Position Purpose
We are seeking a highly organized and detail-oriented individual to fill a part-time role that combines Information Security Management System (ISMS) with oversight of client contract compliance. The ideal candidate will have experience managing ISMS compliance, ensuring all documentation and actions are up to date, and leading internal and external audits. Alongside this, they will act as the lead person responsible to monitor the company’s compliance with client contractual commitments in terms of certifications, policies and procedures.
Job Description
Key Responsibilities:
Contract Compliance Management:
· Reporting: Creating monthly Compliance Reports
· Risk Assessment: Carrying out research and documenting risks
· process reviews: regular reviews of internal processes to remain compliant
· Record Management: recording all actions and efforts to adhere to contractual terms
· Client meetings: Participating in client calls/meetings when discussing compliance matters
· Incident management: ensuring incidents are actioned appropriately
· Management: create, modify, update and implement company policies
· Liaise with department heads and senior Management regarding policies and Compliance matters
ISMS Management:
· Manage and maintain isms: ensure the organization's isms remains compliant with relevant standards (e.g., iso 27001), managing regular updates and tracking completion of required actions.
· Audit preparation: oversee both internal and external audits, ensuring all necessary documentation is in place and that the organization remains audit-ready.
· Risk management: identify and evaluate security risks, working with relevant teams to ensure mitigations are implemented and tracked.
· Policy updates: regularly review and update security policies and procedures in line with industry best practices and regulatory requirements.
· Compliance tracking: maintain up-to-date records of compliance efforts, ensuring all required actions are completed on schedule.
· Training and awareness: coordinate regular isms training and awareness programs for staff to ensure compliance and understanding of security policies.
Qualifications:
· Experience with ISMS management (e.g., ISO 27001) and audit coordination.
· Excellent communication skills: Ability to interface with both technical and non-technical stakeholders.
· Strong organizational and time-management skills to balance ISMS responsibilities and project management tasks.
· Risk assessment and mitigation skills, particularly in both information security and project contexts.
· Knowledge of relevant regulations and standards (e.g., ISO 27001, GDPR, etc.).
Preferred Skills:
· Experience in both Information Security .
· Experience with managing security training and awareness programs.
· Strong analytical and problem-solving abilities.
Job Types: Part-time, Permanent
Pay: £24,000.00-£28,000.00 per year
Expected hours: No more than 17 per week
Benefits:
Schedule: