Senior ISMS-Specialist

ROLE DESCRIPTION:

The ISMS (Information Security Management System) Senior Specialist role involves managing information security within Arriello and would particularly suit a candidate with project management expertise. Reporting to the head of IT, the candidate will be working with internal teams, our vendors, and an external specialist security advisory business to implement and then maintain compliance with the requirements of the ISO 27001 Information Security Standard.

Tasks will include:

• Co-ordination of ISO 27001 efforts across the organisation to attain certification to ISO 27001 in consultation with outsourced advisory services.
• Guide internal staff on the application of corporate standards in relation to ISO 27001 and provide training guides for our vendors to ensure they meet our requirements.
• Take an active role implementing the requirements of ISO 27001 across the organisation.
• Facilitate collaborative workshops to support ISO 27001 project advancement.
• Assist with completing 3rd party security questionnaires where required.
• On-going monitoring and enhancement of the information security management system (ISMS) to conform with the requirements of the ISO 27001 Information Security Standard.
• Work with the Arriello business functions to obtain the necessary participation for Certification and Internal Audits.
• Ensuring that ongoing ISMS related security tasks are carried out such as Security Awareness Training for staff, Test and Assurance of systems and Policy Management (including reviews, adherence, and distribution).
• Implementation of corrective actions and remediation work arising from internal and external security audits
• Work closely with our internal Quality Team, Legal Counsel and others where needed to identify priorities and changes where needed.

KEY RESPONSIBILITIES:

• Strong communication skills to be able to work with all levels of the business.
• Deliver solutions and innovations in collaboration with internal stakeholders,
• Effectively manage and build working relationships with all stakeholders, based on transparency, trust and clear communication,
• Excellent cross functional teamwork with Operations colleagues to ensure full compliance to meet the plan that you help develop.

• 3-5 years IT/cybersecurity industry experience.
• Good understanding of prevalent Cyber Security standards.
• Experience in implementing cyber security standards is desirable.
• Be familiar with both agile and waterfall project management methodologies.
• Good understanding of security principles and technologies.
• Good understanding of networking principles.
• Excellent written and verbal communications skills.
• Some knowledge of the Pharma Compliance industry is advantageous.

• Friendly work environment
•  Multinational team with 30 nationalities
•  Flexible working hours, working from home
•  Remote work is possible
•  Cafeteria benefit system
•  Dog-Friendly office