1 to 25 of 27 ISO/IEC 27001 Jobs in Bristol

a high-performing cyber team at a confidential firm investing in next-gen information security. As an Information Security Analyst , you'll ensure ISO 27001 alignment while driving meaningful improvements to audit and risk frameworks. What You’ll Be Doing Develop and evolve ISO 27001-aligned ISMS processes, policies, and documentation Extend ISO 27001:2022 certification to international offices and jurisdictions Run internal audits, support external audits, and lead on remediation Manage supplier due diligence, risk reviews, and third-party assessments Investigate security incidents and support … Champion a strong security culture through awareness and training What You’ll Bring Experience in information security or compliance-based roles Knowledge of ISO 27001, Cyber Essentials, NIST or similar frameworks Ability to communicate and collaborate across business functions Comfortable working in cloud and Microsoft More ❯

Information Security Engineer Hybrid: Remote / Bristol Reporting to: Joe Mathews - VP of Technology Salary: £45,000 - £50,000 About Us Duel is a SaaS company on a mission to make Brand Advocacy the industry standard playbook for building brilliant retail brands. It was founded by world record breaking … a timely manner. Learn and implement security monitoring and automation solutions to detect and respond to threats. Help manage security tooling, including SIEM, IDS / IPS, and vulnerability scanning solutions. Work closely with engineers to support secure coding practices and help embed security considerations early in the development process. … as Secureframe, Drata, or Vanta. Experience working with pen testing and bug bounties a plus. Basic understanding of security tools such as SIEM, IDS / IPS, and vulnerability management solutions. Experience or knowledge of cloud security (AWS, GCP, or Azure). Awareness of security best practices in application and More ❯

to the Head of Cybersecurity and work within our specialist Cybersecurity Practice. In this role, you will provide cybersecurity assurance within a complex marine / defence engineering programme, supporting the development and delivery of cyber-resilient systems. This is a consultancy role focused on integrating cybersecurity into programme controls … Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Essential skills Strong understanding of cybersecurity assurance principles, risk management, and regulatory compliance in defence or safety-critical environments. Proven ability to produce and More ❯

to the Head of Cybersecurity and work within our specialist Cybersecurity Practice. In this role, you will provide cybersecurity assurance within a complex marine / defence engineering programme, supporting the development and delivery of cyber-resilient systems. This is a consultancy role focused on integrating cybersecurity into programme controls … Engineering, or a related technical or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor / Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO / IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs. Essential skills Strong understanding of cybersecurity assurance principles, risk management, and regulatory compliance in defence or safety-critical environments. Proven ability to produce and More ❯

reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30 / 37 / 53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents … vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001 / 2, ISO27005 / 31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan … / 139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. Strong problem-solving, decision-making, and communication skills. Qualifications & Requirements: Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). Industry certifications such as CISSP, OSCP, CEH More ❯

build security resilience across multiple jurisdictions. What You’ll Be Doing Maintain and improve the ISMS, including policies, procedures, and guidelines Ensure ongoing ISO 27001:2022 alignment across UK and international offices Conduct internal audits, lead remediation efforts, and support third-party reviews Run supplier due … Deliver awareness training and drive adoption of secure behaviours What You’ll Bring Experience in information security or compliance-based roles Knowledge of ISO 27001, Cyber Essentials, NIST or similar frameworks Ability to communicate and collaborate across business functions Comfortable working in cloud and Microsoft … environments Certifications like CISMP, CISSP or ISO 27001 Lead Auditor are a bonus More ❯

About Squarcle / The Team Squarcle is an independent strategy and operations consultancy. We are dedicated to ensuring that our clients have both a well-defined strategy and a supply chain that are aligned to provide a performance advantage. Squarcle is a people orientated organisation that prides itself on … build a diverse, dedicated, and high-performing team of subject matter experts to help our clients achieve supply chain and operational excellence. Job Overview / Introduction Our Dev Sec Ops Engineer reports to the Head of Technology Services and works directly with clients. The Dev Sec Ops Engineer is … to ensure flexibility for multi-cloud environments. Expertise in cloud-native infrastructure patterns such as microservices, containers, and serverless architecture. Develop and maintain CI / CD pipelines for efficient, secure, and automated deployments. Security by design Vulnerability management Threat modelling Cloud Security Ensure compliance with industry security standards and More ❯

