ISO 27001 / SOC 2 / Essential Eight / Privacy
Worldwide
Senior Compliance & Certification Readiness Lead (ISO 27001 | SOC 2 | Essential Eight | Privacy) We are seeking a senior compliance, governance, risk and assurance professional to lead end-to-end certification readiness engagements across ISO 27001, SOC 2, Essential Eight, Privacy and related regulatory frameworks. This is not a policy-writing or administrative compliance role. We are looking for a proven operator who has personally led complex certification and audit-readiness programmes from initial scoping through to certification, auditor engagement, remediation and ongoing assurance. You will lead engagements for SaaS, technology, healthtech, fintech and other regulated organisations seeking to strengthen their security, compliance and assurance capabilities. The primary objective is not document production. The objective is to design and implement sustainable control environments, governance frameworks and evidence systems capable of withstanding external audit scrutiny while supporting long-term compliance maturity. Key Responsibilities You will own the complete delivery lifecycle, including: 1. Engagement scoping, certification boundary definition and implementation planning. 2. ISO 27001 and SOC 2 gap assessments and current-state reviews. 3. Risk assessments, treatment plans and Statement of Applicability development. 4. Design and implementation of governance, risk and compliance frameworks. 5. Development and quality assurance of policies, procedures and control documentation. 6. Audit readiness preparation, evidence management and certification support. 7. Executive reporting, stakeholder management and remediation oversight. 8. Ongoing assurance, surveillance and continuous improvement activities. You will be expected to distinguish between documented controls, partially operating controls and genuinely audit-ready environments. Technical & Advisory Capability The successful candidate will possess strong practical experience across: 1. ISO/IEC 27001:2022 implementation and certification readiness. 2. SOC 2 readiness and auditor coordination. 3. ASD Essential Eight assessments and uplift programmes. 4. Privacy governance and Australian Privacy Principles. 5. Risk management, control design and evidence-based assurance. 6. Cloud security environments including AWS, Azure and GCP. 7. Identity and access management, logging, monitoring, vulnerability management and secure development practices. 8. Compliance automation platforms such as Vanta, Drata, Sprinto, Thoropass, OneTrust or AuditBoard. You must be capable of engaging credibly with CTOs, engineering leaders, auditors, executives and board-level stakeholders. Experience Required Applicants should demonstrate: * 6+ years' experience in information security, GRC, assurance, compliance or risk advisory. * Proven experience leading ISO 27001 implementations through certification. * Strong SOC 2 readiness experience. * Direct engagement with auditors, certification bodies or CPA firms. * Experience in highly regulated or audit-intensive environments. * Strong executive communication and consulting skills. * Ability to operate independently and lead complex engagements end-to-end. Experience within healthtech, medtech, fintech, payments or SaaS sectors is highly regarded. ## Preferred Certifications Relevant certifications may include: ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISSP, CISM, CRISC, CISA, privacy certifications (CIPP/CIPM/CIPT), cloud security certifications and related assurance credentials. ## Engagement Model This is a senior-level, client-facing delivery role. We are seeking a trusted practitioner who can independently lead high-stakes, audit-facing compliance programmes and consistently deliver certification-ready outcomes for clients operating in demanding regulatory environments.
- More than 30 hrs/weekHourly
- 6+ monthsDuration
- ExpertExperience Level
$25.00
-
$100.00
Hourly- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:20 to 50
- Last viewed by client:3 weeks ago
- Interviewing:0
- Invites sent:0
- Unanswered invites:0
About the client
- AUSMelbourne5:17 PM
- $2.6K total spent15 hires, 3 active
- 210 hours
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by