151 to 175 of 712 ISO/IEC 27001 Jobs

and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles / services as a requirement, across multiple technical areas. The role requires the ability to "lead by example" and perform line management for direct reports and manage service partners reporting … On-prem and Virtual product) Solution Life Cycle Management and removal (via decommissioning and succession planning) of technical debt. Drive a document first culture to new and legacy platforms / solutions. Oversee management of the End User Compute estate via Intune Act upon and proactively manage all estate patch management requirements (on-prem, virtual, & physical) for software, hardware, and … optimal service delivery and value for investment. Negotiate cloud service agreements, monitor SLAs, and ensure vendor compliance with security and data protection policies. Monitor, forecast and efficiency manage vendor / solution spend against defined budget. Oversee third-party SaaS solutions, ensuring they align with the organisation's cloud-first strategy and security requirements. Refine and develop external and internal More ❯

Assurance and Certification Manager Location: Portsmouth, Hybrid (2 days p / week) Employment Type: Permanent Salary: £65,000 - £75,000 Are you passionate about driving compliance, risk management, and organisational excellence in a dynamic, collaborative environment? Robert Half we are seeking an experienced Assurance and Certification Manager to work with their leading MSP client Responsibilities: Lead the development, implementation … and continuous improvement of assurance, compliance, and certification frameworks. Manage and sustain ISO accreditations (e.g., ISO 9001, 14001, 27001, and others) and integrate emerging AI standards into organisational processes. Conduct comprehensive internal and external audits, risk assessments, and compliance gap analyses across multiple regions. Collaborate with cross-functional teams to align certification objectives with … dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: roberthalf.com / gb / en / privacy-notice. More ❯

and investment priorities to support long-term growth. Governance & Compliance Own company-wide security governance, including data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of … with engineering to embed security in the SDLC and infrastructure. Guide secure design for cryptographic systems, transaction flows, and the Energy Network. Ensure resilience across distributed devices and on / off-chain systems. Security Culture & Collaboration Promote a security-first culture across product, data, legal, and compliance. Represent Fuse externally in customer, regulatory, and industry engagements. 5+ years in … incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer Science, Information Security, or related field. Bonus: Experience with CTFs, red / blue team exercises, or offensive security. Competitive salary and a stock options sign-on bonus Biannual bonus scheme Fully expensed tech to match your needs! Paid annual leave Breakfast More ❯

vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST, and CIS. Integrate vulnerability scanning and remediation into CI / CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting languages such as Python, Bash, PowerShell, or Go. Collaborate … and remediation practices. Person Specification Proven experience in vulnerability management across hybrid (on-prem and cloud) infrastructure. Hands-on experience with Tenable and integration of VM tools into CI / CD pipelines. Strong scripting skills using languages such as Python, Bash, PowerShell, or Go. Familiarity with APIs, automation workflows, and integrating with platforms like Jira, ServiceNow, or Slack. Ability … to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the ability to explain complex technical issues to non-technical stakeholders. Analytical and solution-oriented mindset with the ability to drive improvements independently and as More ❯

failure. Essential Skills & Experience: At least 2 years of hands-on experience in information security or IT infrastructure within an enterprise environment. Familiarity with security standards such as ISO 27001, Cyber Essentials, GDPR, and Data Protection Act. Experience with Microsoft O365 Security solutions and network security operations. Understanding of security testing principles, including vulnerability scanning, risk … apply now. Keywords: Information Security Consultant, IT Security Consultant, Cybersecurity Specialist, Microsoft O365 Security, Enterprise Security Jobs, Information Security Leeds, IT Risk Management, Security Incident Response, Vulnerability Management, ISO 27001, GDPR Compliance, Security Awareness, Disaster Recovery and Business Continuity. More ❯

thorough evaluations of supplier policies and procedures, current security controls, third party pen testing reports, vulnerability management reports, and information security reports such as SOC2 Reports, NIST or ISO 27001 reports, PCI DSS etc). Manage relationships with large third-party suppliers involved in transformative, high-impact projects and Business as usual activities. This included facilitating … these vulnerabilities Work with internal stakeholders (procurement, legal, IT, compliance) to integrate third-party risk considerations into vendor selection and contract management processes. Responsible for confirming the Inherent Risks / Residual Risks and the effectiveness of Supplier security measures and controls. Reviewing and analysing the daily vulnerability reports generated by the third party risk management tool. Confirm reported vulnerabilities … stakeholder management skills. Experience with risk assessment tools and methodologies. Ability to work independently and manage multiple priorities You'll have the right to work in Ireland (EU Citizen / Stamp 4 Visa) Happy to work in a hybrid model and be on-site for meetings as required Salary Starting salary is €81,000 with a leading benefits package More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

driven, no-nonsense approach to delivery Technically fluent and able to identify and resolve delivery risks through direct engagement with engineers Familiar with governance and compliance frameworks (e.g. ISO 27001) while keeping delivery lean and pragmatic Clear and confident communicator across technical and executive levels Detail-oriented with a sharp eye for spotting risks and weaknesses … Effective in using streamlined processes and high-impact reporting tools (e.g. RAID logs, 1-page dashboards) Preferred Certifications: PRINCE2 Practitioner ITIL AWS or Azure Cisco (desirable) Awareness of ISO control frameworks such as ISO 27001 More ❯

now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer – Responsibility: Carry out daily security engineering / operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make … recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application / web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer – Skills: Experience in Security Engineering, Network Security, and / … protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA / CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants More ❯

