51 to 75 of 476 ISO/IEC 27001 Jobs in the UK excluding London

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees) Familiarity with other standards such as ISO / IEC 27001, ISO 27005, OWASP, and MOD ISN 23 / 09 Ability to identify, assess and mitigate risks across software and hardware More ❯

zones and geographies is a key part of our culture and success. How will you contribute? ISMS Governance & Controls Assurance Lead the maintenance and continuous improvement of Smarshs ISO 27001-aligned ISMS. Oversee the control assurance programme, ensuring robust evidence collection, control testing, and continuous monitoring. Own key internal and external audit workstreams, including SOC … ISO 27001, FedRAMP and customer audits. Cybersecurity Risk Management Drive the risk assessment lifecycle, embedding business, technical, and supply chain risk perspectives. Enhance risk methodologies and tools, integrating real-time risk metrics into dashboards and governance forums. Support risk acceptance processes and facilitate cross-functional remediation plans. Regulatory, Contractual & Client Assurance Monitor emerging regulations (e.g. DORA … at the heart of everything we do. We work closely with the most popular communications platforms and the worlds leading cloud infrastructure platforms. We use the latest in AI / ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be More ❯

security culture and architecture promoting continuous improvement, innovation and agility in how services are delivered Acting as a trusted source of advice, and support the whole organisation to build / buy / rent modern technology services which are secure but maintain the highest levels of accessibility Key Skills and Experience Required: Ability to bridge the gap between technical … or services and identify the associated risks and vulnerabilities Experience of delivering systems and security designs, patterns and decisions at pace Expert knowledge of adopting best practice security methodology / standards (including standards such as ISO / IEC 27001 and Cyber Essentials) Deep knowledge of using information and security legislation to enable More ❯

continual learning, collaboration, and innovation. We don't just support businesses - we shape how they stay secure, agile, and competitive. We are now looking for a talented Cybersecurity Lead / Specialist to join our growing team and take ownership of our cybersecurity offering. This is a hybrid, hands-on role that blends strategy with technical implementation - ideal for someone … Analyse alerts, threat intelligence, and forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are … clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM / SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding More ❯

continual learning, collaboration, and innovation. We don't just support businesses - we shape how they stay secure, agile, and competitive. We are now looking for a talented Cybersecurity Lead / Specialist to join our growing team and take ownership of our cybersecurity offering. This is a hybrid, hands-on role that blends strategy with technical implementation - ideal for someone … Analyse alerts, threat intelligence, and forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are … clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM / SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding More ❯

RoboShadow, Microsoft Defender, and ThreatLocker Assist with incident response playbook development and execution, analysing alerts and threat intelligence for effective remediation Contribute to client compliance guidance across Cyber Essentials / CE+, ISO 27001, and PCI DSS frameworks Provide technical support for pre-sales activities and deliver cybersecurity awareness training to clients Support internal knowledge sharing … environments, or strong development motivation Technical familiarity with security tools including CrowdStrike Falcon, Microsoft Defender, Conditional Access, and MFA Understanding of compliance frameworks such as Cyber Essentials Plus, ISO 27001, and PCI DSS Interest in incident response and real-world security investigations Foundational knowledge of identity security, patch management, and user awareness training Strong written and … Skills you'll gain or strengthen Industry certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, or PCIP Penetration testing or red teaming exposure SIEM / SOAR platform experience, particularly Microsoft Sentinel MSP toolset familiarity, including Autotask, IT Glue, or Rewst Career Development Opportunities. This role offers clear advancement potential within our expanding cybersecurity practice. More ❯

services, enhancing efficiency, customer experience, and digital capability. Oversee the management of IT infrastructure, cloud services, enterprise applications, and cybersecurity frameworks. Ensure compliance with regulatory standards (e.g., GDPR, ISO 27001, Cyber Essentials+) and proactively manage cyber risks. Lead digital programmes including automation, data analytics, self-service, and agile delivery models. Build and develop a high-performing … contracts, and service levels. Cybersecurity and Risk Management Lead the development and implementation of the Information Governance Framework, policies, and procedures. Ensure compliance with regulatory requirements e.g., GDPR, ISO 27001, Cyber Essentials. Proactively manage cyber risks and incident response plans Digital Transformation Drive digital programs including automation, data analytics, self-service platforms, and customer-facing technologies. … please see NHS Careers website. Employer details Employer name HMT Sancta Maria Hospital Address Unit 1 Langdon House Langdon Road Swansea West Glamorgan SA1 8QY Employer's website https: / / www.hmtsanctamaria.org / More ❯

