IT Security Officer Governance & Compliance

A leading professional services organisation is looking for an Information Security Officer with strong governance, risk, and compliance experience. This is a standalone role with real ownership - ideal for someone ready to step up and shape a growing security function.

The Role

• Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2)
• Lead gap analysis and audit readiness
• Own the security risk register and drive mitigation
• Develop policies, standards, and procedures
• Support ISO 22301/business continuity
• Coordinate internal/external audits and evidence gathering
• Manage vendor risk and customer due-diligence requests
• Provide independent governance oversight (separate from IT Ops)

About You

• Strong experience with ISO 27001 (Annex 8), CE+, and risk management
• Background in audits, incident response, and governance documentation
• Confident working with Compliance, IT, and external partners
• Able to own initiatives and work independently
• Pragmatic, collaborative, and business-minded

Why Apply?

• High visibility and autonomy
• Opportunity to shape security governance during transformation
• Supportive, flexible culture
• Clear progression for someone wanting more ownership

If this sounds like the right next step for you, please send your CV to Andy Dale at Arcas.