At a Glance
- Tasks: Lead ISO 27001 implementation and certification across a global organisation.
- Company: Join a forward-thinking company prioritising information security.
- Benefits: Competitive salary, flexible working options, and professional growth opportunities.
- Other info: Collaborative environment with diverse teams and exciting challenges.
- Why this job: Make a significant impact on global security standards and governance.
- Qualifications: Proven experience in ISO 27001 certification and risk management frameworks.
The predicted salary is between 60000 - 80000 £ per year.
We are seeking an experienced ISO 27001 Lead to drive end-to-end implementation and certification across a global organisation. This role will lead the design, build and operationalisation of the ISMS in line with ISO/IEC 27001:2022.
Key Responsibilities
- Conduct enterprise-wide ISO 27001:2022 gap assessment
- Define ISMS scope, context, governance and risk methodology.
- Develop the risk register, Statement of Applicability (SoA) and risk treatment plans.
- Deliver a prioritised implementation roadmap including budget, resourcing and timelines.
- Establish ISMS governance, metrics, management review and audit readiness.
- Coordinate cross-functionally with Technology, Security, Legal, HR, Procurement and Business Units.
Required Experience
- Proven track record leading ISO 27001 certification end-to-end in complex environments.
- Strong knowledge of ISO/IEC 27001:2022 and ISO 27002:2022.
- Experience implementing risk management frameworks, ISMS governance and controls.
- Cloud security familiarity (Azure/M365, AWS, GCP) and core disciplines (IAM, monitoring, incident & vulnerability management).
- Strong stakeholder engagement and programme delivery capability.
Deliverables
- Gap assessment report
- Defined ISMS scope and governance model
- Implementation roadmap with budget & resource plan
- Audit-ready documentation and KPI dashboard
Qualifications: ISO 27001 Lead Implementer and/or Lead Auditor.
Information Security GRC Lead - ISO27001 in Edinburgh employer: Barclay Simpson
As an employer, we pride ourselves on fostering a dynamic and inclusive work culture that prioritises employee growth and development. Our Information Security GRC Lead role offers the opportunity to work in a global environment, where you will be at the forefront of implementing ISO 27001 standards, supported by a collaborative team that values innovation and excellence. With competitive benefits and a commitment to professional advancement, we provide a rewarding workplace for those looking to make a significant impact in the field of information security.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Lead - ISO27001 in Edinburgh
✨Tip Number 1
Network like a pro! Reach out to your connections in the information security field, especially those who have experience with ISO 27001. A friendly chat can lead to insider info about job openings or even referrals.
✨Tip Number 2
Show off your expertise! Prepare a portfolio that highlights your previous ISO 27001 projects and achievements. This will not only impress potential employers but also give you confidence during interviews.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or mentors to refine your answers, especially around your experience with risk management frameworks and ISMS governance. The more you practice, the more natural it will feel.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for you, and applying directly can sometimes give you an edge over other candidates. Plus, we love seeing applications from proactive folks like you!
We think you need these skills to ace Information Security GRC Lead - ISO27001 in Edinburgh
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with ISO 27001 and any relevant certifications. We want to see how your skills align with the role, so don’t be shy about showcasing your achievements in similar environments!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for the Information Security GRC Lead role. Share specific examples of your past successes in implementing ISO 27001 and how you can bring that expertise to us.
Showcase Your Stakeholder Engagement Skills:Since this role involves coordinating with various teams, make sure to highlight your experience in stakeholder engagement. We love seeing how you’ve successfully collaborated across departments to achieve common goals!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process. Plus, we can’t wait to hear from you!
How to prepare for a job interview at Barclay Simpson
✨Know Your ISO 27001 Inside Out
Make sure you brush up on your knowledge of ISO/IEC 27001:2022 and ISO 27002:2022. Be prepared to discuss how you've led certification processes in the past, including specific challenges you faced and how you overcame them.
✨Showcase Your Risk Management Skills
Be ready to talk about your experience with risk management frameworks. Prepare examples of how you've developed risk registers and treatment plans, and how these contributed to successful ISMS governance in previous roles.
✨Engage with Stakeholders
Highlight your ability to coordinate with various departments like Technology, Security, and HR. Think of examples where you successfully engaged stakeholders to drive a project forward, as this will demonstrate your programme delivery capability.
✨Prepare for Practical Scenarios
Expect scenario-based questions that test your problem-solving skills. Consider how you would approach a gap assessment or develop an implementation roadmap, and be ready to articulate your thought process clearly.
