We are looking for an experienced ISO/IEC 27001 Project Manager to lead and coordinate the implementation, certification, and ongoing improvement of our Information Security Management System (ISMS).
In this role, you will be responsible for driving the ISO 27001 program end-to-end: from gap analysis and roadmap definition to certification support and continuous compliance. You will work closely with IT, security, risk, compliance, and business stakeholders to ensure information security controls are effectively designed, implemented, and embedded across the organization.

Key Responsibilities

ISO 27001 Program Management
• Lead the implementation and maintenance of an ISO/IEC 27001-compliant ISMS
• Plan, execute, and monitor the ISO 27001 program, including scope definition, milestones, timelines, and dependencies
• Coordinate certification and surveillance audits with external auditors
Governance, Risk & Compliance
• Conduct or coordinate gap analyses, risk assessments, and maturity assessments
• Ensure alignment with related frameworks and regulations (e.g. NIS2, DORA, GDPR, internal security policies)
• Maintain core ISMS documentation (policies, procedures, risk register, Statement of Applicability, improvement plans)

Stakeholder & Change Management
• Act as the central point of contact for ISO 27001 across IT, business, and audit stakeholders
• Support control owners in implementing and evidencing security controls
• Drive awareness and adoption of information security practices across teams
Continuous Improvement
• Monitor ISMS performance and define improvement initiatives
• Track non-conformities, corrective actions, and management actions
• Prepare management reporting and support management reviews

Required Qualifications & Experience
• Proven experience as a Project Manager or Program Manager in information security, risk, or compliance
• Hands-on experience with ISO/IEC 27001 implementation and/or certification
• Strong knowledge of ISMS concepts: risk management, Annex A controls, SoA, internal audits
• Experience working with auditors, regulators, or internal assurance teams
• Demonstrated ability to manage complex, cross-functional initiatives

Skills & Competencies
• Excellent project management skills (planning, coordination, follow-up)
• Strong stakeholder management and communication skills
• ISO/IEC 27001 Lead Implementer or Lead Auditor certification
• Experience with related standards or frameworks (ISO 22301, ISO 27701, COBIT, ITIL)
• Knowledge of European regulatory frameworks (e.g. NIS2, DORA)
• Experience in large or financial institutions
• Structured, detail-oriented, and documentation-focused
• Able to balance pragmatism with compliance requirements
• Comfortable working in complex, regulated environments