We are seeking an ISO 27001 consultant to join our ISO implementation and audit team. Evalian is a data protection and security services provider. We specialise in data protection compliance, GDPR, information security, penetration testing and ISO certification consultancy. We are a team of over 70 people, located across the UK and at our Head Office near Winchester in Hampshire. Our ISO 27001 consultants support organisations in the implementation of ISO 27001 certifiable information security management systems (ISMS) We also help organisations transition from ISO 27001:2013 to ISO 27001:2022 and provide internal auditing services and ISMS remote management services to help our clients ensure that their ISMS remains compliant. We are growing the ISO consulting team to meet client demand and wish to hire someone with relevant experience. The Role You will report directly to the Head of Practice and support them on projects initially before taking ownership of your own projects once you are settled in and comfortable with our approach. Your tasks will include: Assessing new clients against the requirements of ISO 27001 and drafting gap analysis reports. Utilising our existing framework to draft policies, processes and procedures for clients to review and implement. Facilitating and delivering ISO 27001 workshops on topics that include risk management, internal auditing and business continuity. Advising on the implementation of ISO focused controls required to address security risks. Carrying out or supporting client internal audits and documentation of audit reports. Act as remote ISMS Managers for clients as required. Maintaining corrective action logs, delivery trackers and client progress reports. Assisting with the maintenance of Evalian's own management systems. The Person The ideal candidate will have at least 2 years' experience in implementing or supporting an ISO 27001 certified ISMS. This may be as a consultant or in an internal capacity. You will understand the fundamental requirements of ISO 27001, and the requirements of clauses 4-10 of the standard specifically. You will also understand the requirements of the control listed at ISO 27001 Annex A. Ideally, you will have some knowledge of ISO 9001 and/or ISO 22301. You will be a self-starter who will fill in gaps in your knowledge through continued professional development. You will be happy to research standards and best practice and to tackle new topics. Good writing skills are essential, as report drafting is a key part of the job. You will also need good communication skills and be comfortable working with clients in executive roles, as well as technical personnel, either as part of a small team or on your own. You will need to demonstrate an open and proactive attitude, always putting the requirements of our clients first; and be flexible at time to ensure commitments are met. Whilst not essential, you may have attained one or more recognised security certifications, which could include (for example) ISO 27001 or ISO 9001 or ISO 22301 Lead Implementer ISO 27001 or ISO 9001 or ISO 22301 Lead Auditor The Package The salary will depend on your experience and qualifications and will be in the range of £30,000 to £45,000 depending on qualifications and experience. Benefits include life assurance, medical insurance, dental cashback and pension. Location & Minimum Requirements We are happy to hear from consultants from across the UK provided you can work effectively from home and are willing to travel to client sites (if required). If you are home based, you will need to have a dedicated working area and reliable internet connection. You will need to have a driving licence and access to a car that you can use for work purposes.