A leading professional services organisation is looking for an Information Security Officer with strong governance, risk, and compliance experience. This is a standalone role with real ownership — ideal for someone ready to step up and shape a growing security function.
The Role
Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2)
Lead gap analysis and audit readiness
Own the security risk register and drive mitigation
Develop policies, standards, and procedures
Support ISO 22301/business continuity
Coordinate internal/external audits and evidence gathering
Manage vendor risk and customer due‑diligence requests
Provide independent governance oversight (separate from IT Ops)
About You
Strong experience with ISO 27001 (Annex 8), CE+, and risk management
Background in audits, incident response, and governance documentation
Confident working with Compliance, IT, and external partners
Able to own initiatives and work independently
Pragmatic, collaborative, and business‑minded
Why Apply?
High visibility and autonomy
Opportunity to shape security governance during transformation
Supportive, flexible culture
Clear progression for someone wanting more ownership
If this sounds like the right next step for you, please send your CV to Andy Dale at Arcas