Kronos by EPSA – Boost your career!
Learn more about the general tasks related to this opportunity below, as well as required skills.
The EPSA Group is a European performance specialist. Recognized for its technical know-how and the diversity of its business expertise, the EPSA Group optimizes its customers' financial, operational and sustainable results. Its solutions platform focuses on purchasing performance, innovation financing and energy and environmental transition. An international partner, the EPSA Group employs nearly 5,000 people and is present in over 40 countries.
As part of this mission, Kronos by EPSA provides agile and specialized support in Project Management, Supply Chain and Procurement through interim management and expert resourcing .
Kronos by EPSA connects highly skilled professionals with leading organizations, enabling them to reinforce their teams, accelerate transformation projects, and deliver strategic results. Whether it's short-term operational support or long-term category management, Kronos by EPSA bridges talent and opportunity with precision and purpose.
Context
We are looking for an experienced Senior Project Manager to lead the implementation and continuous improvement of an ISO/IEC 27001-compliant Information Security Management System (ISMS) within a complex and regulated environment.You will be responsible for driving the ISO 27001 program end-to-end, from initial assessment and roadmap definition to certification and ongoing compliance, while coordinating multiple stakeholders across IT, security, risk, and business teams.
Key ResponsibilitiesProject & Program ManagementLead and manage the end-to-end ISO 27001 program, including planning, execution, and deliveryDefine business cases, project scope, milestones, and deliverablesManage project timelines, resources, risks, and dependenciesTrack progress, ensure adherence to schedules, and mitigate potential delaysISO 27001 / ISMS ImplementationDrive the implementation and maintenance of an ISO/IEC 27001-compliant ISMSConduct or coordinate gap analyses, risk assessments, and maturity evaluationsMaintain ISMS documentation (policies, procedures, risk register, Statement of Applicability)Coordinate certification and surveillance audits with external auditorsGovernance, Risk & ComplianceEnsure alignment with regulatory frameworks (e.g. NIS2, DORA, GDPR)Monitor compliance and support internal and external audit processesManage risk registers, non-conformities, and corrective action plansStakeholder & Change ManagementAct as the central point of contact for ISO 27001 topicsCollaborate with IT, security, business, and audit stakeholdersSupport control owners in implementing and evidencing controlsDrive awareness and adoption of security practices across the organizationContinuous ImprovementMonitor ISMS performance and define improvement initiativesPrepare management reporting and dashboardsSupport management reviews and strategic decision-making
ProfileExperience xphnsxz & SkillsMinimum 5+ years of experience in Project or Program ManagementProven experience in information security, risk, or compliance projectsHands-on experience with ISO/IEC 27001 implementation and/or certificationStrong knowledge of ISMS concepts (risk management, Annex A, SoA, audits)Experience in complex, cross-functional environments, ideally in financial servicesKey CompetenciesStrong project management and organizational skillsExcellent stakeholder management and communication abilitiesStructured, analytical, and detail-oriented mindsetResults-driven with strong decision-making and prioritization skillsAbility to operate in regulated and high-pressure environmentsISO/IEC 27001 Lead Implementer or Lead Auditor certification is a plusExperience with frameworks such as ISO 22301, ISO 27701, COBIT, ITIL is a plusKnowledge of European regulations (NIS2, DORA) is a strong assetExperience in financial institutionsProfessional fluency in English