Cybersecurity Governance, Risk, and Compliance Consultant

Cybersecurity Governance, Risk, and Compliance Consultant - ISO27001 - Yorkshire - Remote Opportunity | Full-Time

Overview:

Are you passionate about cybersecurity and governance? Do you thrive in a dynamic, client-facing environment where you can make a real impact? We’re looking for a Governance, Risk, and Compliance Consultant to join our clients team and help organizations navigate the complex world of information security, compliance, and risk management.

This is a fully remote role, offering you the flexibility to work from anywhere while delivering top-notch consultancy services to our diverse client base. If you’re ready to take your expertise to the next level and work with a team that values innovation and excellence, we want to hear from you!

As a Governance, Risk, and Compliance Consultant, you will:

• Deliver Excellence: Manage and deliver client projects on time and to a high standard, ensuring a seamless experience for our customers.
• Consult and Advise: Conduct assessments and reviews for ISO27001 (Information Security Management) and ISO22301 (Business Continuity Management). Provide expert advice on compliance standards such as PCI-DSS, Cyber Essentials, and more.
• Policy Development: Create, review, and update information security policies to align with business and regulatory requirements.
• Technical Expertise: Translate information security requirements into actionable IT security controls and measures.
• Stay Ahead: Keep up-to-date with the latest regulations, standards, and best practices in cybersecurity and compliance.
• Client Engagement: Participate in scoping calls, client meetings, and ongoing project management to ensure client satisfaction.
• Incident Response Planning: Assist clients in developing robust Cyber Security Incident Response Plans (CSIRP).

We’re looking for someone with:

• CISM, CISSP, or equivalent certifications.
• ISO27001 and ISO22301 Lead Auditor/Implementor certifications.
• Knowledge of Cyber Essentials/Cyber Essentials Plus.
• Familiarity with PCI DSS and ISO31000 (preferred).

Experience:

• Proven track record in delivering governance, risk, and compliance services.
• Expertise in information security management and business continuity frameworks.
• Experience working with industry standards such as NIST, CIS, and NCSC.
• Strong communication skills with the ability to engage clients at all levels, including C-suite executives.

Skills:

• Attention to detail and a knack for aligning security policies with business needs.
• Ability to translate complex security requirements into practical solutions.
• A proactive approach to staying informed about emerging security technologies and trends.

Here’s what a typical day might look like:

• Start your day with a virtual team meeting to discuss ongoing projects and share insights.
• Conduct a remote ISO27001 assessment for a client, identifying areas for improvement.
• Draft or review an information security policy tailored to a client’s unique needs.
• Participate in a scoping call with a new client to understand their compliance requirements.
• Research the latest updates in cybersecurity regulations to ensure your advice is cutting-edge.
• Wrap up the day by preparing a detailed report for a client, summarizing your findings and recommendations.

Curious? We're available anytime to talk through the finer details, in the words of the four tops........reach out!