Serious Control Expert

Job Title : Serious Control Expert (ISO 27001) – 6-Month Contract

Company Overview

We are a fast-growing compliance and security-focused organization supporting innovative, high-growth technology companies. Our mission is to help startups and scale-ups implement security frameworks that genuinely work in the real world balancing strong information security with commercial practicality. We pride ourselves on being pragmatic, collaborative, and deeply knowledgeable in what we do.

Job Summary

This is a 6-month contract role for a highly skilled ISO 27001 specialist.

The Serious Control Expert (ISO 27001) is a technical specialist responsible for ensuring that ISO 27001 implementations are robust, audit-ready, and genuinely effective. Working closely with Delivery Managers, this role focuses on deep technical execution rather than project ownership or client account management.

You will act as the subject-matter expert on ISO 27001 reviewing controls, conducting internal audits, guiding customers through complex security requirements, and ensuring they are fully prepared for external certification audits.

Key Responsibilities

• Serve as the technical authority on ISO 27001 across multiple customer implementations
• Review and validate Statements of Applicability (SoA) in detail
• Work through individual Annex A controls with customers to ensure accurate implementation
• Provide clear, practical guidance on control design tailored to startup environments
• Conduct thorough internal ISO 27001 audits prior to external certification
• Identify gaps and weaknesses that could lead to audit non-conformities
• Support customers in remediating issues ahead of certification audits
• Review risk assessments and ensure controls align with identified risks
• Balance security requirements with commercial and operational realities
• Create clear, concise policies and procedures written in plain English
• Manage workload independently across multiple concurrent projects
• Share ISO 27001 knowledge and best practices with internal teams
• Contribute to improving and standardizing internal technical approaches

Required Qualifications

• 3–5 years of hands-on experience implementing ISO 27001
• Proven experience conducting internal or external ISO 27001 audits
• Strong technical information security knowledge beyond compliance theory
• Ability to work pragmatically within fast-growing startup environments
• Excellent written and verbal communication skills with non-technical stakeholders
• Strong attention to detail with a focus on real security outcomes
• Ability to work independently without constant supervision
• Prior experience working with or within startup or scale-up organizations

Preferred Skills

• ISO 27001 Lead Auditor or Lead Implementer certification
• Experience with additional frameworks such as SOC 2 or Cyber Essentials
• Broader technical background beyond GRC
• Certifications such as CISSP, CISA, or equivalent.

Work Schedule

Monday to Friday — 08:00 AM to 17:00 PM GMT (13:30 to 22:30 IST)

Pay & Benefits

Monthly: 85,000 - 1,10,000