Associate ISO 27001 Lead Implementer and Lead Auditor (UK, Remote)

Intelance is a UK consulting firm serving mid-market and enterprise clients across financial services healthcare SaaS and private equity-backed businesses. We are an IASME Certification Body across Cyber Essentials Cyber Essentials Plus and IASME Cyber Assurance with a growing ISO 27001 implementation and audit book.

We are building a selective associate panel of senior ISO 27001 practitioners. This is a long-term associate relationship not an employment role. We want a small group of serious operators who can take a client from kick-off to certification without hand-holding and who treat an Information Security Management System as a business instrument not a paperwork exercise.

Tasks

• Lead ISO 27001:2022 implementation engagements end-to-end: scoping gap analysis risk assessment and treatment Statement of Applicability policy architecture control design internal audit management review and support through Stage 1 and Stage 2 external audits.
• Design ISMS scopes that are commercially sensible and defensible not bloated.
• Build risk registers and Statements of Applicability that hold up under scrutiny from UKAS-accredited certification bodies.
• Author and tailor policies procedures and records aligned to Annex A 2022 controls. No generic templates dropped on clients.
• Run internal audits and management reviews that generate real findings not theatre.
• Coach client ISMS owners and control owners so the system survives after handover.
• Support clients through external audit including responding to non-conformities and observations.
• Where capacity and interest align extend into IASME Cyber Assurance NIST CSF SOC 2 readiness and supplier assurance work.
• Contribute to Intelance delivery standards templates and calibration sessions.

Requirements

• ISO 27001 Lead Implementer and Lead Auditor certifications both preferred. One is the minimum bar.
• Minimum five years hands-on ISO 27001 delivery in the UK or European market.
• Personally led at least five ISO 27001 implementations to first certification or conducted at least twenty ISO 27001 audits.
• Fluent in the 2022 transition Annex A control set and the practical differences from the 2013 version.
• Confident authoring a defensible Statement of Applicability in under a week for a typical mid-market client.
• Strong commercial judgement on scope control proportionality and residual risk.
• Excellent written English. Documents must be board-ready and auditor-ready without heavy editing.
• Confident operating with CISOs CTOs COOs and private equity sponsors.
• Based in the UK with the right to work in the UK.
• Able to operate outside IR35 via a limited company or on a compliant basis.
• Willing to be listed publicly as an Associate of Intelance including on LinkedIn while on the panel.

Desirable:

• IASME Cyber Assurance Cyber Essentials Plus NIST CSF or SOC 2 experience.
• CISSP CISM or ISO 22301 credentials.
• Sector depth in regulated industries: financial services healthcare legal defence supply chain SaaS.
• Experience inside private equity portfolio environments and 100-day security plans.

Benefits

• Competitive day rate paid on 14-day terms.
• Right of first refusal on engagements matched to your sector and availability.
• Named inclusion on the Intelance Cyber Assurance panel page and on proposal credentials.
• Referral fee of up to 10 percent of net first-year fees for associate-originated client work.
• Direct access to delivery leadership. No layers no sub-sub-contracting.
• Mature templates tooling and a quality framework so your time goes into judgement not formatting.
• Quarterly calibration workshops and co-branded continuing professional development.
• A professional home for senior practitioners who want steady well-run work without the politics of a consultancy payroll.

We are deliberately selective. We would rather run a tight panel of five excellent practitioners than a directory of twenty average ones. If you take pride in ISMS work that actually protects a business and passes audit cleanly we want to meet you.

Process: short application 30-minute virtual assessment 30-minute screen with our Cyber Assurance lead a technical scenario walkthrough based on a real client situation two references and a signed Associate Panel Agreement. From application to panel membership in under three weeks for the right candidates.