I'm looking for an
Information Governance Specialist
to design and operate integrated frameworks across
ISO 27001
,
ISO 27701
, and
ISO 42001
. This role combines strategic leadership with hands-on delivery, ensuring compliance, security, and privacy controls are practical, auditable, and embedded into technical and operational workflows.
This is a hands-on and strategic role where you'll:
* Own and harmonize governance systems for security, privacy, and AI.
* Maintain ISO 27001 certification and drive readiness for ISO 27701 & ISO 42001.
* Embed practical, auditable controls into engineering and product workflows.
* Lead risk management, evidence automation, and audit readiness.
* Oversee vulnerability management programs and enforce patching SLAs.
* Lead incident response planning, tabletop exercises, and post-incident CAPA closure.
* Implement identity and access controls (SSO, MFA, JML automation).
* Partner with technical teams to balance compliance and agility.
What we're looking for:
* Strong experience in governance frameworks (
ISO 27001 essential
).
* Exposure to privacy and AI governance (
ISO 27701 / ISO 42001
).
* Hands-on experience with vulnerability management, incident response, and IAM.
* Ability to simplify complex regulatory requirements into actionable processes.
* Excellent communication and stakeholder engagement skills.
Preferred:
* ISO 27001 Lead Implementer/Auditor certification.
* Experience in regulated sectors (healthcare, SaaS, AI).
* CISSP or CISM.