Information Security Management System Specialist

<p>Centiro is a Swedish software company with 650+ colleagues. Our solutions empower marquee brands and finer supply chains in 175+ countries. We believe in enabling and empowering commerce for companies with winning aspirations who seek to make a difference. Core focus is to connect and enable cloud-based delivery and service networks in the world of digital. Centiro has received numerous awards and honors, including Great Place to Work® Legend and Sweden's No. 1 Workplace in the Large Organizations category for 2021. Founded in 1998, with offices in Sweden, India, the UK, the US and Spain</p><p>To know more about us, please visit <a href="http://www.centiro.com/" target="_blank">www.centiro.com</a><strong><br><br>Job Overview: </strong></p><p>We are seeking a highly skilled and proactive individual to support the Group Chief Information Security Officer (CISO) in advancing the organization’s Information Security Management System (ISMS). This role will involve close collaboration with internal and external stakeholders to ensure global ISMS compliance, certification, and continuous improvement in a multi-country regulatory environment.</p><p><strong>Key Responsibilities:</strong></p><ul><li><strong>ISMS Representation and Advocacy:</strong> Act as a trusted representative of the organization in client-facing discussions, addressing ISMS concerns with confidence and expertise, particularly in pre-sales engagements.<br></li><li><strong>ISMS Framework Management: </strong>Lead the development, implementation, and management of ISMS frameworks across multiple countries, ensuring compliance with diverse regulatory environments and industry standards.<br></li><li><strong>Global ISMS Advisory Role:</strong> Serve as a trusted advisor and ambassador for ISMS-related matters, providing strategic guidance to internal and external stakeholders globally.<br></li><li><strong>Ownership of Compliance and Certification:</strong> Take ownership of ISMS compliance, certification efforts, and ongoing improvement initiatives, ensuring alignment with ISO 27001 and other relevant standards.<br></li><li><strong>Cross-Functional Collaboration:</strong> Work closely with sales, legal, and operational teams to integrate ISMS principles seamlessly into organizational processes and ensure business alignment.<br></li><li><strong>Information security incident management:</strong> Manage and respond to operational security incidents, ensuring swift resolution and minimal impact on business operations.<br></li><li><strong>AI Security Competence:</strong></li></ul><ol><li>Apply expertise in AI-related information security risks, ensuring secure implementation of AI-driven systems and processes.</li><li>Assess, mitigate, and monitor the potential risks associated with AI-based solutions, such as data integrity, privacy concerns, model vulnerabilities, and adversarial threats.</li><li>Collaborate with AI teams to integrate robust security controls, ensuring compliance with ISMS and regulatory requirements in the context of AI usage.</li></ol><ul><li><strong>Continuous Improvement:</strong> Proactively monitor and incorporate the latest trends, tools, and regulatory changes—particularly related to AI and machine learning—into the ISMS to maintain a best-in-class security posture.</li></ul><p><strong><br></strong></p><p><strong>Required Skills and Qualifications:</strong></p><p><strong> Certifications:</strong></p><p>o ISO 27001 Lead Auditor or Lead Implementer certification (or equivalent).</p><p>o CISSP, CISM, or other relevant security certifications.</p><ul><li><strong>Technical Expertise: </strong>Strong understanding of ISMS principles, security frameworks, and regulatory requirements, with hands-on experience supporting ISMS operations in global contexts.<br></li><li><strong>AI and Security Knowledge: </strong>Understanding of AI/ML security considerations, including secure development and deployment of AI models, regulatory implications, and threat detection related to machine learning systems.<br></li><li><strong>Communication and Advisory Skills:</strong> Ability to convey complex information security concepts to technical and non-technical stakeholders and confidently represent the organization in high-stakes discussions.<br></li><li><strong>Collaboration:</strong> Proven ability to work effectively with cross-functional teams, aligning ISMS strategies with business objectives.<br></li><li><strong>Commitment to Learning: </strong>Demonstrated commitment to continuous professional development, staying informed of emerging security trends, including advancements in AI security, and adapting practices to address evolving risks.</li></ul> •

Last updated on Jan 22, 2025