We are seeking a Information Management Consultant!

Responsibilities

• Own and drive ISO 27001 and SOC 2 compliance activities end-to-end: gap assessments, control implementation, evidence collection, and audit readiness
• Maintain the Information Security Management System (ISMS): policies, risk register, treatment plans, and control documentation
• Lead internal audits and management reviews; prepare the team and evidence base for external certification and surveillance audits
• Serve as the primary point of contact for external auditors and certification bodies: managing scope, scheduling, walkthroughs, and findings responses
• Coordinate with developers, DevOps, and product teams to ensure security controls are implemented and verifiable in the Azure-hosted SaaS environment
• Triage and track SAST/DAST findings and vulnerability reports; drive remediation to closure with the engineering team
• Monitor and r...