Information Security Compliance Manager (ISO27001 / Audit)
Hybrid working - 3 days per week required in the office.
DGH Recruitment are currently recruiting on behalf of a leading global professional services firm who are looking for an Information Security Compliance Manager to join the term on a permanent basis in their London office.
The role will coordinate and respond to external and internal security and compliance audit activities. Representing the firm's security program to clients, manage ISO 27001 audits, and will also be responsible for managing security assessments and audits of key partners and, where necessary, firm suppliers.
Responsibilities:
- Lead security audits and assessments in compliance with ISO27001 and other related frameworks, including definition of audit scope, control evaluation, test activities, audit reporting, issue resolution, and risk assessment for assigned audit objectives.
- Clearly explain security and compliance program to clients and other third parties.
- Provide responses to customer security questionnaires and RFPs detailing firm capabilities.
- Collaborate with internal and external stakeholders on controls and gap remediation.
- Manage security and compliance deliverables across multiple teams.
- Coordinate and maintain internal security audit schedule.
- Maintain Information Security Compliance documentation.
Required Skills / Experience:
- 5+ years of IT and Security audits or assessments, or related experience.
- ISO 27001 Lead Auditor certification (advantageous)
- Strong knowledge of ISO 27001, NIST CSF, and Cyber Essentials Plus requirements and controls.
- Strong knowledge of risk management, vulnerability management, and third party risk.
Information Security Compliance Manager (ISO27001 / Audit)