We are looking for a motivated ISMS Manager, who will be responsible for:
- Lead the management and operation of the Information Security Management System (ISMS) for ITS Global
- Review all ISMS policies, procedures and other core ISMS framework documents like Statement of Applicability (SOA), Catalogue of Documents (CoD) etc, for all in-scope departments and ensure they are all updated.
- Manage the ISMS risk management program by reviewing all existing asset registers and risk registers.
- Collaborate with the ITS Global stakeholders and Information Protection Group (IPG) on a regular basis to ensure the ISMS operates smoothly and continuously improves.
- Conduct meetings with the Management Forum and Information Security Working Group (ISWG) and tracking the minutes of meetings and agenda.
- Liaison with external auditors from certification agency (BSI) to ensure all scheduled surveillance audits are completed as planned.
- Manage all internal and external audit findings and ensure their remediation on an agreed schedule with the respective ITS Global portfolio managers.
- Drive continuous improvements of the ISMS by designing and implementing effective metrics.
- Support the various ISMS roles with their responsibilities as documented in the ISMS operations manual.
- Regularly review the scope of the ISMS and ensure it remains relevant for member firms, clients and regulators.
- Escalate risk and issues relating to the management and operation of the ISMS to ITS Global, Global CISO and other interested parties as appropriate.
- Maintain ISMS portal and documentation up to date.
- Manage ISMS communications
- Report ISMS status to ITS Global stakeholders and the Global CISO
- Collaborate with ITS Global Attestation (SOC2) team to efficiently coordinate ISO and SOC2 efforts.
What we are looking for in our new ISMS Manager:
- 6-8 years in information security of which minimum of 3 years of business experience in running an ISMS based on ISO27001:2013.
- Must be a certified lead implementer or a certified lead auditor on ISO27001:2013.
- Professional security qualifications such as CISSP and/or CISM preferred. Applicant must be willing to obtain certification, if they are not already certified
- Knowledge of key principles and framework surrounding an Information Security Management System (ISMS) and preferably with other related frameworks like ISO27003, ISO27005, ISO27017 and ISO27018.
- Knowledge of System and Organization Controls (SOC2) reporting
- Good knowledge of regional issues and structures, ability to work with people from many different cultural backgrounds.
- Strong ability to multi-task and work independently within a global team
- Methodical approach to work, attention to detail and delivery of high quality results
- Excellent interpersonal and communication skills
- Fluent in English, other spoken languages a plus
- Holds a valid passport and able to travel periodically on business assignments
Education / Academics
- Minimum Bachelor’s degree from an accredited college / university (preferably in Computer Science, Computer Engineering, Information Security, Management Information Systems or other relevant field) – Masters (post-graduate) degree a plus.
We believe that progress can only truly be progress if its cause benefits both the individual and society as a whole. Therefore, we combine the newest technologies with what we have accomplished in the century we are existing: a foundation of knowledge, expertise and independent thinking.
Open, creative and venturous
We offer a stimulating mix of entrepreneurship, creativity and team spirit. You can be yourself, you feel validated and appreciated and you know that you can make a difference if you want to.
The ultimate environment for personal growth
Here at KPMG, you will be given plenty responsibilities from the start, combined with the freedom to develop yourself, both personally and in business. We are not only offering you a job: we are offering you a career.
Additionally we are offering you:
- A competitive salary
- 30 holidays
- Freedom of choice in (most of) your work
- A laptop and iPhone which can also be used privately
- A non-contributory pension plan
- A lease car
- Discounts on insurances and tax benefits for a gym membership
- Lots of activities involving fellow KPMG colleagues, such as Friday afternoon drinks.
Meer informatie en solliciteren
Please apply via the button below. For questions, please contact the dedicated Recruitment Advisor, Maud van Turnhout at email@example.com.