Contact Us

Information Security Consultant

For financial institutions, retail chains, e-commerce,
governments, tech companies, and well, everyone
else for that matter.

Contact Us

Information Security Consultant – Governance, Risk, Compliance and Resilience

Key Responsibilities 

Governance, Risk and Compliance 

  • Lead or support the implementation, maintenance and internal auditing of client Information Security Management Systems (ISMS) aligned to ISO/IEC 27001:2022. 
  • Assist clients in developing security policies, standards and procedures covering all core domains. 
  • Conduct maturity assessments against ISO 27001, NIST CSF, CIS Controls, DSPT, and other recognised frameworks. 
  • Deliver GDPR compliance assessments, support the completion of DPIAs, ROPAs, and advise on privacy-related control gaps. 

Risk Management 

  • Facilitate risk assessments, threat identification, and risk treatment planning, including development of security risk registers. 
  • Advise on appropriate control selection aligned to business context, risk tolerance and regulatory obligations. 
  • Support clients in establishing ongoing risk governance, including risk committees, management reporting and oversight processes. 

Audit, Assurance and Certification 

  • Prepare organisations for external certification audits (ISO 27001, ISO 22301, DSPT). 
  • Perform internal audits and readiness assessments, identifying non-conformities, observations and improvement actions. 
  • Produce well-structured audit reports, dashboards and action plans for senior management. 

Incident Management & Business Continuity 

  • Support clients in tabletop exercises, and resilience planning activities. 
  • Advise on alignment to ISO 22301, DORA, NIS2, and sector-specific resilience requirements. 

Client Delivery & Consultancy 

  • Act as a trusted advisor to client leadership, translating technical issues into clear, business-focused recommendations. 
  • Produce professional documentation, including policies, roadmaps, risk reports, and board-level updates. 
  • Manage multiple engagements concurrently, ensuring high-quality outputs and strong client satisfaction. 
  • Contribute to the continued development of Omni’s methodologies, templates, and best-practice guidance. 

Required Skills & Experience 

Technical & Framework Expertise 

  • Strong working knowledge of ISO/IEC 27001:2022 (essential). 
  • Practical experience with NIST CSF assessments or implementation. 
  • Solid understanding of GDPR principles, data protection impact assessments, and privacy governance. 
  • Familiarity with supplementary frameworks or regulations (e.g. CIS Controls, DORA, NIS2, SOC 2, ISO 22301) is highly desirable. 

Consultancy Skills 

  • Demonstrable experience in client-facing roles within security, audit or GRC. 
  • Ability to produce concise, clear and well-structured documentation suitable for senior stakeholders. 
  • Strong analytical and problem-solving capabilities. 
  • Excellent communication and time management skills 
  • Comfortable working independently and able to “hit the ground running”. 

Industry Certifications (desirable but not mandatory) 

  • ISO 27001 Lead Implementer / Lead Auditor 
  • CISM, CISSP, CRISC, CISA