Job Title: Senior ISO ConsultantRole Overview
We are seeking an experienced ISO implementation specialist to lead the design, implementation and certification of an Integrated Management System aligned to UKAS-accredited standards.
The consultant will be responsible for delivering certification readiness and supporting external audit for the following standards:
ISO/IEC 27001 Information Security Management
ISO 22301 Business Continuity Management
ISO 9001 Quality Management
ISO 14001 Environmental Management
ISO/IEC 20000-1 IT Service Management
The role requires a hands-on practitioner capable of translating operational practices into compliant governance frameworks suitable for public-sector and regulated environments.
This is not a documentation-only role the consultant must work closely with engineering, delivery, support, HR and leadership teams to embed operational processes.
Requirements
Key ResponsibilitiesProgramme Ownership
- Conduct organisational gap assessment across all standards
- Design integrated management system (IMS) architecture
- Define implementation roadmap and certification strategy
- Align standards to a single unified policy and control framework
- Prepare organisation for UKAS accredited external audits
ISO 27001 (Primary)
- Risk assessment and treatment methodology
- Asset inventory and classification framework
- Access control and identity governance
- Supplier security controls
- Secure development lifecycle
- Incident response procedures
- Security awareness programme
ISO 20000-1
- IT service management lifecycle design
- Incident, problem and change management processes
- SLA and service reporting framework
- Configuration and release management governance
- Service desk operational procedures
ISO 22301
- Business Impact Analysis (BIA)
- Disaster recovery and continuity planning
- Crisis management framework
- Testing and simulation exercises
ISO 9001
- Process ownership model
- Quality metrics and continual improvement
- Audit and corrective action management
- Document lifecycle governance
ISO 14001
- Environmental impact register
- Supplier and operational environmental controls
- Sustainability objectives and monitoring
Audit & Certification
- Prepare Stage 1 and Stage 2 audit readiness
- Conduct internal audits
- Manage non-conformities and remediation
- Support certification body interactions
- Achieve certification
Deliverables
- Integrated Management System (single framework for all standards)
- Policies, procedures and control library
- Risk registers and compliance records
- Internal audit programme
- Evidence repositories
- Staff awareness training
- Successful certification audits
Required Experience
- 7+ years implementing ISO standards in technology organisations
- Demonstrated successful certification delivery (not advisory only)
- Experience with UKAS-accredited certification bodies
- Experience with SaaS / cloud / software engineering companies
- Strong understanding of IT operations and service delivery
Mandatory Skills
- ISO/IEC 27001 implementation leadership
- Multi-standard integrated management systems
- Risk management methodologies
- Audit preparation and remediation
- Documentation and operational alignment
- Stakeholder facilitation across technical teams
Preferred Certifications
- ISO 27001 Lead Implementer or Lead Auditor
- ISO 20000 Lead Auditor / Implementer
- ISO 22301 Implementer
- ITIL Foundation or above
Success Criteria
- Within the engagement period the consultant is expected to:
- Establish operational governance framework
- Train internal stakeholders
- Conduct internal audits
- Achieve certification for agreed standards
- Enable internal team to maintain compliance post-engagement
Soft Skills
- Able to work with engineering and delivery teams
- Pragmatic and implementation-focused
- Strong documentation clarity
- Comfortable interacting with senior leadership
- Experience working with international teams
