We are seeking an experienced ISO 27001 Lead to drive end-to-end implementation and certification across a global organisation. This role will lead the design, build and operationalisation of the ISMS in line with ISO/IEC 27001:2022.
Key Responsibilities
- Conduct enterprise-wide ISO 27001:2022 gap assessment
- Define ISMS scope, context, governance and risk methodology.
- Develop the risk register, Statement of Applicability (SoA) and risk treatment plans.
- Deliver a prioritised implementation roadmap including budget, resourcing and timelines.
- Establish ISMS governance, metrics, management review and audit readiness.
- Coordinate cross-functionally with Technology, Security, Legal, HR, Procurement and Business Units.
Required Experience
- Proven track record leading ISO 27001 certification end-to-end in complex environments.
- Strong knowledge of ISO/IEC 27001:2022 and ISO 27002:2022.
- Experience implementing risk management frameworks, ISMS governance and controls.
- Cloud security familiarity (Azure/M365, AWS, GCP) and core disciplines (IAM, monitoring, incident & vulnerability management).
- Strong stakeholder engagement and programme delivery capability.
Deliverables
- Gap assessment report
- Defined ISMS scope and governance model
- Implementation roadmap with budget & resource plan
- Audit-ready documentation and KPI dashboard
Qualifications: ISO 27001 Lead Implementer and/or Lead Auditor.
Discover leading jobs with Barclay Simpson, the global recruitment specialists: https://www.barclaysimpson.com/specialisms/cyber-security-jobs/
Job listing posted by Barclay Simpson: https://www.barclaysimpson.com/job/information-security-grc-lead-iso27001-2/