1 to 25 of 50 ISO/IEC 27001 Jobs in West Sussex

in security audits, identifying vulnerabilities, and ensuring adherence to security policies. • Develop and enforce GCP security hardening measures (network segmentation, access controls, encryption, GDPR / ISO 27001 compliance). • Design and implement ETL pipelines for marketing data into BigQuery for Looker. • Optimise BigQuery data models … as a Cloud Engineer, specialising in GCP. • Proven background in marketing data environments, understanding infrastructure needs for marketing analytics and CDPs. • Demonstrable experience leading / contributing to security audits, vulnerability assessments, and compliance initiatives (GDPR, ISO 27001) within GCP. • Expertise in IaC with a strong … Terraform. • Profound understanding of GCP networking, security services, and IAM. • Proficiency in scripting (Python, Bash, Go). • Experience with containerisation (Docker) and orchestration (Kubernetes / GKE) is desirable. • Strong understanding of monitoring and logging tools. • Excellent problem-solving and communication skills. • Relevant GCP certifications are highly advantageous. Infrastructure Engineer More ❯

providers, and outsourced services. Ensure compliance with DORA’s outsourcing requirements, including due diligence, contract oversight, and continuity planning. Audit & Assurance: Participate in internal / external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes … risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies. Technical Compliance & Security: Advise on vulnerability management, endpoint security (EDR / XDR), and cloud compliance. Good understanding on IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM … for: Experience: 5+ years in GRC roles; financial services or banking experience is a strong plus. Understanding of GDPR, DORA, PCI DSS, and outsourcing / third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools. Proficiency in IAM (Identity More ❯

This role will be crucial in expanding and maintaining our cloud infrastructure, developing microservices, and ensuring a robust security posture in line with ISO 27001 standards. This is an exciting opportunity to contribute to a company at the … forefront of the energy transition. Key Responsibilities: Design, implement, and manage cloud infrastructure on platforms such as Azure or AWS, Develop and maintain CI / CD pipelines to automate software deployment and infrastructure management. Code and deploy microservices using appropriate programming languages and frameworks. Implement and maintain robust monitoring … but AWS or GCP considered). Experience with IaC tooling via Terraform or OpenTofu, Experience with containerization technologies (Docker, Kubernetes). Experience with CI / CD tools (e.g., Jenkins, GitLab CI, Azure DevOps). Proficiency in at least one scripting language (e.g., Bash). Understanding of networking concepts and More ❯

and influence. What You'll Be Working On: You’ll support key client projects across a diverse and exciting portfolio, including: Framework Compliance : ISO 27001, NIST, PCI-DSS Security Assurance : Audit, controls assessment, reporting Third-Party Risk Assurance : Vendor risk reviews, supply chain assessments Cloud Security … to finish. You’ll Need: Proven experience in a security consulting role (client-facing or internal consulting) Strong understanding of Information Security frameworks (ISO 27001, NIST, PCI-DSS) Hands-on experience delivering security assessments, audits, or assurance reviews Awareness or experience with cloud platforms (Azure, AWS … personal development, mentoring, and continuous learning Growth Journey: Join at an exciting time — with plans to double headcount and expand services Certifications (Required): ISO 27001 Lead Auditor CISSP or CISM More ❯

through our risk management framework and ensuring key risks are reported to the CISO. Performing regular internal security audits aligned to ISO / IEC 27001 and SOC2 controls. Developing our security awareness training programme aligned with internal security policies. Comfortable engaging with customers … NCSC CAF), supporting processes and toolsets. Ability to breakdown and solve complex problems across multiple domains and successfully lead the recovery of major and / or complex security incidents. Knowledge and experience of threat hunting and problem-solving through reviewing logs and identifying anomalous activities. More ❯

controls, and preparing for audits while also providing consultation on PCI requirements to Engineering, SecOps, and Architecture teams. Additionally, the role will support ISO 27001, SOC 2 Type 2, and other certification audits, assist with security assurance activities such as design reviews and client security questions … identify areas of improvement. Stay up to date with PCI DSS standard updates and ensure timely adaptation of new requirements. Manage and support ISO 27001 and SOC 2 Type 2 certification processes, ensuring evidence gathering, control validation, and audit preparation. Assist in responding to client security … Strong understanding of PCI DSS requirements, controls, and assessment processes. Hands-on experience with security controls, cloud environments, and security architecture. Experience with ISO 27001, SOC 2 Type 2, or other security frameworks. Proven ability to work effectively with senior leadership, auditors, external partners, and cross More ❯

levels are fully understood. Focus on building relationships and growing business with the customer, identifying new opportunities for the business. Your Profile Essential skills / knowledge / experience: Skilled in architecture design for systems and the underlying security infrastructure (i.e. firewalls). Holder a recognised, current security certificate … e.g., CISSP / CISM). Experienced in managing operational security activities. Solid understanding of regulatory and compliance requirements, including security frameworks such as NISTCSF, ISO 27001 and GDPR. Demonstrable experience with security technologies and architectures. Previous experience advising software development teams and agile delivery methods. … low latency applications. Good communication and negotiation skills. A team player. Result oriented. Possess good problem-solving skills, planning and organizing skills. Desirable skills / knowledge / experience: Experience of designing security architecture within the retail sector. Rewards & Benefits TCS is consistently voted a Top Employer in the More ❯

How you will contribute: Lead and manage a small team of Information Security Analysts, providing direction, support and development. Own and maintain our ISO 27001 Information Security Management System (ISMS), ensuring compliance and continuous improvement. Drive the implementation of Cyber Essentials Plus and other key security … for security compliance and manage associated risks. What you will bring: Proven experience managing an ISO 27001 ISMS and achieving / maintaining certification. Strong understanding of Cyber Essentials Plus and experience implementing it. Solid knowledge of information security principles, risk management and compliance. Experience leading More ❯

to a cloud environment, ideally AWS is ideal. So what do you need to be successful in this role? Industry experience in an Information / Cyber Security role Experience in information security management: This includes using industry-standard frameworks like NIST CSF, ISO 27001, or … SOC2 Familiarity with SDLC Knowledge of completing security audits i.e Cyber Essentials or ISO 27001 Technical knowledge and experience in Windows, AWS, Active Directory, Firewalls and MITRE Att&ck. Ability to commit to one day per week at their Stockport office If this sounds like you More ❯

baselines in line with industry standards (e.g., NIST, CIS, ISO 27001). Configure and manage Microsoft Defender for Office 365 / Cloud / Endpoint / Servers, Purview (Information Protection, Data Loss Prevention), and Microsoft Entra (Azure AD) security features. Experience of integrating with … Entra ID. Strong understanding of identity, access management, and conditional access controls. Familiarity with regulatory and compliance frameworks such as GDPR, HIPAA, and ISO 27001. Proficient with Microsoft security and compliance portals, PowerShell scripting, and automation tools. Relevant Microsoft certifications (e.g., SC-100, SC-300, MS-500, AZ More ❯

s been through this before and knows what it takes. Familiarity with ISO 27001, IT GRC, GxP compliance, and SaaS / cloud environments is also important, but SOC 2 is the headline act here. You’ll collaborate closely with teams across the company, from InfoSec … SOC 2 and ISO 27001 implementation efforts. Strong knowledge of the AICPA Trust Services Criteria and the kinds of IT / security controls that support them. A background in InfoSec, IT, Life Sciences, or something similar — a degree in one of these areas is a More ❯

Support Team. Oversee and maintain key business systems, including Office 365, Salesforce, Simpro, Xero, Power BI, and Unifi Networks. Lead IT projects, including ISO 27001 implementation, phone system replacement, and system integrations. Ensure cyber security compliance (Cyber Essentials, ISO 27001) and system More ❯

