Information Security Governance, Risk and Compliance Specialist (ISO 27001)

TL;DR

Information Security Governance, Risk and Compliance Specialist (ISO 27001): Managing security compliance, vendor risk, and client security requirements with an accent on ISO 27001 certification and security posture maintenance. Focus on developing security policies, managing trust portals, and driving a security-conscious culture across the business.

Location: Hybrid (London, UK) – 2 days per week in office

Company

hirify.global is a global data company providing comprehensive consumer and audience insights.

What you will do

• Own and maintain ISO 27001 certification and ensure compliance across relevant security frameworks.
• Develop, implement, and maintain information security policies and procedures aligned with industry best practices.
• Lead vendor risk management and respond to client security assessments and questionnaires.
• Build and maintain the security trust portal using tools such as Drata or Vanta.
• Drive security awareness across the company through training programs and internal communications.

Requirements

• 3–5 years of experience in an information security compliance role.
• Practical experience obtaining and maintaining ISO 27001 certification and knowledge of NIST frameworks.
• Proven ability to develop security policies and conduct vendor security assessments.
• Hands-on experience with security trust portals (Drata, Vanta is a plus).
• Knowledge of SaaS and AI environments and cloud security best practices.
• Must be based in London, UK to meet the hybrid office requirement.

Culture & Benefits

• 25 days annual leave plus office closures during holidays.
• Health cash plan, enhanced family benefits, and mental health support.
• Competitive salary with 4% pension matching and recognition programs.
• Flexitime, early Friday finishes, and a dedicated work-from-home budget.
• Accredited learning, leadership development, and global career mobility opportunities.