I'm looking for a native English speaker with the relevant experience to draft a number of IT related policies for our organisation: a. Incident management b. Disaster recovery and business continuity planning c. Change control (logging and auditing) d. Software patches and upgrades e. Anti-malware control f. System administration g. System development h. Controlling privileged system access
Our company provided two software products to individuals and organisation and we want to ensure that the relevant industry-standard policies are in place. Our software and organisation set up is simple and I would expect that drafting these documents should be straightforward. We're looking for simple, plain English policies. Brevity is key. They would ideally relate to an industry-standard framework eg. ISO however this is not critical given our stage of growth.
I can provide more information on the product we have supply and the company structure as required.
We're looking for someone with experience in drafting such policies, who's pragmatic to draft simple straightforward policies/procedures for the above in a relatively short timeframe. Note that the above list if really the topics we need to be covered, I expect we could combine some of these and perhaps expand our existing Infosec policy to cover some eg. control of privileged access.
Please only apply if you have experience with these topics. Budget is negotiable for the right person but we have to include something in the job post.