A leading professional services organisation is looking for an Information Security Officer with strong governance, risk, and compliance experience. This is a standalone role with real ownership — ideal for someone ready to step up and shape a growing security function.
The Role
*Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2)
*Lead gap analysis and audit readiness
*Own the security risk register and drive mitigation
*Develop policies, standards, and procedures
*Support ISO 22301/business continuity
*Coordinate internal/external audits and evidence gathering
*Manage vendor risk and customer due-diligence requests
*Provide independent governance oversight (separate from IT Ops)
About You
*Strong experience with ISO 27001 (Annex 8), CE+, and risk management
*Background in audits, incident response, and governance documentation
*Confident working with Compliance, IT, and external partners
*Able to own initiatives and work independently
*Pragmatic, collaborative, and business-minded
Why Apply?
*High visibility and autonomy
*Opportunity to shape security governance during transformation
*Supportive, flexible culture
*Clear progression for someone wanting more ownership
If this sounds like the right next step for you, please send your CV to Andy Dale at Arcas.