ISO 27001 / SOC 2 / Essential Eight / Privacy

Posted 3 weeks ago

Worldwide

Summary

Senior Compliance & Certification Readiness Lead (ISO 27001 | SOC 2 | Essential Eight | Privacy) We are seeking a senior compliance, governance, risk and assurance professional to lead end-to-end certification readiness engagements across ISO 27001, SOC 2, Essential Eight, Privacy and related regulatory frameworks. This is not a policy-writing or administrative compliance role. We are looking for a proven operator who has personally led complex certification and audit-readiness programmes from initial scoping through to certification, auditor engagement, remediation and ongoing assurance. You will lead engagements for SaaS, technology, healthtech, fintech and other regulated organisations seeking to strengthen their security, compliance and assurance capabilities. The primary objective is not document production. The objective is to design and implement sustainable control environments, governance frameworks and evidence systems capable of withstanding external audit scrutiny while supporting long-term compliance maturity. Key Responsibilities You will own the complete delivery lifecycle, including: 1. Engagement scoping, certification boundary definition and implementation planning. 2. ISO 27001 and SOC 2 gap assessments and current-state reviews. 3. Risk assessments, treatment plans and Statement of Applicability development. 4. Design and implementation of governance, risk and compliance frameworks. 5. Development and quality assurance of policies, procedures and control documentation. 6. Audit readiness preparation, evidence management and certification support. 7. Executive reporting, stakeholder management and remediation oversight. 8. Ongoing assurance, surveillance and continuous improvement activities. You will be expected to distinguish between documented controls, partially operating controls and genuinely audit-ready environments. Technical & Advisory Capability The successful candidate will possess strong practical experience across: 1. ISO/IEC 27001:2022 implementation and certification readiness. 2. SOC 2 readiness and auditor coordination. 3. ASD Essential Eight assessments and uplift programmes. 4. Privacy governance and Australian Privacy Principles. 5. Risk management, control design and evidence-based assurance. 6. Cloud security environments including AWS, Azure and GCP. 7. Identity and access management, logging, monitoring, vulnerability management and secure development practices. 8. Compliance automation platforms such as Vanta, Drata, Sprinto, Thoropass, OneTrust or AuditBoard. You must be capable of engaging credibly with CTOs, engineering leaders, auditors, executives and board-level stakeholders. Experience Required Applicants should demonstrate: * 6+ years' experience in information security, GRC, assurance, compliance or risk advisory. * Proven experience leading ISO 27001 implementations through certification. * Strong SOC 2 readiness experience. * Direct engagement with auditors, certification bodies or CPA firms. * Experience in highly regulated or audit-intensive environments. * Strong executive communication and consulting skills. * Ability to operate independently and lead complex engagements end-to-end. Experience within healthtech, medtech, fintech, payments or SaaS sectors is highly regarded. ## Preferred Certifications Relevant certifications may include: ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISSP, CISM, CRISC, CISA, privacy certifications (CIPP/CIPM/CIPT), cloud security certifications and related assurance credentials. ## Engagement Model This is a senior-level, client-facing delivery role. We are seeking a trusted practitioner who can independently lead high-stakes, audit-facing compliance programmes and consistently deliver certification-ready outcomes for clients operating in demanding regulatory environments.

  • More than 30 hrs/week
    Hourly
  • 6+ months
    Duration
  • Expert
    Experience Level
  • $25.00

    -

    $100.00

    Hourly
  • Remote Job
  • Ongoing project
    Project Type
Skills and Expertise
Mandatory skills
ISO 27001
Regulatory Compliance
Activity on this job
  • Proposals:20 to 50
  • Last viewed by client:3 weeks ago
  • Interviewing:
    0
  • Invites sent:
    0
  • Unanswered invites:
    0
About the client
Member since Jan 27, 2025
  • AUS
    Melbourne5:17 PM
  • $2.6K total spent
    15 hires, 3 active
  • 210 hours

Explore similar jobs on Upwork

Regulatory Compliance
Retail & Consumer Goods
Logistics Management
Compliance
Applied Epic and CSR24 Training SpecialistHourly‐ Posted 4 weeks ago
Graphic Design
Microsoft Word
Content Writing
Elearning

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo