ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health/ Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management System (ISMS) in accordance with ISO27001 in a company that manages highly sensitive data. You will support the firm’s governance, addressing areas of risk and supporting plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001 and other regulatory standards. Assessing security posture, identifying vulnerabilities, and developing mitigation strategies to manage enterprise-wide information security risks. Maintaining and enhancing the organisation’s risk register and heat map, ensuring risks are scored, tracked, and treated effectively. Overseeing the implementation and management of systems, including firewalls, encryption, and data protection controls. You will also be responsible for Policy & Training, Incident & Breach Management, Risk & Control Management, Vendor & System Assurance. What you'll need to succeed You will ideally have the following experience and qualifications:Professional certifications such as ISO 27001 Lead Implementer/Auditor as well as hands-on experience with auditing and maintaining accreditation for ISO 27001:2022 You will have a strong background in enterprise risk management, information governance, compliance, and risk assessment. Excellent communication skills – both written and verbal are required – with the ability to influence and educate. Knowledge of Cyber Essentials & SOC2 or other relevant standards would also be beneficial. What you'll get in return Salary is negotiable according to experience – they are considering salaries in excess of £50,000 within reason! Hybrid working will move to 3 days a week in the office and 2 from home, after the initial settling-in period. 25 days holiday plus your birthday off! Free parking plus a range of company benefits What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career. 4731969