Associate ISO 27001 Lead Implementer and Lead Auditor (UK, Remote)

Associate ISO 27001 Lead Implementer and Lead Auditor (UK, Remote)

Posted Today by Intelance

Apply
£900 Per day
Outside
Remote
United Kingdom
Apply
Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Conditional Formatting Convergent Technologies Operating Systems Equity and Debt External Auditing Financial Services Gap Analysis Geostationary Operational Environmental Satellite Information Security Management Information Security Management Systems Internal Auditing ITIL Security Management Management Management Systems Private Equity Software as a Service (SaaS) Templates Written English

Summary: The role of Associate ISO 27001 Lead Implementer and Lead Auditor at Intelance involves leading end-to-end ISO 27001 implementation engagements for clients in various sectors, ensuring that Information Security Management Systems are treated as business instruments. The position requires a high level of expertise in ISO 27001, with responsibilities including risk assessments, policy authoring, and supporting clients through audits. This is a long-term associate relationship, emphasizing independence and a selective panel of experienced practitioners. Candidates must possess significant hands-on experience and relevant certifications to qualify for this role.

Key Responsibilities:

  • Lead ISO 27001:2022 implementation engagements end-to-end, including scoping, gap analysis, risk assessment, and treatment.
  • Design commercially sensible ISMS scopes and build defensible risk registers and Statements of Applicability.
  • Author and tailor policies, procedures, and records aligned to Annex A 2022 controls.
  • Run internal audits and management reviews that generate actionable findings.
  • Coach client ISMS owners and control owners for system sustainability post-handover.
  • Support clients through external audits, addressing non-conformities and observations.
  • Extend into IASME Cyber Assurance, NIST CSF, SOC 2 readiness, and supplier assurance work as capacity allows.
  • Contribute to Intelance delivery standards, templates, and calibration sessions.

Key Skills:

  • ISO 27001 Lead Implementer and Lead Auditor certifications (preferred).
  • Minimum five years of hands-on ISO 27001 delivery experience in the UK or European market.
  • Experience leading at least five ISO 27001 implementations to first certification or conducting at least twenty ISO 27001 audits.
  • Fluency in the 2022 transition and Annex A control set.
  • Strong commercial judgement on scope, control proportionality, and residual risk.
  • Excellent written English, with documents being board-ready and auditor-ready.
  • Ability to operate confidently with CISOs, CTOs, COOs, and private equity sponsors.
  • Willingness to be publicly listed as an Associate of Intelance.
  • Desirable experience in IASME Cyber Assurance, Cyber Essentials Plus, NIST CSF, or SOC 2.
  • Credentials such as CISSP, CISM, or ISO 22301.
  • Sector depth in regulated industries like financial services, healthcare, and SaaS.

Salary (Rate): £900.00/daily

City: undetermined

Country: United Kingdom

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Intelance is a UK consulting firm serving mid-market and enterprise clients across financial services, healthcare, SaaS, and private equity-backed businesses. We are an IASME Certification Body across Cyber Essentials, Cyber Essentials Plus, and IASME Cyber Assurance, with a growing ISO 27001 implementation and audit book. We are building a selective associate panel of senior ISO 27001 practitioners. This is a long-term associate relationship, not an employment role. We want a small group of serious operators who can take a client from kick-off to certification without hand-holding, and who treat an Information Security Management System as a business instrument, not a paperwork exercise.

Tasks

  • Lead ISO 27001:2022 implementation engagements end-to-end: scoping, gap analysis, risk assessment and treatment, Statement of Applicability, policy architecture, control design, internal audit, management review, and support through Stage 1 and Stage 2 external audits.
  • Design ISMS scopes that are commercially sensible and defensible, not bloated.
  • Build risk registers and Statements of Applicability that hold up under scrutiny from UKAS-accredited certification bodies.
  • Author and tailor policies, procedures, and records aligned to Annex A 2022 controls. No generic templates dropped on clients.
  • Run internal audits and management reviews that generate real findings, not theatre.
  • Coach client ISMS owners and control owners so the system survives after handover.
  • Support clients through external audit, including responding to non-conformities and observations.
  • Where capacity and interest align, extend into IASME Cyber Assurance, NIST CSF, SOC 2 readiness, and supplier assurance work.
  • Contribute to Intelance delivery standards, templates, and calibration sessions.

Requirements

  • ISO 27001 Lead Implementer and Lead Auditor certifications, both preferred. One is the minimum bar.
  • Minimum five years hands-on ISO 27001 delivery in the UK or European market.
  • Personally led at least five ISO 27001 implementations to first certification, or conducted at least twenty ISO 27001 audits.
  • Fluent in the 2022 transition, Annex A control set, and the practical differences from the 2013 version.
  • Confident authoring a defensible Statement of Applicability in under a week for a typical mid-market client.
  • Strong commercial judgement on scope, control proportionality, and residual risk.
  • Excellent written English. Documents must be board-ready and auditor-ready without heavy editing.
  • Confident operating with CISOs, CTOs, COOs, and private equity sponsors.
  • Based in the UK with the right to work in the UK.
  • Able to operate outside IR35 via a limited company, or on a compliant basis.
  • Willing to be listed publicly as an Associate of Intelance, including on LinkedIn, while on the panel.

Desirable:

  • IASME Cyber Assurance, Cyber Essentials Plus, NIST CSF, or SOC 2 experience.
  • CISSP, CISM, or ISO 22301 credentials.
  • Sector depth in regulated industries: financial services, healthcare, legal, defence supply chain, SaaS.
  • Experience inside private equity portfolio environments and 100-day security plans.

Benefits

  • Competitive day rate, paid on 14-day terms.
  • Right of first refusal on engagements matched to your sector and availability.
  • Named inclusion on the Intelance Cyber Assurance panel page and on proposal credentials.
  • Referral fee of up to 10 percent of net first-year fees for associate-originated client work.
  • Direct access to delivery leadership. No layers, no sub-sub-contracting.
  • Mature templates, tooling, and a quality framework so your time goes into judgement, not formatting.
  • Quarterly calibration workshops and co-branded continuing professional development.
  • A professional home for senior practitioners who want steady, well-run work without the politics of a consultancy payroll.

We are deliberately selective. We would rather run a tight panel of five excellent practitioners than a directory of twenty average ones. If you take pride in ISMS work that actually protects a business and passes audit cleanly, we want to meet you.

Process: short application, 30-minute virtual assessment, 30-minute screen with our Cyber Assurance lead, a technical scenario walkthrough based on a real client situation, two references, and a signed Associate Panel Agreement. From application to panel membership in under three weeks for the right candidates.

Apply
Similar Jobs
Loading data...