DevOps engineers. Core Skills Deep technical experience in infrastructure design, build, and deployment, including private and public cloud, networking, connectivity, storage, and virtualization Strong technical experience of the Microsoft / Azure ecosystem (Networking / solutions, Monitor, Licensing / Cost Management, IaaS / PaaS services) and Infrastructure as Code Experience working with Azure technologies such as virtual … machines, Cloud Services, web apps, function apps, Azure Active Directory, Virtual Networks, etc. Creating and managing CI / CD pipelines using tools such as Azure DevOps, Octopus Deploy, and Terraform to deploy both infrastructure and applications Experience in managing both project and operational change; including estimating, resource allocation, status reporting, and cost management Experience in modernizing / migrating … existing systems to cloud-based serverless architecture Well-versed in Windows Operating Systems and Active Directory domain services Experienced in the use of Azure platform services, PowerShell / Azure PowerShell, and the Azure Portal Experience with configuration management and automation technologies Proficiency in cloud cost optimization strategies Knowledge of security compliance standards (e.g., ISO 27001 More ❯

Shared responsibility for operating the Change Management process, including ensuring stakeholders are following the correct process at all times Adhere to the Request For Change process for all application / Workflow changes Ensuring the support ticketing system is kept up to date at all times … Highlight to the line manager any concerns regarding conflicting duties or areas of responsibility. Operate within the processes, policies and standards of e.Surv information security management system, aligned to ISO27001 Adhere to all policies and operating procedures of the IT department. Being an active member of the team. Knowledge and Expertise Essential: Extensive experience gained in supporting critical business applications … a confidential discussion on the full details of this role please contact Alka Tarafdar In your Application, please feel free to note which pronouns you use (for example, she / her / hers, he / him / his, they / them / theirs) e.surv is an equal opportunity and Disability Confident employer, dedicated to More ❯

governance, risk, and assurance. Key Responsibilities: 1. Governance, Risk & Compliance (GRC) Management Develop, implement, and maintain GRC policies, frameworks, and procedures aligned with industry standards and regulatory requirements (ISO 27001, NIST, SOC 2, GDPR, HIPAA, PCI DSS). Conduct … workshops to gather requirements for risk assessments and security reviews, ensuring risk mitigation strategies are in place. Maintain a risk register and track risk management initiatives. Lead third-party / vendor risk assessments requirement gathering, ensuring supplier security and compliance. Collaborate with leadership to align GRC practices with business objectives. 2. Compliance & Assurance Ensure the organization meets regulatory requirements … and industry best practices. Manage compliance audits (ISO 27001, SOC 2, PCI DSS, GDPR, HIPAA) and coordinate with internal / external auditors. Conduct compliance monitoring and provide periodic reports on adherence to policies. Develop and implement assurance programs to validate control effectiveness. Stay updated on changing regulations and emerging compliance risks. 3. Business Analysis & Process More ❯

including fintech and e-commerce. About the Role As an IT Auditor, you'll play a central role in delivering Kula's "smart auditing" approach-merging IT assurance (ISO 27001, ISAE, SOC) with financial audits. You'll work with clients that rely heavily on IT for internal controls and compliance. Your role will span IT audits … part of a skilled and collaborative team. You'll also contribute to internal innovation and the growth of our assurance services. Key Responsibilities Conduct IT audits aligned with ISO 27001, ISAE, and SOC standards Support financial statement audits by testing general IT controls (GITCs) Provide guidance on IT risk, cybersecurity, and regulatory compliance Advise clients on … Are The ideal candidate: Holds a university-level degree and a RE designation Has 3-5 years of relevant experience in IT audit, financial audit, internal audit, or risk / compliance Has working knowledge of assurance engagements (SOC / ISAE) and financial audits Is analytically sharp, communicative, and adaptable Enjoys a mix of IT audit, compliance work, and More ❯

