We are seeking a detail-oriented and knowledgeable Security Policy Consultant to design, develop, and maintain information security policies, standards, and procedures within a complex security environment. The successful candidate will have hands-on experience creating policy artefacts and a strong understanding of policy frameworks and hierarchies (policy trees).

This role is critical to ensuring that security policy architecture supports compliance, is aligned to organisational goals, and enables effective implementation across technology and business functions.

Key Responsibilities

• Develop and maintain clear, concise, and effective security policies, standards, and guidelines that align with regulatory and organisational requirements.
• Design and manage the policy framework structure, including the development and maintenance of policy trees and document hierarchies.
• Ensure policy artefacts support governance objectives and reflect leading practice (e.g. ISO 27001, NIST, NCSC).
• Engage with stakeholders across security, legal, compliance, and business units to review, validate, and approve policies.
• Translate high-level control objectives and risk themes into structured, actionable policies and procedures.
• Maintain policy version control and change logs, ensuring audit readiness and clear governance processes.
• Support policy assurance and compliance monitoring through gap assessments and remediation tracking.