ITS Global ISMS Manager

Verwijder uit Mijn Jobs Toevoegen aan Mijn Jobs

De functie

We are looking for a motivated ISMS Manager, who will be responsible for:

  • Lead the management and operation  of the Information Security Management System (ISMS) for ITS Global
  • Review all ISMS policies, procedures and other core ISMS framework documents like Statement of Applicability (SOA), Catalogue of Documents (CoD) etc, for all in-scope departments and ensure they are all updated.
  • Manage the ISMS risk management program by reviewing all existing asset registers and risk registers.
  • Collaborate with the ITS Global stakeholders and Information Protection Group (IPG) on a regular basis to ensure the ISMS operates smoothly and continuously improves.
  • Conduct meetings with the Management Forum and Information Security Working Group (ISWG) and tracking the minutes of meetings and agenda.
  • Liaison with external auditors from certification agency (BSI) to ensure all scheduled surveillance audits are completed as planned.
  • Manage all internal and external audit findings and ensure their remediation on an agreed schedule with the respective ITS Global portfolio managers.
  • Drive continuous improvements of the ISMS by designing and implementing effective metrics.
  • Support the various ISMS roles with their responsibilities as documented in the ISMS operations manual.
  • Regularly review the scope of the ISMS and ensure it remains relevant for member firms, clients and regulators.
  • Escalate risk and issues relating to the management and operation of the ISMS to ITS Global, Global CISO and other interested parties as appropriate.
  • Maintain ISMS portal and documentation up to date.
  • Manage ISMS communications
  • Report ISMS status to ITS Global stakeholders and the Global CISO
  • Collaborate with ITS Global Attestation (SOC2) team to efficiently coordinate ISO and SOC2 efforts.

Het profiel

What we are looking for in our new ISMS Manager:

  • 6-8 years in information security of which minimum of 3 years of business experience in running an ISMS based on ISO27001:2013.
  • Must be a certified lead implementer or a certified lead auditor on ISO27001:2013.
  • Professional security qualifications such as CISSP and/or CISM preferred. Applicant must be willing to obtain certification, if they are not already certified
  • Knowledge of key principles and framework surrounding an Information Security Management System (ISMS) and preferably with other related frameworks like ISO27003, ISO27005, ISO27017 and ISO27018.
  • Knowledge of System and Organization Controls (SOC2) reporting
  • Good knowledge of regional issues and structures, ability to work with people from many different cultural backgrounds.
  • Strong ability to multi-task and work independently within a global team
  • Methodical approach to work, attention to detail and delivery of high quality results
  • Excellent interpersonal and communication skills
  • Fluent in English, other spoken languages a plus
  • Holds a valid passport and able to travel periodically on business assignments

Education / Academics

  • Minimum Bachelor’s degree from an accredited college / university (preferably in Computer Science, Computer Engineering, Information Security, Management Information Systems or other relevant field) – Masters (post-graduate) degree a plus.

Meer informatie en solliciteren

Please apply via the button below. For questions, please contact the dedicated Recruitment Advisor, Maud van Turnhout at