IT Security Technical, Governance, Risk and Compliance Consultant

Governance Risk and Compliance Consultant - ISO27001 - Yorkshire Remote Opportunity Full-Time

Are you passionate about cybersecurity and governance? Do you thrive in a dynamic client-facing environment where you can make a real impact? We’re looking for a Governance Risk and Compliance Consultant to join our client’s team and help organizations navigate the complex world of information security compliance and risk management.

This is a fully remote role offering you the flexibility to work from anywhere while delivering top-notch consultancy services to our diverse client base. If you’re ready to take your expertise to the next level and work with a team that values innovation and excellence we want to hear from you!

• Deliver Excellence: Manage and deliver client projects on time and to a high standard ensuring a seamless experience for our customers.
• Consult and Advise: Conduct assessments and reviews for ISO27001 (Information Security Management) and ISO22301 (Business Continuity Management). Provide expert advice on compliance standards such as PCI-DSS, Cyber Essentials and more.
• Policy Development: Create, review and update information security policies to align with business and regulatory requirements.
• Technical Expertise: Translate information security requirements into actionable IT security controls and measures.
• Stay Ahead: Keep up-to-date with the latest regulations, standards and best practices in cybersecurity and compliance.
• Client Engagement: Participate in scoping calls, client meetings and ongoing project management to ensure client satisfaction.
• Incident Response Planning: Assist clients in developing robust Cyber Security Incident Response Plans (CSIRP).

We’re looking for someone with :

• CISM, CISSP or equivalent certifications.
• ISO27001 and ISO22301 Lead Auditor / Implementor certifications.
• Knowledge of Cyber Essentials / Cyber Essentials Plus.
• Familiarity with PCI DSS and ISO31000 (preferred).

• Proven track record in delivering governance risk and compliance services.
• Expertise in information security management and business continuity frameworks.
• Experience working with industry standards such as NIST, CIS and NCSC.
• Strong communication skills with the ability to engage clients at all levels including C-suite executives.

• Attention to detail and a knack for aligning security policies with business needs.
• Ability to translate complex security requirements into practical solutions.
• A proactive approach to staying informed about emerging security technologies and trends.

Here’s what a typical day might look like :

• Start your day with a virtual team meeting to discuss ongoing projects and share insights.
• Conduct a remote ISO27001 assessment for a client identifying areas for improvement.
• Draft or review an information security policy tailored to a client’s unique needs.
• Participate in a scoping call with a new client to understand their compliance requirements.
• Research the latest updates in cybersecurity regulations to ensure your advice is cutting-edge.
• Wrap up the day by preparing a detailed report for a client summarizing your findings and recommendations.

Curious? We’re available anytime to talk through the finer details in the words of the four out!