Your role will be responsible for demonstrating compliance to customer security objectives by mapping product attributes to customer security related requirements and development processes to prescribed standards (e.g. ISO 27001, NIST SP 800-37). You will assist internal product groups composed of multi-disciplined engineers in assessing product security gaps, developing product requirements, risk mitigation … factors including (but not limited to) the role and associated responsibilities, location, and market and business considerations, as well as the candidate's work experience, key skills, and education / training. Skills and Experience: Strong Linux and Windows knowledge and command line skills Understanding of Operating System (Linux & Windows) hardening procedures and impact on operation Experience with requirements management … Working knowledge of Networking Security technologies and solutions (Firewalls, IDS, Routing, Switching) Experience with vulnerability assessment, penetration testing, risk assessments and associated tools Knowledge of domain standards (e.g. ISO 27001, ICAO 9985) and how to apply them to product development and the support of operational systems Experience working with demanding cyber-aware customers, listening to and More ❯

Security Architect (London | Hybrid | Cloud, NIST, SABSA) A leading global financial services firm is hiring an Enterprise Security Architect for a permanent position based in London (2 days onsite / week) . Key Tech & Frameworks: Cloud Security (SaaS, IaaS, Infrastructure) SABSA, NIST CSF, ISO 27001 / 2, SP 800-53, SANS Top 20 Risk More ❯

including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and / or external compliance audit activities. Manage remediation of any audit (internal & External) non-conformities. Ensure security policies (on a risk-based approach) are produced, signed off by relevant stakeholders … up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us who we … our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who can influence More ❯

experience in the field of Information Security, preferably in a senior or advanced analyst role. Proven experience in managing and auditing Information Security Management Systems (ISMS) aligned with ISO 27001 standards. Strong skills in risk assessment, vulnerability identification, and development of practical security solutions for complex IT environments. Experience with penetration testing and vulnerability assessments; certifications … to achieve their goals and an environment in which they can thrive. Apply for this job indicates a required field First Name Last Name Email Phone Location (City) Resume / CV Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf DATA PRIVACY NOTICE FOR APPLICANTS Select Please review … the below link and confirm Which office are you applying to be based in? Select Do you have experience working to ISO 27001 standards? Select Do you require sponsorship to work in the UK? Select Do you have work experience in Ethical Hacking? Select Are you willing to work in the office 3 days a week More ❯

experiments we ought to start Several existing and potential new experiments related to a new market If not already covered above VPN termination, Jump Host solutions and SIEM / component management SOC integration Pre-requisites: 3-5 years working in an Agile mode Minimum 3+ years security architecture + PCI experience Understands GDPR / ISO 27001 … TOGAF or NIST or equivalent Further info: Competitive Basic / day rate South, UK To apply: Please either register your CV and complete the information fields requested or send your CV to referencing LCL113 and your current salary More ❯

stay for the same one: our culture. It's what sets us apart, and the reason our employees have been turning down headhunters for years. Whatever your priorities - work / life balance, career progression, sustainability, volunteering - you'll find like-minded people driving change at Howden. Technology Third Party Risk Manager Location: London Department: Group Technology and Data Risk … risk indicators. Support the preparation of dashboards and reports for senior team members. Policy Consistency:Ensure third-party engagements align with internal policies and regulatory requirements (e.g., DORA, ISO 27001). Collaboration:Work closely with procurement, legal, and information security teams to ensure a consistent approach to third-party risk ensuring adherence to regulatory requirements. Documentation … Management, Computer Science, or a related field. Proven track record in technology risk, third-party risk management, or IT audit. Strong understanding of regulatory frameworks and standards (e.g., ISO 27001, NIST, DORA, SOC 2). Evidence of ability to handle complex vendor relationships and risk assessments. Excellent analytical, organisational, and problem-solving skills. Strong written and More ❯

management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and … practices, while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems More ❯

management framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and … practices, while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems More ❯

or civilian). Strong stakeholder engagement skills and the ability to explain technical risks in simple terms. Familiarity with security frameworks or policies such as JSP440, NCSC guidance, ISO 27001, Cyber Essentials or similar. Ability to travel and work on-site at secure locations. Qualifications and Training: SC clearance is essential (DV desirable). If you … hold or are working towards qualifications like CISSP, CISM, CompTIA Security+ or ISO 27001 that’s great – if not are client will help you work towards them. Degree-level education is advantageous but not essential if you have equivalent experience. More ❯

will be directly responsible for continued success of the entire Aforza product suite. As such, the ideal candidate must be hands-on, flexible, and used to working in startup / scale up environments, where every employee has a direct impact on the company's success. All of Aforza's cloud applications, microservice and websites are hosted on Google Cloud … with IaC tools such as Terraform Strong understanding of authentication and authorization protocols such as OAuth 2.0, OIDC, SAML etc Experience with SQL and NoSQL databases Experience with Docker / Kubernetes Knowledge of security and IAM best practices You might not have all of the above, but don't let that stop you. We're excited to hear from … benefits, including: Work on cutting edge technologies with world leading customers Stock options 25 days PTO & bank holiday Pension Private health cover & income protection Flexible hours and hybrid remote / office working Fantastic, brand new office space in the heart of Cardiff city centre Our Interview Process Director, Cloud Infrastructure Cardiff / Remote (UK only) About Aforza Aforza More ❯