Job Title: IT Security Manager Location: Hybrid in Buckinghamshire (2 days on-site) Job Type: Full-time, Permanent Salary: £60,000 - £67,000 + benefits Industry: Media / Broadcasting A leading Media / Broadcasting company based in Buckinghamshire are seeking an experienced IT Security Manager to join the Cyber Security team where you’ll mature the development of … Microsoft Security solutions, including Defender, Sentinel, Entra ID, and Microsoft Purview. Deep knowledge and practical application of security frameworks and standards including CIS, ISO 27001 / 27002, GDPR, DPA, and Cyber Essentials. Proven experience managing or working closely with Security Operations Centres (SOC), including incident response and threat detection. Demonstrable background in implementing and running … and risk-based security metrics. Ability to bridge security and IT operations teams, with effective stakeholder communication and collaboration. Security certifications such as CISSP, CISM, Microsoft Security (SC-100 / SC-200 / SC-300), or equivalent are highly desirable. Apply directly to learn more about this exciting opportunity or connect with me on LinkedIn to stay updated More ❯

sacrifice scheme Life Insurance (3x annual salary) Employee Assistance Programme (EAP) and workplace wellbeing initiatives Private Healthcare cash-back scheme Flexible working hours and location, open to part-time / condensed hours Flexible benefits, such as: Cycle to Work, volunteer days / opportunities and charity events Enhanced parental leave packages and enhanced sick pay Training and development opportunities … team building, company-wide events Role specifics Salary range: Market rate Reporting to: Head of Platform Key stakeholders: Technology and Product, InfoSec, Support Organisational Framework Level: 3 About you / Job Summary We are seeking a pragmatic and highly skilled DevSecOps Engineer to join our Platform team. In this role, you will be responsible for identifying, prioritising and remediating … prem systems. Define and run patch management processes for virtual machines, containers and serverless functions. Integrate vulnerability scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI / CD pipelines. Security Analysis & Incident Response Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging More ❯

hosted (often michelin star) lunches as well as half and full year icentive trips to places all over the world Vouchers Technology vouchers, activity passes, restaurant discount card Partner / family Benefits Option to add your partner / family to some of the benefits Access to Perklife, our dedicated portal for all perks and flexible benefits Maternity, Paternity … hosted (often michelin star) lunches as well as half and full year icentive trips to places all over the world Vouchers Technology vouchers, activity passes, restaurant discount card Partner / family Benefits Option to add your partner / family to some of the benefits Access to Perklife, our dedicated portal for all perks and flexible benefits Maternity, Paternity … hosted (often michelin star) lunches as well as half and full year icentive trips to places all over the world Vouchers Technology vouchers, activity passes, restaurant discount card Partner / family Benefits Option to add your partner / family to some of the benefits Access to Perklife, our dedicated portal for all perks and flexible benefits Maternity, Paternity More ❯

DSS, and CSA CCM. DevSecOps & Automation: Champion the integration of security into the entire SDLC (DevSecOps), promoting automated security testing, continuous compliance, and secure configuration management. Design secure CI / CD pipelines and infrastructure as code (IaC) templates. Your Profile Essential skills / knowledge / experience: 15+ years of progressive experience in Information Security, with a significant … Identity & Access Management (IAM) in cloud (e.g., AWS IAM, Azure AD, GCP IAM). Network Security (VPCs, firewalls, WAFs, micro-segmentation, private connectivity). Data Security (encryption at rest / in transit, KMS, data classification, DLP). Application Security (secure coding, API security, SAST / DAST, WAF integration). Container Security (Kubernetes, Docker, service mesh). Security Information … and Event Management (SIEM) and logging strategies. Zero Trust Architecture principles. Proven experience with DevSecOps methodologies and securing CI / CD pipelines. Strong understanding of security frameworks such as NIST CSF, ISO 27001, CSA CCM, and experience in translating these into practical architectural designs. Hands-on experience with security tools and technologies for vulnerability management More ❯

JUser: :_load: Unable to load user with ID: 994 Job Summary Infrastructure Architect / Permanent / Worcestershire Country: United Kingdom Location: Malvern Sector: Architect Job Type: Permanent Technologies: infrastructure architecture Cyber Security Windows Servers 2012 Microsoft Active Directory LAN WAN office365 VPN Security Cleared Infrastructure Architect / Permanent / Worcestershire Infrastructure Architect / Permanent / … security clearance. • Infrastructure auditing and record keeping. • Design and implementation of ISO 27001 policies and procedures. • Experience of IASME Cyber Essentials. • Evaluation of candidate hardware / software solutions in a formal manner, involving requirements definition, evaluation, and presentation of recommendations. • Cloud technology including AWS and Azure. • Microsoft SharePoint and Dynamics CRM. • Docker or other lightweight More ❯

Security Analyst / SOC Analyst Contract £475 PD (Inside IR35) – 6 months 2-3 days onsite Peterborough Overview An excellent opportunity has arisen with a global brand for a Security Analyst / SOC Analyst on a 6-month Contract basis. You’ll play a key role in security operations, vulnerability management, compliance auditing, and incident response, ensuring robust … exception tracking, and remediation Handle EDR alert triage (CrowdStrike) and escalate incidents as needed Conduct system audits for ISO 27001 compliance and review pen test / vulnerability scan outputs Perform log analysis, assist with threat hunting, and escalate risks or unusual activity Develop incident reports and track system impacts for analysis and improvement Collaborate with … communication skills Desirable Experience in managed services or multi-tenant environments Familiarity with compliance frameworks (ISO 27001, PCI-DSS, NIST) Relevant certifications (CEH, CISSP, Security+ / CySA+, etc.) Knowledge of ITIL and experience with change-controlled environments Security Clearance (SC) or ability to be cleared More ❯

client engagements. Essential Skills Demonstrable track record in technology risk, digital resilience, IT audit or cyber-resilience within financial services (in-house or consulting). Deep understanding of UK / EU regulatory drivers (e.g., FCA / PRA Operational Resilience Policy, DORA, SYSC 8, PS 21 / 3, CP4 / 24) and relevant industry frameworks (COBIT, ITIL … ISO 27001 / 22301, NIST CSF). Strong analytical skills with the ability to translate complex technical issues into clear, business-focused recommendations. Possession of strong team working and leadership skills, including the ability to work as a team and under your own initiative. Ability to communicate clearly with colleagues and clients at all levels. … Preferred Skills Professional certifications: CRISC, CISA, CISM, CISSP, CBCI, ISO 22301 Lead Implementer / Auditor, PRINCE2 / AgilePM. Prior involvement in regulatory remediation Technical financial services knowledge, including an understanding of the Insurance, Asset Management and Banking industries. Commercial acumen and an interest in how complex organisations operate. More ❯

Quality Compliance Executive, ISO, Secuirty, SaaS, Cloud £50-60k Our client , a trusted and fast-growing leader in the [industry Saas / digital infrastructure / professional services / Cloud, is looking for a Quality Compliance Executive to join their team. This is a key role within the business, ensuring their internal systems, policies, and … accreditations not only meet regulatory expectations but set the benchmark for excellence. This is a brilliant opportunity for someone who thrives in process, governance and ISO compliance, and is ready to take ownership of end-to-end quality and regulatory functions across the business. What you’ll be doing: As a Quality Compliance Executive Policies, Procedures & Process Governance … Supporting the delivery of strategic management plans that align with the company’s ISO and regulatory obligations. Managing the Compliance & Regulatory Calendar—ensuring each department knows what's needed and when. Helping teams build out, document and follow clear procedures, tracking evidence to demonstrate compliance. Coordinating audits and keeping records of key business processes. Driving awareness and training More ❯

pivotal role in managing and maintaining their IT infrastructure, ensuring the continuous operation of critical systems both on-premises and in their data centres. You will lead a 24 / 7 NOC team and work closely with our outsourced SOC to guarantee the security and reliability of their services. This role requires a hands-on approach to technical support … Bank Holidays Enhanced Pension Death in service Main duties and responsibilities: Oversee IT systems at UK data Centres, ensuring reliable and robust service delivery. Manage a UK-based 24 / 7 NOC operation of Networks, IT systems, servers, switches, routers and resolve incidents or issues / actions. Ensuring adherence to Information Security Management, ISO 27001 … and UK legal standards, especially Nations Infrastructure (CNI) Manage recording and monitoring of Service Level Agreements(SLA) for all incidents / issues / changes in conjunction with the Services IT Head and NOC / SOC. Provide first-line technical support when required and support remote users for hardware and software issues / improvements / changes More ❯