Head of Engineering / System Development Manager - up to £70k base with great benefits Remote working with an office Glasgow We are looking for a strategic, hands-on Head of Engineering to lead and scale our software engineering function. This senior leadership role will focus heavily on software engineering … RESTful services, rate limiting, versioning, monitoring, etc.). Ensure high data consistency, operational integrity, and well-documented interface contracts between services. Software Delivery, CI / CD & DevOps Define and implement scalable CI / CD pipelines using modern DevOps tooling, including automated build, test, deploy, and rollback strategies. Champion … with security engineers to integrate security throughout the software lifecycle (shift-left security, secure coding, threat modelling). Own the implementation of secure authentication / authorization practices, audit logging, encryption at rest / in transit, and other application security standards. Ensure software and infrastructure meet organizational security and More ❯

Support Engineer 2nd Line – Onsite (2-3 days Mancs Hybrid) - Award-Winning MSP 🚀 Uncapped training budget | Private Medical | excellent career progression opportunties Paying £30 / 35k (DOE) Uncapped training budget, continuous funding for industry accreditations!! Hybrid working with travel to client sites Are you a confident, well-rounded IT … of support tasks and manage workload independently or as part of a team. Deliver exceptional customer service, seeking feedback and continuously improving. Follow ISO 9001 and ISO 27001 quality and security standards. Stay current with new technologies and contribute to the team’s technical … Service Desk or Field-based IT support role. Hands-on experience with Microsoft technologies (Windows Server, Microsoft 365), cloud platforms (Azure, AWS), networking (TCP / IP, LAN / WAN, switching, firewalls), and virtualisation (Hyper-V, VMware). Excellent communication skills – written and verbal. Confident, professional, and organised approach More ❯

enforce security policies, standards, and procedures Work with IT and development teams to implement secure system designs and configurations Support compliance initiatives (e.g., ISO 27001, NIST, GDPR, PCI-DSS) by assisting with audits and documentation Conduct security awareness training and phishing simulations for employees Keep up … security or cybersecurity role Strong understanding of security principles, frameworks, and practices (e.g., CIA triad, defense in depth) Experience with SIEM tools, intrusion detection / prevention systems (IDS / IPS), firewalls, and endpoint protection Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and remediation processes Knowledge of networking More ❯

for teams 🔒 Maintaining continuous oversight of emerging threats, vulnerabilities, and ensuring swift action 📄 Supporting alignment with future certification frameworks such as GovAssure, NCSC CAF, ISO27001 Requirements: 🧠 In-depth knowledge of NIST, ISO27001, ISO27701, NCSC, and Cabinet Office security best practices ✅ Proven track record across full security lifecycle: risk management, governance … incidents, pen testing 🏛️ Experience working in the UK Public Sector, ideally with the NHS / NHSE and government design principles ⚙️ Hands-on experience in Agile / DevOps settings using tools like Jira and Confluence Bonus Points 📘 📌 Certifications such as CISSP, CISM, or ISO 27001 … Lead Implementer / Auditor 🏥 Familiarity with NHS-specific or healthcare-related data protection requirements Deadline for applications is 30.05.2025 (17:00. More ❯

streams. Report progress to initiative leaders and BU sponsors; adapt plans as needed. Ensure adherence to quality standards, validation processes (e.g., Part 11, ISO 17025, ISO 27001), and Element’s compliance framework. Align deliverables to business priorities and ensure high adoption … rates in target labs. Support onboarding, training, and change management initiatives in close partnership with the business units. Occasional travel to European labs Skills / Qualifications Essential: Several years of experience as a Project Manager in IT or equivalent, ideally with exposure to LIMS or regulated lab environments. Demonstrated More ❯

base within the cyber resilience practice. Required Skills & Qualifications Technical Expertise Deep understanding of threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Experience with a … range of security technologies including: SIEM (e.g., Rapid7 InsightIDR) XDR (e.g., SentinelOne) Firewalls (e.g., Fortinet) Vulnerability Management (e.g., Rapid7 InsightVM) PAM (e.g., Delinea) SSE / ZTNA (e.g., Netskope) CNAPP / Cloud Security (e.g., Rapid7 InsightCloudSec) SOAR (e.g., Rapid7 InsightConnect) Automation tools (e.g., Ansible, Terraform) Project Leadership Proven ability More ❯

