress to the Information Security Regulatory Governance … within the engagement timescales. What your background looks like: • A bachelor’s degree in computer science, management information systems, relevant field, or equivalent demonstrable experience • Experience of performing IT / Information Systems & Information Security Governance Auditing.• 8+ years of experience in Information Security and / or Information Technology. • Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent.• Familiarity with industry standards and frameworks e.g., NIST 800-53, ISO 27001 / 27002, CIS Controls, COBIT.• Experience with risk assessments, and familiarity with IT systems, cybersecurity practices and domains.• Strong analytical, problem solving and critical thinking skills with meticulous attention to detail.• Excellent verbal and More ❯

reporting. Liaise with customers and provide regular updates. Coordinate product support and resolve technical issues. Maintain documentation and configure products for delivery. Ensure compliance with ISO 9001 / 27001 standards. Requirements: Degree in STEM or equivalent experience. Strong project management and communication skills. Familiarity with Linux and collaboration tools (e.g. Jira, Confluence). Experience working … to ISO 9001 / 27001 quality and security processes. Software Development background highly beneficial, experience of Project Managing software projects is essential Coding skills in Python, JavaScript would be of benefit but not essential Previous experience in defence / security and software / hardware development is a plus. Full UK driving licence and More ❯

reporting. Liaise with customers and provide regular updates. Coordinate product support and resolve technical issues. Maintain documentation and configure products for delivery. Ensure compliance with ISO 9001 / 27001 standards. Requirements: Degree in STEM or equivalent experience. Strong project management and communication skills. Familiarity with Linux and collaboration tools (e.g. Jira, Confluence). Experience working … to ISO 9001 / 27001 quality and security processes. Software Development background highly beneficial, experience of Project Managing software projects is essential Coding skills in Python, JavaScript would be of benefit but not essential Previous experience in defence / security and software / hardware development is a plus. Full UK driving licence and More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

Senior Control Assurance Assessor - Finance - Nottingham / Hybrid Day rate: £400 - £500 (Inside IR35) Duration: 6 - 12 months Start: ASAP My client is looking for a Senior Control Assurance Assessor. The selected candidate will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premise and in the cloud, to ensure they … computer science, management information systems, relevant field, or equivalent demonstrable experience 3+ years' experience performing IT Audit or security control testing. 8+ years' of experience in Information Security and / or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST … ISO 27001 / 27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical, problem solving and critical thinking skills with meticulous attention to detail. Excellent verbal and written communication skills. Ability to work both independently and collaboratively within a team More ❯

on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role working closely with senior … Opportunity to lead major security initiatives and strengthen overall cyber resilience. Exposure to a wide range of security tools and technologies, from CrowdStrike and Palo Alto firewalls to email / web gateways and NAC solutions. Career growth - mentor others, lead projects, and become a go-to technical expert. What you’ll be doing: Taking ownership of CrowdStrike EDR , including … NAC, and firewall controls . Leading on incident response , root cause analysis, and runbook development. Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email / web security, MFA, SSO, PAM, MDM / MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation More ❯

on key projects, but also play a big part in developing security strategy, mentoring junior colleagues, and driving the firm’s journey towards a zero-trust model and ISO 27001 certification . Why this role? Chance to build and shape a new function in a well-established law firm. High visibility role working closely with senior … Opportunity to lead major security initiatives and strengthen overall cyber resilience. Exposure to a wide range of security tools and technologies, from CrowdStrike and Palo Alto firewalls to email / web gateways and NAC solutions. Career growth - mentor others, lead projects, and become a go-to technical expert. What you’ll be doing: Taking ownership of CrowdStrike EDR , including … NAC, and firewall controls . Leading on incident response , root cause analysis, and runbook development. Managing and optimising a wide suite of tools: WAF, DDoS, VPN, perimeter firewalls, email / web security, MFA, SSO, PAM, MDM / MAM, and conditional access. Partnering with InfoSec to align platforms with overall security strategy. Supporting vulnerability scanning, remediation, and risk mitigation More ❯

Design and implement a comprehensive security strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems … experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯

