About the Role
We are seeking an experienced and skilled Information Security Consultant with expertise in ISO 22301 (Business Continuity Management), ISO 27001 (Information Security Management), and ISO 20000 (IT Service Management). The role involves delivering comprehensive consultancy services, including documentation, training, and auditing, to assist organizations in achieving and maintaining compliance with these critical standards.
Key Responsibilities
- Implementation of Standards:
- Guide clients in the implementation and integration of ISO 22301, ISO 27001, and ISO 20000 frameworks.
- Develop tailored strategies to meet client-specific needs and ensure effective compliance.
- Documentation Development:
- Prepare, review, and maintain detailed management system documentation, including policies, procedures, risk assessments, and incident response plans.
- Training and Capacity Building:
- Conduct training programs and workshops to enhance organizational knowledge of information security, business continuity, and IT service management practices.
- Foster awareness of ISO standards and compliance requirements at all levels of the organization.
- Auditing and Compliance Support:
- Perform internal audits and readiness assessments to evaluate compliance with ISO standards.
- Assist clients in preparing for certification and surveillance audits.
- Address audit findings by developing corrective action and continuous improvement plans.
- Risk Assessment and Incident Management:
- Conduct risk assessments to identify vulnerabilities and recommend mitigation measures.
- Support clients in developing and testing incident response, disaster recovery, and business continuity plans.
- Continuous Improvement and Advisory:
- Provide ongoing advisory services to enhance the effectiveness of information security and business continuity systems.
- Stay updated on industry trends, emerging threats, and best practices to ensure clients remain resilient.
Qualifications and Skills
- Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
- Proven experience with ISO 22301, ISO 27001, and ISO 20000 in implementation, training, and auditing.
- Certification as a Lead Auditor or Lead Implementer in one or more of the relevant ISO standards is highly desirable.
- Strong understanding of risk management, incident response, and business continuity principles.
- Proficiency in conducting gap analyses, preparing audit reports, and developing corrective actions.
- Excellent analytical, organizational, and communication skills.
- Ability to manage multiple projects and meet tight deadlines.
- Willingness to travel to client locations as required.
What We Offer
- Competitive salary or project-based compensation.
- Opportunities for professional development and certifications.
- Exposure to diverse industries and high-profile clients.
- A collaborative and innovative work environment.