vital role in safeguarding our cloud infrastructure and applications. - If you have expertise in AWS security, a strong understanding of security frameworks like ISO or NIST, and the ability to drive secure coding practices, we want to hear from you! The role. As an Application Security Engineer, you … such as ISO 27001, NIST, and CIS benchmarks. Collaborate with development teams to enhance secure coding practices and strengthen CI / CD pipeline security. Oversee and improve cloud security in AWS, leveraging tools such as AWS Security Hub, AWS Shield, and AWS IAM. Manage the … Familiarity with OWASP Top 10, CWE, and secure coding practices. Proficiency in using security tools such as static and dynamic analysis tools. Basic coding / scripting skills in Python, JavaScript, or similar. Strong communication skills with the ability to engage technical and non-technical stakeholders. Desirable Skills: Experience working More ❯

to teams across the organization. The Person Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30 / 53, OWASP). Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138 / More ❯

or equivalent) e.g. CISSP. In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, CIS, DSPT / CAF). Experience as a Security Architect or in a similar role, with a strong track record of designing and implementing security controls and … / or solutions and leading technical teams. Experience with architecture methodology such as TOGAF or SABSA. Experience of threat and risk modeling. Strong understanding of network security, encryption, authentication, and access control mechanisms. Experience with security technologies such as firewalls, intrusion detection / prevention systems, security information and … Google). Experience of DevSecOps. Experience of research in technology trends and ways to secure those technologies. Experience with automated deployment techniques and CI / CD pipelines. Experience working in or with Government organizations, especially within a Health and Social Care setting, including the handling of assets subject to More ❯

team to develop effective training within the company. Key Skills and Qualifications Strong knowledge of system and network security, protocols, and best practices, including ISO27001, SOC2 and Cyber Essentials controls. Experience with firewalls, intrusion detection systems, anti-virus software, and data encryption. Knowledge of risk assessment tools, technologies, and methods. … our automated scanning tools (Nessus and Qualys) are maintained, provide the right coverage, and all findings are notified to relevant teams. Ensuring AWS Shield / AWS WAF / Akamai / Firewalls and other similar tools / configuration are operating effectively. SIEM Lead and improve SIEM processes … Bombay, but we have a range of benefits including considerations for healthcare, private medical insurance, 27 days holiday rising with length of service, buy / sell up to 3 days holiday, work life balance, and many more! For more information on our full range of benefits, please visit our More ❯

security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2 or equivalent. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. More ❯

control and collaboration: Proficient with Git, GitHub, Azure DevOps, or similar tools for source control and team collaboration. Agile methodologies: Experience working in Agile / Scrum environments, with a focus on iterative development and continuous improvement. Security best practices: Knowledge of secure coding practices and compliance with data protection … regulations (GDPR, ISO 27001, CE+). Problem-solving and analytical skills: Ability to troubleshoot complex software issues, identify root causes, and implement effective solutions. Communication and teamwork: Strong verbal and written communication skills, with the ability to work collaboratively with both technical and non-technical teams. More ❯

an ITSM tool, preferably ServiceNow. ITIL Foundation certification. Working knowledge of ISO27001. Experience with Citrix Desktop Director. Proficiency in Microsoft Office products, including M365 / Teams. Familiarity with document and case management systems. Knowledge of VPN and remote access solutions. Understanding of desktop hardware. Ability to accurately record, update More ❯

business Experience of working in a collaborative manner with auditors, compliance and other key business stakeholders A strong understanding of framework for example ISO 27001, NIST or similar governance models More ❯

business Experience of working in a collaborative manner with auditors, compliance and other key business stakeholders A strong understanding of framework for example ISO 27001, NIST or similar governance models Knowledge and understanding and experience of PAM More ❯

business Experience of working in a collaborative manner with auditors, compliance and other key business stakeholders A strong understanding of framework for example ISO 27001, NIST or similar governance models Knowledge and understanding and experience of PAM More ❯

maintained. Implement solutions in line with overall strategy and architecture. Take operational ownership of all information security management processes across projects. Ensure certification and / or network accreditation to required standards. Work closely with delivery partners and client / business stakeholders to understand their needs. Roadmap solutions to … ability to convey complex technical details to clients in a straightforward manner. Strong background in security architectures, processes and both industry and government compliances (ISO27001, CES, CES+ in particular). Background in Microsoft, AWS and / or Cloudflare security technology would be beneficial. Good knowledge of security standards, legislation More ❯

