×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior ISO ISMS Lead; Governance & Audits

Job in Birmingham, West Midlands, B1, England, UK
Listing for: Gateley
Full Time position
Listed on 2026-05-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 GBP Yearly GBP 125000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Senior ISO 27001 ISMS Lead (Governance & Audits)

We are looking to appoint a senior role to lead both the implementation and ongoing management of our ISO 27001 accreditation.

This role will play a key part in designing and embedding the management system, before taking full ownership of its day‑to‑day operation, governance, and continuous improvement. Working closely with IT, Professional Standards and teams across the business, the role will ensure controls are robust, risks are effectively managed, and audit requirements are consistently met.

There will be a significant focus on implementation in the initial phase, transitioning into long‑term ownership of the standard. This includes driving compliance, leading audit activities, overseeing risk management, and delivering clear reporting, alongside embedding a culture of information security across the organisation.

Candidates must have strong working knowledge of ISO 27001 and demonstrable experience in implementing and managing compliant information security management systems.

You will develop a strong understanding of Gateley’s ISO 27001 accreditation and play a central role in both its implementation and ongoing management.

Key Responsibilities
  • Leading the implementation, embedding and ongoing management of the ISO 27001 Information Security Management System (ISMS)
  • Managing, maintaining and continuously improving ISO 27001 certification, ensuring ongoing compliance with the standard
  • Owning and developing the firm’s ISO 27001 documentation, ensuring policies, procedures, records and controls are robust, up to date and effectively managed
  • Leading internal audit activity, including planning, execution, reporting and ensuring timely closure of actions, with clear updates to senior stakeholders
  • Preparing for and managing external audits, acting as the primary point of contact for assessors and coordinating internal stakeholders
  • Chairing and supporting governance forums, including preparing agendas, papers, and tracking actions through to completion
  • Providing expert guidance to teams across the business on ISO 27001 and information security requirements, ensuring controls are understood and consistently applied
  • Driving awareness and engagement across the organisation to embed a strong information security culture
  • Managing client and supplier assurance activity, including responding to ISO 27001 security questionnaires and due diligence requests
  • Working closely with IT, Professional Standards, Risk, HR and Operations to ensure controls are effectively embedded and operating as intended
  • Leading the implementation and ongoing oversight of the ISO 27001 risk management framework and associated documentation
  • Driving risk identification, assessment, treatment and monitoring activities across the business
  • Working closely with risk owners to ensure risk registers, incident logs and supporting records are accurate, up to date and effectively managed
  • Facilitating regular risk reviews and ensuring timely progression of mitigation and improvement actions
Quality & Continuous Improvement
  • Championing high standards of governance, documentation and control effectiveness across the ISMS
  • Identifying and driving opportunities to strengthen processes, controls and ways of working
  • Embedding a culture of continuous improvement across information security practices, aligned to ISO 27001 requirements
  • This role will take a leading position in both the implementation and subsequent ownership of ISO 27001, with a strong focus on embedding sustainable controls, maintaining compliance, and driving ongoing improvement across the organisation.
Team

At Gateley Plc, our IT department is a dynamic and collaborative environment where innovation thrives. Over recent years, we have expanded our team to include over 60 professionals who are dedicated to driving technological excellence and delivering innovative solutions. Our diverse team is structured across several key areas: IT Service, Infrastructure, Architecture, Security, Change Management, Engineering, Innovation and Client Solutions.

Person

Candidates will be able to demonstrate the following attributes:

  • Strong working knowledge of ISO 27001, with demonstrable experience implementing and…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search