Project Manager Cybersecurity
onetowin, Sauk Trail Beach, WI, United States
We are looking for an experienced ISO/IEC 27001 Project Manager to lead and coordinate the implementation, certification, and ongoing improvement of our Information Security Management System (ISMS).
In this role, you will drive the ISO 27001 program end-to-end: from gap analysis and roadmap definition to certification support and continuous compliance. You will work closely with IT, security, risk, compliance, and business stakeholders to ensure information security controls are effectively designed, implemented, and embedded across the organization.
Key Responsibilities
ISO 27001 Program Management
Lead the implementation and maintenance of an ISO/IEC 27001-compliant ISMS
Plan, execute, and monitor the ISO 27001 program, including scope definition, milestones, timelines, and dependencies
Coordinate certification and surveillance audits with external auditors
Governance, Risk & Compliance
Conduct or coordinate gap analyses, risk assessments, and maturity assessments
Ensure alignment with related frameworks and regulations (e.g. NIS2, DORA, GDPR, internal security policies)
Maintain core ISMS documentation (policies, procedures, risk register, Statement of Applicability, improvement plans)
Stakeholder & Change Management
Act as the central point of contact for ISO 27001 across IT, business, and audit stakeholders
Support control owners in implementing and evidencing security controls
Drive awareness and adoption of information security practices across teams
Continuous Improvement
Monitor ISMS performance and define improvement initiatives
Track non-conformities, corrective actions, and management actions
Prepare management reporting and support management reviews
Required Qualifications & Experience
Proven experience as a Project Manager or Program Manager in information security, risk, or compliance
Hands‑on experience with ISO/IEC 27001 implementation and/or certification
Strong knowledge of ISMS concepts: risk management, Annex A controls, SoA, internal audits
Experience working with auditors, regulators, or internal assurance teams
Demonstrated ability to manage complex, cross‑functional initiatives
Skills & Competencies
Excellent project management skills (planning, coordination, follow‑up)
Strong stakeholder management and communication skills
ISO/IEC 27001 Lead Implementer or Lead Auditor certification
Experience with related standards or frameworks (ISO 22301, ISO 27701, COBIT, ITIL)
Knowledge of European regulatory frameworks (e.g. NIS2, DORA)
Experience in large or financial institutions
Structured, detail‑oriented, and documentation‑focused
Able to balance pragmatism with compliance requirements
Comfortable working in complex, regulated environments
#J-18808-Ljbffr
In this role, you will drive the ISO 27001 program end-to-end: from gap analysis and roadmap definition to certification support and continuous compliance. You will work closely with IT, security, risk, compliance, and business stakeholders to ensure information security controls are effectively designed, implemented, and embedded across the organization.
Key Responsibilities
ISO 27001 Program Management
Lead the implementation and maintenance of an ISO/IEC 27001-compliant ISMS
Plan, execute, and monitor the ISO 27001 program, including scope definition, milestones, timelines, and dependencies
Coordinate certification and surveillance audits with external auditors
Governance, Risk & Compliance
Conduct or coordinate gap analyses, risk assessments, and maturity assessments
Ensure alignment with related frameworks and regulations (e.g. NIS2, DORA, GDPR, internal security policies)
Maintain core ISMS documentation (policies, procedures, risk register, Statement of Applicability, improvement plans)
Stakeholder & Change Management
Act as the central point of contact for ISO 27001 across IT, business, and audit stakeholders
Support control owners in implementing and evidencing security controls
Drive awareness and adoption of information security practices across teams
Continuous Improvement
Monitor ISMS performance and define improvement initiatives
Track non-conformities, corrective actions, and management actions
Prepare management reporting and support management reviews
Required Qualifications & Experience
Proven experience as a Project Manager or Program Manager in information security, risk, or compliance
Hands‑on experience with ISO/IEC 27001 implementation and/or certification
Strong knowledge of ISMS concepts: risk management, Annex A controls, SoA, internal audits
Experience working with auditors, regulators, or internal assurance teams
Demonstrated ability to manage complex, cross‑functional initiatives
Skills & Competencies
Excellent project management skills (planning, coordination, follow‑up)
Strong stakeholder management and communication skills
ISO/IEC 27001 Lead Implementer or Lead Auditor certification
Experience with related standards or frameworks (ISO 22301, ISO 27701, COBIT, ITIL)
Knowledge of European regulatory frameworks (e.g. NIS2, DORA)
Experience in large or financial institutions
Structured, detail‑oriented, and documentation‑focused
Able to balance pragmatism with compliance requirements
Comfortable working in complex, regulated environments
#J-18808-Ljbffr