Description
THIS IS A FULLY REMOTE ROLE
Our client aspires to becoming ISO 27001 certifiable for key processes. To achieve this goal, we are looking for an ISMS Manager who is an experienced Information Security professional with an excellent understanding of ISO 27001 compliant Information Security Management Systems. Somebody with a broad knowledge and passion about information security, and who would like to be part of a company where high information security standards are a critical part of what we do and who we are.
This knowledge and expertise must be combined with a hands-on mentality and capabilities to not only design fit-for-purpose solutions, but also to realize the implementation, the most efficient usage and the continuously improvement of them.
Reporting to the Principal Information Security Officer DK (Denmark) and as a member of the Cyber Security & IT Risk Management team, your role will be to lead our clients efforts in implementing and operating an ISO 27001 compliant ISMS.
Your key tasks will be to define the scope, and to create, deploy and manage an ISO 27001 compliant ISMS. Part of that role is also to ensure that the organization Information Security Document library contains mandatory and beneficial documents and records.
The ISMS Manager is required to be result driven and to be able to work to a large extend independently. We are looking for a senior professional, who has experience working in a multinational company and a virtual team. The ISMS Manager must be convinced of the benefits of teamwork.
Key Responsibilities
- Lead the implementation, operation, support, and maintenance of the Information Security Management System based on the ISO/IEC 27001
- Support IT audit processes with internal and external IT/ISO 27001 auditors.
- Develop, implement, and monitor mandatory information security policies, standards, procedures, guidelines, and controls, and in conjunction with all stakeholders ensure to get appropriate approvals and feedback
- Manage the design and operation of related compliance monitoring and improvement activities
- Build relationships and partner with business and IT departments and service providers
Requirements (Knowledge & Experience)
- Recent trainings and certifications in ISO 27001, NIST CSF
- At minimum 5 years of demonstrable work experience in IT security roles; this should include ISMS implementation/operation/management, policy & standard creation, audit support
- Working experience in multinational organizations
- Excellent knowledge of information security standards
- Understanding of information security risk analysis techniques
- Experience in working in/for a biotech or pharmacological company is not a must, but desirable
- Capability to explain (complex) technical security issues in normal language to non-technical stakeholders
- Ability to create accurate and concise policies, standards, other governance related documents or technical materials
- Very good communication skills in English
- Knowledge about the culture and writing skills in Danish, Dutch and Japanese will be an advantage
- Familiarity with ServiceNow, preferably with the GRC as well as Security Operation and CMDB modules will be another advantage
- Strong soft and interpersonal skills, including teamwork, facilitation, and negotiation
- Strong consultancy ad influence skills
- Excellent stakeholder management skills, ie being able to communicate effectively with different stakeholders and to deal with the different interests in the organization
- Excellent planning and organizational skills
- Hands on mentality, pragmatic and results driven