At a Glance
- Tasks: Lead ISO 27001 implementation and certification across a global organisation.
- Company: Join a forward-thinking company prioritising information security.
- Benefits: Competitive salary, flexible working options, and professional growth opportunities.
- Other info: Collaborative environment with diverse teams and exciting challenges.
- Why this job: Make a significant impact on global security standards and practices.
- Qualifications: Proven experience in ISO 27001 certification and strong risk management skills.
The predicted salary is between 60000 - 80000 € per year.
We are seeking an experienced ISO 27001 Lead to drive end-to-end implementation and certification across a global organisation. This role will lead the design, build and operationalisation of the ISMS in line with ISO/IEC 27001:2022.
Key Responsibilities
- Conduct enterprise-wide ISO 27001:2022 gap assessment
- Define ISMS scope, context, governance and risk methodology.
- Develop the risk register, Statement of Applicability (SoA) and risk treatment plans.
- Deliver a prioritised implementation roadmap including budget, resourcing and timelines.
- Establish ISMS governance, metrics, management review and audit readiness.
- Coordinate cross-functionally with Technology, Security, Legal, HR, Procurement and Business Units.
Required Experience
- Proven track record leading ISO 27001 certification end-to-end in complex environments.
- Strong knowledge of ISO/IEC 27001:2022 and ISO 27002:2022.
- Experience implementing risk management frameworks, ISMS governance and controls.
- Cloud security familiarity (Azure/M365, AWS, GCP) and core disciplines (IAM, monitoring, incident & vulnerability management).
- Strong stakeholder engagement and programme delivery capability.
Deliverables
- Gap assessment report
- Defined ISMS scope and governance model
- Implementation roadmap with budget & resource plan
- Audit-ready documentation and KPI dashboard
Qualifications: ISO 27001 Lead Implementer and/or Lead Auditor.
Locations
Information Security GRC Lead - ISO27001 in Hampshire, Portsmouth employer: Barclay Simpson
As an employer, we pride ourselves on fostering a dynamic and inclusive work culture that prioritises employee growth and development. Our Information Security GRC Lead role offers the opportunity to work in a global environment, where you will be at the forefront of implementing ISO 27001 standards, supported by a collaborative team and comprehensive training programmes. With competitive benefits and a commitment to innovation, we ensure our employees are equipped to thrive and make a meaningful impact.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security GRC Lead - ISO27001 in Hampshire, Portsmouth
✨Tip Number 1
Network like a pro! Reach out to your connections in the information security field, especially those who have experience with ISO 27001. A friendly chat can lead to insider info about job openings or even referrals.
✨Tip Number 2
Show off your expertise! Prepare a portfolio or a presentation that highlights your past successes in leading ISO 27001 implementations. This will help you stand out during interviews and showcase your hands-on experience.
✨Tip Number 3
Stay updated on industry trends! Follow relevant blogs, podcasts, and forums related to ISO 27001 and information security. This knowledge will not only boost your confidence but also impress potential employers during discussions.
✨Tip Number 4
Apply through our website! We’ve got a streamlined application process that makes it easy for you to showcase your skills. Plus, it shows us you’re genuinely interested in joining our team!
We think you need these skills to ace Information Security GRC Lead - ISO27001 in Hampshire, Portsmouth
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with ISO 27001 and any relevant certifications. We want to see how your skills align with the role, so don’t be shy about showcasing your achievements in similar projects!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how your background makes you the perfect fit for leading our ISO 27001 implementation. Keep it engaging and personal!
Showcase Your Stakeholder Engagement Skills:In your application, highlight examples of how you've successfully engaged with various stakeholders in past roles. We love seeing candidates who can communicate effectively across different teams, especially in complex environments.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy – just follow the prompts!
How to prepare for a job interview at Barclay Simpson
✨Know Your ISO 27001 Inside Out
Make sure you’re well-versed in ISO/IEC 27001:2022 and ISO 27002:2022. Brush up on the key principles, requirements, and recent updates. Being able to discuss these confidently will show that you’re not just familiar with the standards but are genuinely passionate about information security.
✨Prepare for Scenario-Based Questions
Expect questions that ask how you would handle specific situations related to risk management and ISMS governance. Think of examples from your past experience where you successfully led a certification process or managed a complex project. Use the STAR method (Situation, Task, Action, Result) to structure your answers.
✨Showcase Your Stakeholder Engagement Skills
This role requires strong collaboration across various departments. Be ready to discuss how you’ve effectively engaged stakeholders in previous roles. Highlight any strategies you used to ensure alignment and buy-in from different teams, especially in complex environments.
✨Have a Roadmap Ready
Since you’ll be expected to deliver an implementation roadmap, come prepared with a high-level outline of what you believe a successful roadmap looks like. Discuss how you would approach budgeting, resourcing, and timelines, and be ready to adapt your ideas based on the company’s specific needs.