base within the cyber resilience practice. Required Skills & Qualifications Technical Expertise Deep understanding of threat intelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Experience with a … range of security technologies including: SIEM (e.g., Rapid7 InsightIDR) XDR (e.g., SentinelOne) Firewalls (e.g., Fortinet) Vulnerability Management (e.g., Rapid7 InsightVM) PAM (e.g., Delinea) SSE / ZTNA (e.g., Netskope) CNAPP / Cloud Security (e.g., Rapid7 InsightCloudSec) SOAR (e.g., Rapid7 InsightConnect) Automation tools (e.g., Ansible, Terraform) Project Leadership Proven ability More ❯

problem-solving and troubleshooting skills. Preferred: Experience with cloud platforms (e.g., AWS, Azure, GCP) and their integration with CyberArk. Knowledge of DevOps and CI / CD pipelines for secrets management. Familiarity with other PAM tools (e.g., BeyondTrust, Thycotic) is a plus. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001). Soft Skills: Strong communication and interpersonal skills. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality results. Proactive and self-motivated with a passion for cybersecurity. Education and Certifications: Bachelor’s degree in Computer More ❯

feeds, integrating insights to enhance protective controls. Produce actionable reports and dashboards on threat trends, vulnerabilities, and emerging risks. Contribute to tabletop exercises, red / blue team simulations, and incident readiness planning. Provide guidance on security architecture and work closely with engineering teams to reduce our attack surface. About … and broader Microsoft security tools. Deep technical understanding of Windows and Linux systems, networking, and security architecture. Familiarity with threat hunting methodologies, and endpoint / network security tools. Experience leading complex incident response investigations and containment efforts. Solid understanding of threat actor tactics and frameworks (e.g., MITRE ATT&CK … Cyber Kill Chain). Knowledge of standards and compliance frameworks like NIST, ISO 27001, PCI-DSS, and GDPR. Relevant certifications (e.g., CISSP, GIAC, OSCP, CREST) are desirable. Why join us? You'll be joining a forward-thinking security team committed to innovation and resilience. As a More ❯

with knowledge of vulnerability management tools and frameworks. Experience collaborating with governance and compliance teams to align technical controls with security standards (e.g., ISO 27001). Excellent troubleshooting, communication, and documentation skills, with the ability to collaborate effectively across teams. Technical Skills Strong understanding of Microsoft More ❯

to work under pressure in a changing environment Qualification Broad technical knowledge of cyber security controls demonstrated by attainment of appropriate qualifications e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance. Experience More ❯

Cyber Security Operations Centre (SOC) Consultant L ondon / Cheltenham - Hybrid Salary £45k - 60k YOU MUST HOLD ACTIVE SECURITY CLEARANCE IN THE UK!!!! THANKS A fast-growing, values-driven consultancy seeks a skilled professional with deep expertise in Cyber Security Operations Centre (SOC) practices. This role is ideal for … response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security technologies such as SIEM, IDS / IPS, EDR, etc. Excellent communication skills, including the ability to explain technical topics to non-technical audiences Apply here or reach out to r.kelly More ❯

networking, and automation. Key Skills & Qualifications Essential: 3-5+ years of hands-on experience in network engineering or administration. Strong knowledge of TCP / IP, DNS, DHCP, BGP, OSPF, VLANs, MPLS. Experience with Cisco, Fortinet, Palo Alto, or similar network hardware. Proficiency in network monitoring and troubleshooting tools … using NMS tools (e.g., SolarWinds, PRTG, Nagios). Diagnose and resolve complex network issues, outages, and security incidents. Conduct capacity planning and recommend hardware / software upgrades. Security & Compliance; Implement and manage network security policies, firewalls, and intrusion detection systems (IDS / IPS). Perform vulnerability assessments and … network penetration testing. Ensure compliance with ISO 27001, GDPR, SOC 2, and other industry standards. Cloud & Virtualization Networking; Manage cloud networking (AWS, Azure, Google Cloud) including VPCs, peering, and hybrid connectivity. Implement SD-WAN and cloud-based firewall solutions. Work with DevOps and automation teams to More ❯