Job Description
Governance, Risk, and Compliance Consultant - ISO27001 - Yorkshire Remote Opportunity | Full-Time
Overview
Are you passionate about cybersecurity and governance? Do you thrive in a dynamic, client-facing environment where you can make a real impact? We’re looking for a Governance, Risk, and Compliance Consultant** to join our clients team and help organizations navigate the complex world of information security, compliance, and risk management.
This is a fully remote role, offering you the flexibility to work from anywhere while delivering top-notch consultancy services to our diverse client base. If you’re ready to take your expertise to the next level and work with a team that values innovation and excellence, we want to hear from you!
Responsibilities
As an IT Security Technical, Governance, Risk, and Compliance Consultant, you will:
- Deliver Excellence: Manage and deliver client projects on time and to a high standard, ensuring a seamless experience for our customers.
- Consult and Advise: Conduct assessments and reviews for ISO27001 (Information Security Management) and ISO22301 (Business Continuity Management). Provide expert advice on compliance standards such as PCI-DSS, Cyber Essentials, and more.
- Policy Development: Create, review, and update information security policies to align with business and regulatory requirements.
- Technical Expertise: Translate information security requirements into actionable IT security controls and measures.
- Stay Ahead: Keep up-to-date with the latest regulations, standards, and best practices in cybersecurity and compliance.
- Client Engagement: Participate in scoping calls, client meetings, and ongoing project management to ensure client satisfaction.
- Incident Response Planning: Assist clients in developing robust Cyber Security Incident Response Plans (CSIRP).
Qualifications
We’re looking for someone with:
Professional Certifications:
- CISM, CISSP, or equivalent certifications.
- ISO27001 and ISO22301 Lead Auditor/Implementor certifications.
- Knowledge of Cyber Essentials/Cyber Essentials Plus.
- Familiarity with PCI DSS and ISO31000 (preferred).
Experience:
- Proven track record in delivering governance, risk, and compliance services.
- Expertise in information security management and business continuity frameworks.
- Experience working with industry standards such as NIST, CIS, and NCSC.
- Strong communication skills with the ability to engage clients at all levels, including C-suite executives.
Skills:
- Attention to detail and a knack for aligning security policies with business needs.
- Ability to translate complex security requirements into practical solutions.
- A proactive approach to staying informed about emerging security technologies and trends.
Day-to-Day
Here’s what a typical day might look like:
- Start your day with a virtual team meeting to discuss ongoing projects and share insights.
- Conduct a remote ISO27001 assessment for a client, identifying areas for improvement.
- Draft or review an information security policy tailored to a client’s unique needs.
- Participate in a scoping call with a new client to understand their compliance requirements.
- Research the latest updates in cybersecurity regulations to ensure your advice is cutting-edge.
- Wrap up the day by preparing a detailed report for a client, summarizing your findings and recommendations.
Curious? We're available anytime to talk through the finer details, in the words of the four tops........reach out!