.Proman is currently hiring an Information Security GRC Officer to join their amazing team. About the company: Founded in 1984, Proman started as a Project Management company specialized in the construction of large industrial projects. Today, they are a global leader in natural gas-derived products and services. Proman has a global presence in the production, sales, and distribution of natural gas-derived products, including methanol, ammonia, melamine, and UAN solution, as well as assets for the production of natural gas onshore in the United States and offshore in Trinidad and Tobago. Proman is also a significant services business, with extensive experience in engineering, plant operations, petrochemical and power plant construction, product marketing, and logistics, project management, and project development. Their global development teams fund and develop projects, providing support at all stages by securing environmental permits, arranging critical commercial contracts, and raising asset-level financing to help bring projects to completion across the petrochemical and energy industry. Responsibilities: Governance Develop, maintain, and publish Information Security policies to meet business and regulatory evolution. Support with regular reporting on the status of security controls and measures. Support with documentation and communication of security controls, their operation and optimization. Evaluate training needs, support development of information security training material and collaterals. Deliver regular information security awareness and training sessions to internal and external stakeholders. Contribute to Proman's information security communication strategy by providing updates and announcements of new developments through established communication channels (e.G. intranet, newsletters). Support the design, implementation, operation, and maintenance of the Information Security Management System (ISMS). Support stakeholders with identifying, understanding and addressing regulatory requirements and obligations (e.G. Privacy – GDPR, Resilience – NIS2, Data Protection). Contribute to the design and implementation of the Information security business continuity plan. Risk Management Contribute with improvements to the Risk Management Process. Maintain the risk register/evaluation and deliver regular risk assessment sessions. Support the design and the implementation of operational and administrative security controls. Perform security and risk assessments for new projects and support business teams in applying treatment measures. Assist and support stakeholders on risk-related topics and queries. Compliance Support the management of information security requirements for existing security/IT solutions. Support internal and external audit processes for ISO 27001, including interactions with auditors and certifying entities, scheduling audits, and maintaining related ISMS records
