Information Security Lead Location: Hybrid (Borehamwood) Salary: £70,000 - £80,000 Contract Type: 5 Month FTC Are you passionate about cybersecurity and looking to take your career to the next level? We are seeking an experienced Information Security Lead to play a key role in shaping and evolving our IT Security Framework within a fast-paced, innovative organization. This is a pivotal position where you'll oversee our cybersecurity program, lead ISO 27001 accreditation efforts, and ensure compliance with security governance, risk, and compliance requirements. You'll collaborate with internal and external stakeholders, act as a Subject Matter Expert (SME), and drive impactful initiatives that enhance our overall security posture. Key Responsibilities Cybersecurity Program Coordination Manage the day-to-day execution of the cybersecurity program, working closely with teams across IT and Security. Conduct IT Security Maturity evaluations and track the organization's security posture. Ensure security policies, procedures, and standards are up-to-date, enforced, and effectively communicated across the organization. ISO 27001 Accreditation & Maintenance Lead ISO 27001 certification efforts, implementing ISMS controls, conducting reviews, and supporting audits. Maintain compliance through continuous improvement and post-accreditation activities. Vendor and Third-Party Security Conduct security audits and assessments of third-party vendors. Collaborate with procurement and legal teams to manage vendor risks and review security clauses in contracts. Stakeholder Engagement Act as the primary liaison for internal and external auditors on security-related matters. Reporting and Documentation Deliver detailed reports on security activities, program progress, audit findings, and vendor assessments. Risk Management Identify, analyze, and document cybersecurity risks while maintaining updated risk logs. Develop actionable risk mitigation plans and oversee their implementation. Awareness and Training Lead targeted security awareness training campaigns tailored to organizational needs. Cross-Functional Support Provide consultation to Application Security and SecOps teams and offer role coverage as needed. Support the CISO in aligning security initiatives with business objectives. What We're Looking For Essential Skills and Experience Strong expertise in security frameworks and standards, such as ISO 27001 and NIST. Proven hands-on experience with ISO 27001 accreditation and compliance maintenance. Solid understanding of cloud security principles, especially in Azure environments. Experience leading cybersecurity programs across diverse teams. Excellent stakeholder management, interpersonal, and influencing skills. Comprehensive knowledge of security governance, risk, and compliance (GRC), including supplier and third-party assurance. Desirable Skills and Experience Experience designing and implementing security management systems. Knowledge of privacy regulations and frameworks. Background in risk management and running security awareness campaigns. Qualifications Essential Security-related degree or equivalent professional certifications (e.g., ISO 27001 Lead Implementer/Auditor, CISSP, CISA, CISM, CEH, OSCP). Minimum of 3 years' experience in a security-related role. Strong understanding of NIST CSF, ISO 27001:2022, and Security GRC best practices. Proficiency in cloud security principles and controls. Desirable Advanced certifications in cloud security (e.g., Microsoft Azure, E5 Security Suite). Experience in technical cloud security configuration and optimization. Relevant qualifications in risk management. Why Join Us? Opportunity to shape security strategies and drive impactful initiatives. Work in a forward-thinking organization with a dynamic and collaborative environment. Develop your career alongside industry experts. If you're ready to lead, innovate, and make a difference in the field of cybersecurity, we'd love to hear from you. Apply Now and join us on our journey to building a secure and resilient IT environment