fostering a culture of security awareness throughout the organisation. Security Strategy Development: Design and implement a comprehensive information security strategy that aligns with business objectives and complies with ISO 27001 standards. Microsoft 365 Expertise: Leverage Microsoft 365 tools to enhance security measures, ensuring optimal configuration and deployment to protect data and information assets. Data and Information … s security posture. Requirements Bachelor's degree in Information Security, Computer Science, or a related field. 5+ years of experience in information security management, with a focus on ISO 27001 and compliance. Strong expertise in Microsoft 365 security features and configurations. Proven background in cybersecurity, risk management, and data governance. Excellent analytical and problem-solving skills … with the ability to think strategically. Strong communication and interpersonal skills, with a focus on collaboration and teamwork. Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable. Other information Your package and perks At M247, we go beyond the pay check to bring you a package of perks that truly enrich your journey More ❯

within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO / IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally and externally. Assist in remediation activities to resolve audit … logical reasoning and problem-solving abilities 2:1 degree in an IT or Science, Technology, Engineering or Mathematics (STEM) subject desired Knowledge of GDPR and Data Protection Knowledge of ISO27001 and other best practice security management frameworks Experience in third party security auditing Knowledge of cloud security controls Knowledge of the legal sector WHAT CAN YOU EXPECT WithAddleshawGoddard, youcanexpect asupportiveteam … year, with a review to increase in your second year (subject to performance). The team will also be supportive of the following courses for the graduate to complete: ISO27001:2022 Lead Auditor Course, CISSP (Certified Information System Security Professional), CompTIA Security+ and Soft skills courses. Corebenefitsinclude Life Assurance, Income Protection, Pension and Bonus schemes,withadditionalHealth & Wellbeingbenefitsand services, plus manyvoluntaryLifestylebenefits More ❯

within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO / IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally and externally. Assist in remediation activities to resolve audit … year, with a review to increase in your second year (subject to performance). The team will also be supportive of the following courses for the graduate to complete: ISO27001:2022 Lead Auditor Course, CISSP (Certified Information System Security Professional), CompTIA Security+ and Soft skills courses. Core benefits include Life Assurance, Income Protection, Pension and Bonus schemes, with additional Health … logical reasoning and problem-solving abilities 2:1 degree in an IT or Science, Technology, Engineering or Mathematics (STEM) subject desired Knowledge of GDPR and Data Protection Knowledge of ISO27001 and other best practice security management frameworks Experience in third party security auditing Knowledge of cloud security controls Knowledge of the legal sector Any Additional job details Location Manchester Contract More ❯

s digital assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also … will bring proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and … recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your More ❯

s digital assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also … will bring proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and … recommend effective mitigations is highly valued. Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your More ❯

of high-quality NHS services. Established 28 years ago as an out of hours GP service, we have now grown significantly and deliver a full range of services, 24 / 7, to support 111, Primary Care Networks, Integrated Care Systems, Acute and Community NHS Trusts. We are incredibly excited to now be embarking on the next stage of our … in a tidy and safe way and free from hazards - Actively reporting of health and safety hazards and infection hazards immediately when recognised Keeping own work areas and general / patient areas generally clean, assisting in the maintenance of general standards of cleanliness consistent with the scope of the job holders role Undertaking periodic infection control training (minimum annually … of patients, carers and colleagues. Behaving in a manner which is welcoming to and of the individual, is non-judgmental and respects their circumstances, feelings priorities and rights. Personal / Professional development: The post-holder will participate in any training programme implemented by the practice as part of this employment, such training to include: Participation in an annual individual More ❯

secure cloud infrastructure using Oracle Cloud Infrastructure (OCI). Develop and manage Infrastructure as Code (IaC) with tools like Terraform to enable secure, repeatable deployments. Implement and manage CI / CD pipelines, focusing on automated security testing, deployment, and monitoring. Ensure all aspects of the data platform OCI infrastructure, data ingest pipelines, tool deployments, access controls, and monitoring are … Hands-on experience with cloud infrastructure, ideally Oracle Cloud (OCI), including provisioning, configuration, and service management. Proficient with Terraform or similar IaC tools. Skilled in implementing and maintaining CI / CD pipelines (e.g., GitHub Actions), especially with automated security testing. Strong knowledge of containerisation (e.g., Docker) and orchestration (e.g., Kubernetes). Deep understanding of cloud security principles: IAM, network … security, encryption. Experience with monitoring / alerting tools (e.g., Prometheus, Grafana, ELK stack). Proficient in Git or other version control systems. Desirable Knowledge, Skills and Experience: Certifications in OCI or other cloud platforms (AWS, GCP). Experience with security tools like OWASP ZAP, Burp Suite, etc. Familiarity with Jira, Confluence, or similar tools. Knowledge of compliance frameworks (e.g. More ❯