Kronos by EPSA
Please make an application promptly if you are a good match for this role due to high levels of interest.
– Boost your career!
The EPSA Group is a European performance specialist. Recognized for its technical know-how and the diversity of its business expertise, the EPSA Group optimizes its customers' financial, operational and sustainable results. Its solutions platform focuses on purchasing performance, innovation financing and energy and environmental transition. An international partner, the EPSA Group employs nearly 5,000 people and is present in over 40 countries.
As part of this mission,
Kronos by EPSA
provides agile and specialized support in
Project Management, Supply Chain and Procurement
through
interim management and expert resourcing .
Kronos by EPSA connects highly skilled professionals with leading organizations, enabling them to reinforce their teams, accelerate transformation projects, and deliver strategic results. Whether it’s short-term operational support or long-term category management, Kronos by EPSA bridges talent and opportunity with precision and purpose.
Context
We are looking for an experienced Senior Project Manager to lead the implementation and continuous improvement of an ISO/IEC 27001-compliant Information Security Management System (ISMS) within a complex and regulated environment.
You will be responsible for driving the ISO 27001 program end-to-end, from initial assessment and roadmap definition to certification and ongoing compliance, while coordinating multiple stakeholders across IT, security, risk, and business teams.
Key Responsibilities
Project & Program Management
Lead and manage the end-to-end ISO 27001 program, including planning, execution, and delivery
Define business cases, project scope, milestones, and deliverables
Manage project timelines, resources, risks, and dependencies
Track progress, ensure adherence to schedules, and mitigate potential delays
ISO 27001 / ISMS Implementation
Drive the implementation and maintenance of an ISO/IEC 27001-compliant ISMS
Conduct or coordinate gap analyses, risk assessments, and maturity evaluations
Maintain ISMS documentation (policies, procedures, risk register, Statement of Applicability)
Coordinate certification and surveillance audits with external auditors
Governance, Risk & Compliance
Ensure alignment with regulatory frameworks (e.g. NIS2, DORA, GDPR)
Monitor compliance and support internal and external audit processes
Manage risk registers, non-conformities, and corrective action plans
Stakeholder & Change Management
Act as the central point of contact for ISO 27001 topics
Collaborate with IT, security, business, and audit stakeholders
Support control owners in implementing and evidencing controls
Drive awareness and adoption of security practices across the organization
Continuous Improvement
Monitor ISMS performance and define improvement initiatives
Prepare management reporting and dashboards
Support management reviews and strategic decision-making
Profile
Experience & xlxgzvr Skills
Minimum 5+ years of experience in Project or Program Management
Proven experience in information security, risk, or compliance projects
Hands-on experience with ISO/IEC 27001 implementation and/or certification
Strong knowledge of ISMS concepts (risk management, Annex A, SoA, audits)
Experience in complex, cross-functional environments, ideally in financial services
Key Competencies
Strong project management and organizational skills
Excellent stakeholder management and communication abilities
Structured, analytical, and detail-oriented mindset
Results-driven with strong decision-making and prioritization skills
Ability to operate in regulated and high-pressure environments
ISO/IEC 27001 Lead Implementer or Lead Auditor certification is a plus
Experience with frameworks such as ISO 22301, ISO 27701, COBIT, ITIL is a plus
Knowledge of European regulations (NIS2, DORA) is a strong asset
Experience in financial institutions
Professional fluency in
English