Our client, who is a leading Governance, Risk, and Compliance consulting firm based in Pretoria, known for its start-up culture and lean team structure, is looking for a highly skilled and experienced ISO 27001 Implementer to join their lean, agile team. The successful candidate will take charge of ISO 27001-related projects, guiding clients through the standard’s implementation process. With a strong cybersecurity background, the ideal candidate will develop and implement ISO 27001 artifacts such as policies, standards, and technical documents like Disaster Recovery Plans (DRP) and Incident Response Plans (IRP). This role requires a high level of independence, excellent drafting skills, and the ability to thrive in a dynamic start-up culture.
Key Responsibilities:
- ISO 27001 Implementation:
- Lead and support the implementation of ISO 27001 standards within client environments.
- Develop, review, and update ISO 27001 documentation, including policies, procedures, and controls.
- Conduct gap analyses and risk assessments to identify areas for improvement and ensure compliance.
- Cybersecurity Expertise:
- Provide expert guidance on cybersecurity best practices and ISO 27001 compliance.
- Assist clients in strengthening their cybersecurity frameworks and meeting compliance requirements.
- Technical Documentation:
- Draft and implement key technical documents, such as Disaster Recovery Plans (DRP) and Incident Response Plans (IRP), ensuring alignment with ISO 27001 standards and client needs.
- Training and Awareness:
- Develop training materials and lead workshops to educate client staff on ISO 27001 requirements and cybersecurity awareness.
- Project Management:
- Oversee project timelines, deliverables, and communications with stakeholders to ensure the successful execution of ISO 27001 projects.
Qualifications and Experience:
- Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
- Minimum of 3 years of experience implementing ISO 27001 standards.
- Certified ISO 27001 Lead Implementer or an equivalent certification is highly desirable.
- Proven experience in drafting and implementing technical plans like DRPs and IRPs.
- Strong understanding of cybersecurity principles, frameworks, and best practices.
- Experience with other ISO Certifications such as ISO 9001:2015 is a plus.
Key Skills:
- Cybersecurity Expertise: Deep understanding of cybersecurity concepts, threat landscapes, and mitigation strategies.
- ISO 27001 Implementation: Extensive experience with ISO 27001 standards, from gap analysis to full implementation.
- Technical Writing: Excellent drafting skills for producing high-quality technical documentation.
- Analytical Abilities: Strong capability to conduct comprehensive risk assessments and gap analyses.
- Communication: Excellent verbal and written communication skills, with the ability to explain complex concepts clearly.
- Project Management: Highly organized with the ability to manage multiple projects, timelines, and deliverables in a fast-paced environment.
- Team Collaboration: Demonstrated ability to work effectively within a lean team and alongside clients, fostering a collaborative working relationship.
Desired Skills:
- ISO 27001
- Cyber Security
- Disaster Recovery Plans
- Incident Response Plans
Desired Work Experience:
- 2 to 5 years
Desired Qualification Level:
- Degree