Information Security Officer

Information Security Officer

6-Month contract - Inside IR35 - up to 560 per day

London based - hybrid working - 2 days a week on site

Role Summary

We are seeking an Information Security Officer (ISO) to lead and enhance our information security posture across governance, risk, compliance, and security-by-design. The ISO will partner with business, IT, Legal, and Security teams to ensure robust controls, audit readiness, and secure delivery-including supporting M&A activity through cyber due diligence and post-deal security integration planning.

Key Responsibilities

Security Governance & Risk Management

• Develop and maintain information security policies, standards, and procedures aligned to business objectives.
• Run security risk assessments, maintain risk registers, and drive risk treatment/remediation plans.

Compliance, Audit & Assurance

• Support compliance programs (e.g., ISO 27001, SOC 2, GDPR and other applicable regulations).
• Coordinate internal/external audits, track findings, and ensure timely remediation and evidence management.

M&A Cyber Due Diligence (Pre- and Post-Deal)

• Lead or support cybersecurity due diligence for mergers, acquisitions, and divestitures/carve-outs.
• Identify deal-impacting risks, quantify remediation effort (cost/timeline ranges), and advise on onboarding security priorities.

Security Operations Oversight

• Oversee security monitoring and key metrics (e.g., vulnerability SLAs, control coverage, incident trends).
• Ensure incident response readiness through playbooks, tabletop exercises, and post-incident reviews.

Third-Party & Supplier Security

• Perform vendor risk assessments, review security clauses, and ensure suppliers meet security and privacy requirements.

Security Awareness & Stakeholder Management

• Deliver security awareness initiatives and provide advisory support to projects and teams.
• Communicate risks and recommendations clearly to leadership and non-technical stakeholders.

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.