Security Project Manager

ISO 27001 Program Management

• Lead the implementation and maintenance of an ISO/IEC 27001-compliant ISMS
• Define scope, roadmap, milestones, timelines, and dependencies
• Coordinate certification and surveillance audits with external auditors

Governance, Risk & Compliance

• Conduct or coordinate gap analyses, risk assessments, and maturity assessments
• Ensure alignment with frameworks and regulations (e.g. NIS2, DORA, GDPR)
• Maintain ISMS documentation (policies, procedures, risk register, SoA, improvement plans)

Stakeholder & Change Management

• Act as the central point of contact for ISO 27001 across stakeholders
• Support control owners in implementing and evidencing controls
• Drive awareness and adoption of information security practices

Continuous Improvement

• Monitor ISMS performance and define improvement initiatives
• Track non-conformities and corrective actions
• Prepare management reporting and support management reviews

• Proven experience as a Project Manager or Program Manager in information security, risk, or compliance
• Hands-on experience with ISO/IEC 27001 implementation and/or certification
• Strong knowledge of ISMS concepts (risk management, Annex A controls, SoA, audits)
• Experience working with auditors, regulators, or internal assurance teams
• Demonstrated ability to manage complex, cross-functional initiatives

Skills:

• Strong project management and organizational skills
• Excellent stakeholder management and communication abilities
• ISO/IEC 27001 Lead Implementer or Lead Auditor certification
• Experience with related frameworks (ISO 22301, ISO 27701, COBIT, ITIL)
• Knowledge of European regulations (e.g. NIS2, DORA)
• Experience in large or regulated environments (financial sector is a plus)
• Structured, detail-oriented, and documentation-driven
• Able to balance pragmatism with compliance requirements

Freelance renewable contract on a freelance basis