4 of 4 ISO 27001 Lead Auditor Jobs in the Thames Valley

London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the firm’s long-term security strategy … drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm’s information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and More ❯

meetings and producing high-quality deliverables with minimal supervision while also using their business acumen to identify new opportunities and support business development activities including proposals and presentations. ISO specialism is required. Day to day you will: Work with our customers to assist them in identifying and effectively managing cyber security risk Evaluate customers' business needs and … advise on strategic cyber security planning and objectives Lead complex cyber security projects in the Governance, Risk and Compliance (GRC) and Strategy & Consulting domains Work with clients to evaluate, develop, improve, or manage their cybersecurity initiatives across cyber transformation, security strategy, security governance, operating model, risk and compliance, maturity assessments, cyber resilience, security architecture, data privacy and … level higher qualification in Cyber Security, Information Systems, Computer Engineering, Computer Science, Cybersecurity or related field is preferred At least one major security certification (CISM, CISA, CISSP, ISO27001 Lead Auditor / Lead Implementer) Minimum of 5 years of experience dealing with a diverse range of information / cyber security projects and More ❯

McFall Recruitment are partnering with a Financial Services company seeking a pragmatic and experienced Head of Cyber Security Governance, Risk & Compliance to lead and evolve our global Information Security control framework. This pivotal role will shape the resilience, responsiveness, and maturity of our Information Security function across all regions and business units. Reporting directly to the Chief … you’ll play a key leadership role in transforming Cyber Security —enhancing people, processes, and technology to protect the business and maintain operational resilience. What you’ll do Lead the global Cyber Security risk management programme , driving best-in-class governance and compliance. Develop and maintain cybersecurity policies, standards, and procedures aligned with regulatory requirements and business … evaluations, and oversee treatment planning. Embed cyber risk into enterprise risk frameworks through collaboration with global teams. Oversee vendor risk management and ensure third-party compliance. Chair and lead the Cyber Security Digital Resilience Forum . Support the NIST maturity uplift programme and alignment with ISO 27001:2022 . Ensure compliance More ❯

you enjoy simplifying regulatory challenges, designing pragmatic governance models, and influencing security strategy at scale this could be your next move. Key Responsibilities Translate international standards (NIST CSF, ISO 27001, GDPR, SOC 2, PCI DSS, CSA CCM) into actionable policies and controls. Design and implement unified compliance frameworks across cloud, hybrid, and enterprise systems. … Lead internal and external audits, certification readiness, and regulatory assurance activities. Conduct risk assessments, control testing, and third-party assurance programs. Stay ahead of evolving regulations, standards, and automation opportunities. Prepare and deliver executive-level compliance reports and dashboards. Mentor junior consultants and collaborate closely with cross-functional teams. What We’re Looking For 6–8+ years … knowledge of compliance automation tools (ServiceNow GRC, OneTrust, Archer, or similar). Excellent communication and stakeholder management skills, including C-level engagement. Preferred Certifications CISM, CISA, CRISC, CISSP, ISO 27001 Lead Implementer / Auditor, CCSK, AWS Security Specialty, GDPR Practitioner. If you’re a cybersecurity professional passionate about More ❯