Design and implement a comprehensive security strategy and roadmap, ensuring our security posture meets the requirements of the NHS Data Security and Protection Toolkit (DSPT), Cyber Essentials Plus, ISO 27001:2022, and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems … experience with UK healthcare security standards and regulations, including demonstrable expertise with the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC) and NCSC CAF. ISO 27001:2022 implementation & maintenance: Hands-on experience with the successful implementation, certification, and ongoing maintenance of an ISO 27001 Information Security Management System More ❯

with multiple stakeholders to support continuous improvement of the control testing programme. I am therefore keen to speak with candidates who have: A proven background in Security Controls Assesment / IT Audit for large corporate clients. Big 4 accounting experience preferred. Professional certifications in CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent would be … preferred Familiarity with frameworks such as NIST 800-53, ISO 27001 / 27002, CIS, COBIT Strong skills in security control tools like SailPoint, Wiz, or Rapid7 Comfortable using tools like RSA Archer, ServiceNow, Kanban Boards and Jira Adept at working in agile teams and communicating effectively across all levels Knowledge of Excel, Tableau, Alteryx, and More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … Business, Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German … or English; both preferred). Strong organizational skills with the ability to manage multiple priorities. Nice-to-Have Professional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar). Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.). Familiarity with vendor risk management and third-party security assessments. Exposure to data privacy laws beyond More ❯

defence industry, seeking a skilled Project Manager to lead technical projects from proposal through delivery. Youll manage budgets, schedules, and customer relationships, ensuring work meets ISO 9001 / 27001 quality and security standards. Key Responsibilities: - Plan, track, and report project progress and budgets. - Liaise with customers in person, via email, and online meetings. - Produce written … and configure products for delivery. Requirements: - Degree in Computer Science, Engineering, Physics, or Maths (or equivalent experience). - Proven technical project management experience. - Knowledge of ISO 9001 / 27001, Linux, and collaboration tools (e.g., Confluence, Jira, Gitlab). - Advantageous: Defence sector experience, software development (Python, HTML / JS), hardware production knowledge. - Excellent communication, problem … solving, and organisational skills. - Able to obtain UK Developed Vetting security clearance. - Full UK driving licence and willingness to travel (UK / international). Benefits: - 25 days holiday + bank holidays - 10% pension contribution, bonus scheme, six-monthly salary reviews - Private medical, life, and critical illness cover - Free parking, small friendly office - £50£80k salary More ❯

secure cloud infrastructure using Oracle Cloud Infrastructure (OCI). Develop and manage Infrastructure as Code (IaC) with tools like Terraform to enable secure, repeatable deployments. Implement and manage CI / CD pipelines, focusing on automated security testing, deployment, and monitoring. Ensure all aspects of the data platform OCI infrastructure, data ingest pipelines, tool deployments, access controls, and monitoring are … Hands-on experience with cloud infrastructure, ideally Oracle Cloud (OCI), including provisioning, configuration, and service management. Proficient with Terraform or similar IaC tools. Skilled in implementing and maintaining CI / CD pipelines (e.g., GitHub Actions), especially with automated security testing. Strong knowledge of containerisation (e.g., Docker) and orchestration (e.g., Kubernetes). Deep understanding of cloud security principles: IAM, network … security, encryption. Experience with monitoring / alerting tools (e.g., Prometheus, Grafana, ELK stack). Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g. More ❯

in the days that you work, and the opportunity to work across diverse industries. Our client works with a range of standards including the main international standards (e.g., ISO 9001, ISO 14001, ISO 27001, ISO 45001). They are seeking someone to focus on mainly information security so experience or … sessions to staff on system awareness, compliance, and continual improvement. Advise on integration of multiple standards into a unified management system. Requirements Essential Skills & Attributes Strong understanding of ISO standards and management system principles. Excellent analytical and problem-solving abilities. Exceptional written and verbal communication skills. Ability to work independently and manage multiple client projects. High level of … not essential. Training & Development Training will be provided where required to support specific standards, tools, or client needs. Opportunities for ongoing professional development and certification support. Engagement Terms Freelance / Contract basis with flexible working arrangements. Project-based or retainer agreements depending on client scope. Competitive day rates based on experience and project complexity. More ❯