Kronos by EPSA – Boost your career!
The EPSA Group is a European performance specialist. Recognized for its technical know-how and the diversity of its business expertise, the EPSA Group optimizes its customers' financial, operational and sustainable results. Its solutions platform focuses on purchasing performance, innovation financing and energy and environmental transition. An international partner, the EPSA Group employs nearly 5,000 people and is present in over 40 countries.
As part of this mission, Kronos by EPSA provides agile and specialized support in Project Management, Supply Chain and Procurement through interim management and expert resourcing.
Kronos by EPSA connects highly skilled professionals with leading organizations, enabling them to reinforce their teams, accelerate transformation projects, and deliver strategic results. Whether it’s short-term operational support or long-term category management, Kronos by EPSA bridges talent and opportunity with precision and purpose.
Context
We are looking for an experienced Senior Project Manager to lead the implementation and continuous improvement of an ISO/IEC 27001-compliant Information Security Management System (ISMS) within a complex and regulated environment.
You will be responsible for driving the ISO 27001 program end-to-end, from initial assessment and roadmap definition to certification and ongoing compliance, while coordinating multiple stakeholders across IT, security, risk, and business teams.
Key Responsibilities
Project & Program Management
* Lead and manage the end-to-end ISO 27001 program, including planning, execution, and delivery
* Define business cases, project scope, milestones, and deliverables
* Manage project timelines, resources, risks, and dependencies
* Track progress, ensure adherence to schedules, and mitigate potential delays
ISO 27001 / ISMS Implementation
* Drive the implementation and maintenance of an ISO/IEC 27001-compliant ISMS
* Conduct or coordinate gap analyses, risk assessments, and maturity evaluations
* Maintain ISMS documentation (policies, procedures, risk register, Statement of Applicability)
* Coordinate certification and surveillance audits with external auditors
Governance, Risk & Compliance
* Ensure alignment with regulatory frameworks (e.g. NIS2, DORA, GDPR)
* Monitor compliance and support internal and external audit processes
* Manage risk registers, non-conformities, and corrective action plans
Stakeholder & Change Management
* Act as the central point of contact for ISO 27001 topics
* Collaborate with IT, security, business, and audit stakeholders
* Support control owners in implementing and evidencing controls
* Drive awareness and adoption of security practices across the organization
Continuous Improvement
* Monitor ISMS performance and define improvement initiatives
* Prepare management reporting and dashboards
* Support management reviews and strategic decision-making
Profile
Experience & Skills
* Minimum 5+ years of experience in Project or Program Management
* Proven experience in information security, risk, or compliance projects
* Hands-on experience with ISO/IEC 27001 implementation and/or certification
* Strong knowledge of ISMS concepts (risk management, Annex A, SoA, audits)
* Experience in complex, cross-functional environments, ideally in financial services
Key Competencies
* Strong project management and organizational skills
* Excellent stakeholder management and communication abilities
* Structured, analytical, and detail-oriented mindset
* Results-driven with strong decision-making and prioritization skills
* Ability to operate in regulated and high-pressure environments
* ISO/IEC 27001 Lead Implementer or Lead Auditor certification is a plus
* Experience with frameworks such as ISO 22301, ISO 27701, COBIT, ITIL is a plus
* Knowledge of European regulations (NIS2, DORA) is a strong asset
* Experience in financial institutions
* Professional fluency in English