This role is to provide Quality Assurance support to the Defence Information program. This is a key role in providing quality assurance against ISO9001, ISO27001, ISO20000 and ISO44001 standards. Role : Quality Systems Specialist Location : Bristol or Milton Keynes Shift Pattern: Mon-Fri Days only. IR35 Status : Inside Security Clearance : Must … This role is to provide Quality Assurance support to the Defence Information program. This is a key role in providing quality assurance against ISO9001, ISO27001, ISO20000 and ISO44001 standards. The clients Quality Management System is certified to ISO9001:2015, ISO27001 and ISO44001 as well as AS9100D and AS9110C. The day … Digital Programmes team within the Quality function and report on Quality matters to the Bristol Quality Lead and Digital Programmes Quality Manager. Preferred Qualifications / Experience Required: An understanding and previous experience of Quality Assurance Management A basic Engineering Lifecycle knowledge HNC in an Aerospace / Engineering discipline More ❯

technologies. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and others. Preferred Experience: Architecture and end-to-end security reviews. TCP / IP networking (firewalls, routing … etc.). Coding / scripting (Python, Bash, C#, etc.). Internet security. Cryptography and password cracking. Additional Beneficial Skills: Code review. Audit experience (ISO27001, CTAS, CAS(T . Mentorship and leadership capabilities within a technical team. Benefits: Competitive salary with performance-based incentives. Professional development and certification opportunities. A More ❯

External Audits * Working with Third Parties / Vendors to understand their Risk profile * Knowledge of Information Security controls * Knowledge of the likes of ISO27001 and NIST The role would be hybrid and based out of either their Bristol or Edinburgh offices 3 days per week. If you hold the … likes of CRISC, ISO Lead Implementor / Lead Auditor or similar then this would be a great benefit but is not imperative. If you'd like to hear more, then please do get in touch. More ❯

Oversee security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS / IPS, RBAC, vulnerability management Understanding of cloud, COTS / SaaS platforms & IoT security Ability More ❯

of our cyber security infrastructure. A typical day in the role: Implementing Configuration Changes: Making adjustments to key network infrastructure within a mixed physical / virtual datacentre LAN across multiple sites. Enhancing Monitoring Systems: Contributing to improvements in our monitoring systems and using them proactively to identify and resolve … potential faults before they cause outages. Developing Automation: Advancing our CI / CD-driven automation by integrating additional systems and implementing new features. Design and Planning: Planning and designing hardware refreshes, improvements to redundancy and reliability, and structural changes to the datacentres. Preventative Maintenance: Preparing and testing upgrades and … Linux on vSphere - working with these in the past will be beneficial. Any experience working within the scope of standards such as ITIL, ISO9001, ISO27001, Cyber Essentials, and the CIS Benchmark would be an asset. DBS required or enhanced background screening: This position requires the successful candidate to undergo enhanced More ❯

Job : Quality Systems Specialist Location : Bristol / Milton Keynes with some hybrid working options. Travel to other work sites is also expected if required by the program. Duration : Maternity Cover - Expected to start within 2 / 3 weeks following a successful interview Please Note: This role does not … This role is to provide Quality Assurance support to the Defence Information program. This is a key role in providing quality assurance against ISO9001, ISO27001, ISO20000 and ISO44001 standards. The Quality Management System is certified to ISO9001:2015, ISO27001 and ISO44001 as well as AS9100D and AS9110C. The day-to … improvement from a quality perspective Expectations An understanding and previous experience of Quality Assurance Management A basic Engineering Lifecycle knowledge HNC in an Aerospace / Engineering discipline An experience in Aerospace / Defence background is highly desirable Lead / Internal Auditor AS9100 / ISO9001 Knowledge of More ❯

This role is to provide Quality Assurance support to the Defence Information program. This is a key role in providing quality assurance against ISO9001, ISO27001, ISO20000 and ISO44001 standards. The client’s Quality Management System is certified to ISO9001:2015, ISO27001 and ISO44001 as well as AS9100D and AS9110C. The … perspective. Preferred Skills, Qualifications, and Experience: • An understanding and previous experience of Quality Assurance Management. • A basic Engineering Lifecycle knowledge. • HNC in an Aerospace / Engineering discipline. • An experience in Aerospace / Defence background is highly desirable. • Lead / Internal Auditor AS9100 / ISO9001. • Knowledge of … MAA Regulations. • An understanding / experience of conforming to the Defence Standards. • Have a good understanding of Quality Management techniques. • Continuous Improvement Techniques and Management. • Computer literate. Minimum 2 days in office, rest working from home. If this of interest please apply today, or alternatively contact Kaisey Linscott on More ❯