ISO 27001 Certification:
- ·Work closely with the security department to implement
,and maintenance of information security management systems (ISMS).
- ·Collaborate with relevant stakeholders to identify, assess, and manage information security risks within the ISMS team.
- ·Work closely with the security department to prepare and perform audits to sustain the ISO 27001 certification.
- ·Drive continuous improvement initiatives to enhance the effectiveness of the ISMS.
- ·Compliance Monitoring: Assist in monitoring the organization's compliance with data protection laws, such as the General Data Protection Regulation (GDPR) or other relevant regulations. This involves staying informed about changes in data protection laws and ensuring that organizational policies and practices align with these requirements.
- ·Documentation and Record Keeping: Help maintain records of data processing activities, data protection impact assessments, and other documentation required for compliance. Ensure that the organization's data processing activities are well-documented and up-to-date.
- ·Data Breach Response: Assist in investigating and documenting data breaches, as well as ensuring that the organization complies with notification requirements.
- ·Privacy Impact Assessments (DPIAs): Support in conducting privacy impact assessments for new projects or changes to existing processes. Assess the potential impact on data protection and recommend measures to mitigate risks.
- ·Policy Development and Review: Contribute to the review, and updating of data protection policies and procedures. Ensure that policies align with legal requirements and industry best practices.
Communication and Documentation:
- ·Demonstrate excellent communication and writing skills in English.
- ·Ensure that all policies and procedures related to information security are effectively communicated and understood across the organization.
- ·Document differences in procedures, and present findings in a clear and structured manner.
Proactivity and Implementation:
- ·Proactively map internal processes to ensure adherence to group policies and identify areas for improvement.
- ·Implement group-level information security policies and communicate changes to relevant stakeholders.
- ·Support the security department regarding policy implementations, potential issues, and recommended solutions.
- ·Analyze local procedures and assess their compatibility within the group framework.
Affinity with Information Security:
- ·Demonstrate a genuine interest in information security matters.
- ·Foster a culture of awareness and understanding of information security across the organization.