Information Security Management System (ISMS) Analyst

Job Summary:

We are seeking a diligent and experienced ISMS Team Member to support the Deputy Management Representative (DMR) in executing Information Security Management System activities. The ideal candidate will assist in conducting audits, tracking and following up on audit findings and incidents, coordinating security plans, supporting risk assessment exercises, preparing Management Review Meetings (MRM), and managing ISMS documentation. This role requires strong organizational skills, attention to detail, and a minimum of 4 years of relevant experience.

Key Responsibilities:

• Assist the DMR in planning, coordinating, and conducting internal ISMS audits.
• Track audit findings and ensure timely follow-up and closure of non-conformities.
• Coordinate the implementation of corrective and preventive action plans.
• Monitor and follow up on information security incidents, ensuring appropriate response and documentation.
• Support the DMR in preparing materials and documentation for Management Review Meetings (MRM).
• Follow up on change requests related to information security controls and policies.
• Assist in organizing and tracking risk assessment exercises and help maintain risk registers.
• Create, review, update, and maintain ISMS documentation, including policies, procedures, guidelines, and records, ensuring they reflect current practices and compliance requirements.
• Maintain and update ISMS documentation as per organizational and regulatory requirements.
• Collaborate with cross-functional teams to ensure compliance with ISMS policies and procedures.
• Support continuous improvement initiatives within the ISMS framework.

Qualifications & Experience:

• Minimum 3 to 5 years of experience in Information Security, ISMS, or related fields.
• Experience in conducting audits and managing audit findings is highly preferred.
• Good understanding of ISO 27001 standards and other relevant regulatory frameworks.
• Strong organizational, analytical, and communication skills.
• Ability to coordinate multiple activities and work under tight deadlines.
• Detail-oriented with strong documentation and reporting skills.
• Relevant certifications are a plus.

Skills & Competencies:

• Knowledge of ISMS frameworks and risk management processes.
• Familiarity with incident management and change control processes.
• Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint).
• Strong interpersonal skills to coordinate with various teams and stakeholders.
• Ability to work independently and as part of a team.
• Problem-solving mindset with a focus on continuous improvement.

Working Conditions:

• Office-based with occasional remote work.
• Standard working hours with flexibility.