Cybersecurity Governance, Risk, and Compliance Consultant

Cybersecurity Governance, Risk, and Compliance Consultant - ISO27001 - Yorkshire - Remote Opportunity | Full-Time Overview: Are you passionate about cybersecurity and governance? Do you thrive in a dynamic, client-facing environment where you can make a real impact? We’re looking for a Governance, Risk, and Compliance Consultant to join our clients team and help organizations navigate the complex world of information security, compliance, and risk management. This is a fully remote role, offering you the flexibility to work from anywhere while delivering top-notch consultancy services to our diverse client base. If you’re ready to take your expertise to the next level and work with a team that values innovation and excellence, we want to hear from you! As a Governance, Risk, and Compliance Consultant, you will: Deliver Excellence: Manage and deliver client projects on time and to a high standard, ensuring a seamless experience for our customers. Consult and Advise: Conduct assessments and reviews for ISO27001 (Information Security Management) and ISO22301 (Business Continuity Management). Provide expert advice on compliance standards such as PCI-DSS, Cyber Essentials, and more. Policy Development: Create, review, and update information security policies to align with business and regulatory requirements. Technical Expertise: Translate information security requirements into actionable IT security controls and measures. Stay Ahead: Keep up-to-date with the latest regulations, standards, and best practices in cybersecurity and compliance. Client Engagement: Participate in scoping calls, client meetings, and ongoing project management to ensure client satisfaction. Incident Response Planning: Assist clients in developing robust Cyber Security Incident Response Plans (CSIRP). We’re looking for someone with: CISM, CISSP, or equivalent certifications. ISO27001 and ISO22301 Lead Auditor/Implementor certifications. Knowledge of Cyber Essentials/Cyber Essentials Plus. Familiarity with PCI DSS and ISO31000 (preferred). Experience: Proven track record in delivering governance, risk, and compliance services. Expertise in information security management and business continuity frameworks. Experience working with industry standards such as NIST, CIS, and NCSC. Strong communication skills with the ability to engage clients at all levels, including C-suite executives. Skills: Attention to detail and a knack for aligning security policies with business needs. Ability to translate complex security requirements into practical solutions. A proactive approach to staying informed about emerging security technologies and trends. Here’s what a typical day might look like: Start your day with a virtual team meeting to discuss ongoing projects and share insights. Conduct a remote ISO27001 assessment for a client, identifying areas for improvement. Draft or review an information security policy tailored to a client’s unique needs. Participate in a scoping call with a new client to understand their compliance requirements. Research the latest updates in cybersecurity regulations to ensure your advice is cutting-edge. Wrap up the day by preparing a detailed report for a client, summarizing your findings and recommendations. Curious? We're available anytime to talk through the finer details, in the words of the four topsreach out!

Location: Manchester,, GB

Posted Date: 11/6/2025