Security Project Manager - Process Change, ISO27001, Gap Analysis

Description

Security Project Manager - Process Change, ISO27001, Gap Analysis

My client's group security needs to review existing processes and procedures and ensure they are aligned with industry best practices, for Group Security and for entities. For Group Security, the detection and response capabilities of a security operation centre to potential incidents is dependent on the clearly defined and repeatable processes and procedures that clearly identify the responsibility of each team member and the escalation process. These processes and procedures need to follow best practices as stated in ISO 27001 standards.

A Project Manager is requested to follow up the progress of this project and manage it through its life cycle, according to Group Security governance and framework, build an appropriate project plan according to available resources, track and manage risks, communicate on project progress to the stakeholders (build and report project KPI).

A. Main tasks

1) Liaise with Group Security main stakeholders and some entities to identify existing and required processes and procedures

2) Coordinate with vendors and assessment against ISO 27001 standards and identify gaps to the standards:

- Review of existing process and procedures with ISO experts

- Define missing processes and procedures, based on ISO expert knowledge

3) Define an action plan to be able to align our current processes and procedures with ISO standards and identify those who need to be implemented

Other main tasks, the Project Manager is expected to:

• Manage the project throughout its life cycle: Execution, Monitoring, Controlling and Closing.
• Ensure the project adheres to the internal project governance structure and project artifacts are created in a timely manner. Propose governance and processes adjustments if needed.
• Communicate relevant and timely information to stakeholders to ensure visibility of progress, budget/expenditure, risks and issues.
• Manage communications, negotiations and potential conflicts with all stakeholders.
• Produce project status with KPIs: deliverables, schedule, quality, organization, risks, change, and budget.
• Animate project and steering committees (frequency to be discussed)
• Manage the project team and provide clear directions.
• Ensure appropriate tools and processes are in place to track minutes, actions, risk, issues, and decisions.
• Identify and track risks, issues and escalations on projects and ensure appropriate action plans are established and actively monitored.
• Ensure mandatory project deliverables re produced from the PM and its team are produced.
• Ensure the appropriate quality processes compliant with Group, are in place for the approval of the deliverable's provided by the PM and its team.
• Ensure all documents produced on the project are properly managed and safely stored.

Technical skills required

- Projects coordination

Organisation Design Processes design Project communication management Stakeholder management Change management Problem solving skill Conflict resolution management

- Project Management

Project time management Coordination skills Multi-National organizations project management Project scope management Project time management Project cost management Risk management Security projects management Analytical skills

- Project management certification

Certification in a formal project methodology (eg PMP, PRINCE2)

- ISO 27001 standards processes and procedures knowledge

ISO 27001 standards compliance management (Beneficial)

- Technical skills Security IT environment (Beneficial)

Experience

• Between 5 to 10 years' experience on project management
• Experience in process change and coordination
• Experience in Project Management in complex international organisation - 3 years +

Expected deliverable's:

• An assessment of existing and missing processes and procedures within Group Security and a selection of entities
• Gap analysis with ISO 27001 standards
• List of standardised and repeatable processes and procedures, aligned with ISO 27001 standards.
• Action or remediation plan to implement the standardised processes and procedures aligned with ISO 27001.
• According to our project framework, the project manager is expected to provide the following project management deliverables:
• Project Management Plan
• Requirement specifications
• Project planning and follow up
• Running Project form (Financial follow up)
• Risk Issues Actions Decisions log
• Project Closure status
• Minutes from project governance (Steering Committee and Project Committee)

Mercator IT Solutions provides services as an agency and an employment business