Information Security GRC Lead - ISO27001

• Conduct enterprise-wide ISO 27001:2022 gap assessment
• Define ISMS scope, context, governance and risk methodology.
• Develop the risk register, Statement of Applicability (SoA) and risk treatment plans.
• Deliver a prioritised implementation roadmap including budget, resourcing and timelines.
• Establish ISMS governance, metrics, management review and audit readiness.
• Coordinate cross-functionally with Technology, Security, Legal, HR, Procurement and Business Units., Deliverables
• Gap assessment report
• Defined ISMS scope and governance model
• Implementation roadmap with budget & resource plan
• Audit-ready documentation and KPI dashboard

We are seeking an experienced ISO 27001 Lead to drive end-to-end implementation and certification across a global organisation. This role will lead the design, build and operationalisation of the ISMS in line with ISO/IEC 27001:2022., * Proven track record leading ISO 27001 certification end-to-end in complex environments.

• Strong knowledge of ISO/IEC 27001:2022 and ISO 27002:2022.
• Experience implementing risk management frameworks, ISMS governance and controls.
• Cloud security familiarity (Azure/M365, AWS, GCP) and core disciplines (IAM, monitoring, incident & vulnerability management).
• Strong stakeholder engagement and programme delivery capability.