Job Overview
This role involves managing assessment processes and tools for third parties and customers, maintaining the Information Security Management System (ISMS), and supporting security audits such as ISO 27001, SOC 2, and TISAX Lv3.
Main Responsibilities
* Develop and maintain formal information security policies, procedures, and standards in line with ISO/IEC 27001:2013.
* Conduct annual reviews of the company's information security policies, procedures, and standards.
* Oversee ongoing assessments to test security procedures, mechanisms, and controls.
* Serve as a liaison for implementing security controls derived from policies, standards, and procedures.
* Perform vendor security assessments before contracting services or applications with third parties.
* Support the coordination of security audits, including preparing meetings, communicating with auditors and stakeholders, and reviewing controls and evidence accuracy.
Required Qualifications
* At least 3 years' experience in a similar role.
* ISO/IEC 27001, CISSP, CISA, or other relevant security certifications desired.
* Excellent communication skills.
* Knowledge of Jira usage.
* Proficiency in spoken and written English.