On behalf of one of our clients in the pharmaceutical industry, we are looking for a skilled ISMS consultant with a strong focus on supporting improvements to their data classification initiatives and their alignment with our Information Security Management System (ISMS). The ideal candidate will possess extensive knowledge of best practices such as ISO standards and NIST frameworks. In addition, expertise in data classification and an understanding of technical controls under ISMS are essential components of this role.
Key Responsibilities:
Data Classification Expertise:
Act as a subject matter expert in data classification, helping to establish a comprehensive data classification strategy.
Ensure that data classification practices align with both regulatory requirements and industry standards.
Governance Framework Development:
Support initiatives to develop a robust governance framework for ISMS that aligns with organizational objectives and their alignment with the data classification initiative.
Identify and establish clear roles and responsibilities related to information security governance.
Establish processes and reporting mechanisms aligned with the entire company.
Stakeholder Engagement:
Work closely with senior management, process owners, and cross-functional teams to ensure alignment on governance initiatives and strategies.
Facilitate meetings and discussions to engage stakeholders and gather feedback on governance processes.
Key Requirements:
Strong knowledge of ISO standards (especially ISO 27001), NIST frameworks, and Information Classification.
Demonstrated experience in designing and implementing ISMS governance frameworks.
Expertise in data classification methodologies and practices.
Relevant certifications (e.g., ISO 27001 Lead Implementer, CISSP, CISM) are a plus.
Familiarity with technical controls relevant to ISMS is a plus.
Excellent presentation and communication skills to effectively engage with diverse audiences.
