Job Description
We are seeking a Senior ISO 27001 consultant to join our ISO implementation team.
Evalian is a data protection and security services provider. We specialise in data protection compliance, GDPR, information security, penetration testing and ISO certification consultancy.
We are a team of over 50 people, located across the UK and at our head office near Winchester in Hampshire.
Our ISO 27001 consultants support organisations in the implementation of ISO 27001 certifiable information security management systems (ISMS). We also help organisations transition from ISO 27001:2013 to ISO 27001:2022 and provide internal auditing services to help our clients ensure that their ISMS remains compliant.
We are growing the ISO consulting team to meet client demand and wish to hire someone with relevant experience.
The Role
You will report directly to the Head of Practice and support them on projects initially before taking on ownership of your own projects once you are settled in and comfortable with our approach.
Your tasks will include:
- Assessing new clients against the requirements of ISO 27001 and drafting gap analysis reports.
- Utilising our existing framework to draft policies, processes and procedures for clients to review and implement.
- Facilitating and delivering ISO 27001 workshops on topics such as risk management, internal auditing and business continuity.
- Advising on implementation of ISO focused controls required to address security risks.
- Carrying out or supporting client internal audits and the documentation of audit reports.
- Maintenance corrective action logs, delivery trackers and client progress reports.
- Assisting with the maintenance of Evalian's own management systems.
- Participating in continual improvement activities and, where appropriate, leading some of them.
- Delivering topic specific blogs for publication on our website.
The Person
The ideal candidate will have at least 3 year's experience in implementing or supporting an ISO 27001 certified ISMS. This may be as a consultant or in an internal capacity. You will have already qualified as an ISO 27001 Lead Auditor or Lead Implementer.
You will be able to enunciate the advantages of ISO certification and to demonstrate an in-depth understanding of the requirements of ISO 27001. You will specifically have experience in implementing the ISO 27001:2013 and ISO 27001:2022 Annex A controls, ideally in organisations of various sizes and from different industries.
You will be a self-starter who will fill in gaps in your knowledge through continued professional development. You will be happy to research standards and best practice and to tackle new topics.
Excellent writing skills are essential, as report drafting is a key part of the job. You will also need good communication skills and be comfortable working with clients in executive roles, as well as technical personnel, either as part of a small team or on your own.
You will need to demonstrate an open and proactive attitude, always putting the needs of our clients first and be flexible at times to ensure commitments are met.
Ideally, you will have experience in implementing and/or auditing ISO 9001 and/or ISO 22301.
The Package
The salary will depend on your experience and qualifications and will be in the range of £50,000 to £60,000.
Benefits include life assurance, medical insurance, dental cashback and pension.
Location & Minimum Requirements
We are happy to hear from consultants from across the UK provided you can work effectively from home and are willing to travel to client sites (when permitted). If you are home based, you will need to have a dedicated working area and reliable internet connection.
You will need to have a driving licence and access to a car that you can use for work purposes.