Overview
We are looking for an experienced Information Technology Governance Manager to join a regulated SaaS organisation as a contract Information Security Compliance & Assurance Consultant. This role focuses on leading the delivery of SOC 2 audits and ISO 27001 certifications, working collaboratively with various stakeholders to enhance compliance and security governance. The consultant will play a critical role in ensuring audit readiness while contributing to the overall security strategy of the organisation.
Responsibilities
- Lead the end-to-end preparation and delivery of SOC 2 audits.
- Manage ISO 27001 certification and surveillance activities.
- Assess and mature security controls against relevant frameworks.
- Conduct control gap assessments and coordinate remediation plans.
- Develop and maintain information security policies and procedures.
- Coordinate audit evidence gathering across business functions.
- Monitor and track remediation activities, ensuring timely closure of findings.
- Provide executive-level reporting on audit readiness and compliance posture.
Requirements
- Proven experience delivering successful SOC 2 Type II audits.
- Strong practical experience with ISO 27001 implementation and certification audits.
- Background in Information Security, Governance, Risk & Compliance (GRC).
- Experience in regulated environments such as SaaS or FinTech.
- Strong understanding of information security controls and risk management.
- Experience managing audit engagements with external auditors.
- Excellent stakeholder management and communication skills.
- Ability to drive remediation programmes across technical and business teams.