Key skills
CloudCyber SecurityAIRisk Management
About this role
Role Overview
- Manage Group IT´s ISO/IEC 27001 Information Security Management System (ISMS)
- Ensure evidence handling is structured, traceable, and efficient
- Conduct information security risk assessments and ensure appropriate controls are implemented
- Maintain and continuously improve policies, procedures, and documentation aligned with ISO/IEC 27001
- Monitor compliance status, track non‑conformities, and drive corrective and preventive actions
- Lead internal audits and support external audits and certifications
- Provide guidance, training, and awareness on information security and compliance topics
- Collaborate closely with IT and business teams on security‑related initiatives and projects
Requirements
- Proven experience working with ISO/IEC 27001 (implementation, certification, or ongoing maintenance); relevant certifications are highly valued
- A background in IT, cybersecurity, information security, or enterprise risk management
- Experience with related standards or regulations such as ISO 22301, ISO 27701, NIS2, GDPR, or SOC 2 is a plus
- Experience with CMMC, Cyber Essentials Plus (CE+), or comparable cybersecurity frameworks is a plus
- A solid understanding of information security, risk management, and compliance frameworks
- Experience conducting risk assessments and internal audits
- The ability to communicate effectively in English, both with technical and non‑technical stakeholders
- Strong understanding of on‑premises, hybrid, and public cloud environments
- An analytical mindset with strong attention to detail
- Experience designing and documenting standard operating procedures (SOPs), preferably leveraging digital tools, automation, or AI to improve consistency and productivity
- The ability to translate regulatory and standard requirements into actionable controls and practical guidance for IT teams
- A minimum of a Bachelor’s degree or equivalent relevant professional experience
Tech Stack
- Cloud
- Cyber Security
Benefits
- A dynamic and innovative work environment with a strong security mission
- Opportunities for professional development and certification
- A culture built on trust, long‑term thinking, and continuous improvement
- The opportunity to make a real difference in creating a safer and more secure world