Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Help update the ISO 27001 framework and ensure compliance with the latest standards.
- Company: Join a dynamic team focused on governance, risk, and compliance in cybersecurity.
- Benefits: Enjoy remote work flexibility and the chance to enhance your skills in a growing field.
- Why this job: Make a real impact by improving security frameworks while working with industry experts.
- Qualifications: Experience with ISO 27001 and strong documentation skills are essential; certifications are a plus.
- Other info: This is a contract role for 3 months, outside IR35 regulations.
The predicted salary is between 5000 - 7500 £ per month.
Job Title: GRC Security Consultant (ISO 27001 Specialist)
Contract Duration: 3 Months
Location: Remote
IR35: Outside IR35
Role Overview
We are seeking an experienced GRC Security Consultant to support a project updating the client’s ISO 27001 framework from the 2013 version to the 2022 version. You will conduct a comprehensive gap analysis, implement the required controls, and ensure all documentation aligns with the updated standard. This role requires deep knowledge of ISO 27001 and a hands-on approach to governance, risk, and compliance.
Key Responsibilities
- Perform a detailed gap analysis between ISO 27001:2013 and ISO 27001:2022.
- Design and implement required controls to achieve compliance with the updated standard.
- Update and create all necessary policies, procedures, and documentation to reflect ISO 27001:2022 requirements.
- Ensure the Information Security Management System (ISMS) is fully aligned with the latest standard.
- Collaborate with stakeholders to drive compliance and best practices.
Key Skills and Requirements
- Proven experience in ISO 27001 implementation and audits .
- Strong understanding of the differences between ISO 27001:2013 and ISO 27001:2022 .
- Hands-on experience conducting gap analyses and implementing controls.
- Exceptional documentation and policy-writing skills.
- Strong communication and stakeholder engagement capabilities.
- ISO 27001 Lead Implementer or Auditor certification (highly desirable).
- CISSP, CISM, or CRISC certifications (a plus).
GRC Security Consultant employer: Harnham
Contact Detail:
Harnham Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Security Consultant
✨Tip Number 1
Familiarize yourself with the key differences between ISO 27001:2013 and ISO 27001:2022. This will not only help you in the gap analysis but also demonstrate your expertise during discussions with stakeholders.
✨Tip Number 2
Showcase your hands-on experience by preparing examples of past projects where you conducted gap analyses or implemented controls. Be ready to discuss these experiences in detail during interviews.
✨Tip Number 3
Engage with online communities or forums focused on ISO standards and GRC topics. Networking with professionals in this field can provide insights and potentially lead to referrals for the position.
✨Tip Number 4
Highlight your documentation and policy-writing skills by preparing a portfolio of relevant documents you've created in previous roles. This will give potential employers a clear view of your capabilities.
We think you need these skills to ace GRC Security Consultant
Some tips for your application 🫡
Highlight Relevant Experience: Make sure to emphasize your experience with ISO 27001, particularly any projects where you've conducted gap analyses or implemented controls. Use specific examples to demonstrate your hands-on approach.
Showcase Documentation Skills: Since exceptional documentation and policy-writing skills are crucial for this role, include examples of policies or procedures you've created or updated in the past. This will showcase your ability to align with the updated ISO standards.
Tailor Your Application: Customize your CV and cover letter to reflect the key responsibilities and skills mentioned in the job description. Use keywords from the listing, such as 'gap analysis', 'ISO 27001:2022', and 'stakeholder engagement' to make your application stand out.
Prepare for Potential Questions: Anticipate questions related to the differences between ISO 27001:2013 and ISO 27001:2022. Be ready to discuss your understanding of these changes and how you would approach updating the framework.
How to prepare for a job interview at Harnham
✨Show Your ISO 27001 Expertise
Make sure to highlight your experience with ISO 27001, especially the differences between the 2013 and 2022 versions. Be prepared to discuss specific examples of how you've conducted gap analyses and implemented controls in previous roles.
✨Demonstrate Your Documentation Skills
Since exceptional documentation and policy-writing skills are crucial for this role, bring samples of your previous work or be ready to explain your process for creating and updating policies and procedures.
✨Engage with Stakeholders
Prepare to discuss how you have collaborated with stakeholders in past projects. Share examples of how you drove compliance and best practices through effective communication and engagement.
✨Certifications Matter
If you hold any relevant certifications like ISO 27001 Lead Implementer or Auditor, CISSP, CISM, or CRISC, make sure to mention them. Discuss how these certifications have equipped you with the knowledge and skills necessary for the role.
