Proman is currently hiring an Information Security GRC Officer to join their amazing team.
About the company:
Founded in 1984, Proman started as a Project Management company specialized in the construction of large industrial projects. Today, they are a global leader in natural gas-derived products and services. Proman has a global presence in the production, sales, and distribution of natural gas-derived products, including methanol, ammonia, melamine, and UAN solution, as well as assets for the production of natural gas onshore in the United States and offshore in Trinidad and Tobago.
Proman is also a significant services business, with extensive experience in engineering, plant operations, petrochemical and power plant construction, product marketing, and logistics, project management, and project development. Their global development teams fund and develop projects, providing support at all stages by securing environmental permits, arranging critical commercial contracts, and raising asset-level financing to help bring projects to completion across the petrochemical and energy industry.
Responsibilities:
Governance
Develop, maintain, and publish Information Security policies to meet business and regulatory evolution.
Support with regular reporting on the status of security controls and measures.
Support with documentation and communication of security controls, their operation and optimization.
Evaluate training needs, support development of information security training material and collaterals.
Deliver regular information security awareness and training sessions to internal and external stakeholders.
Contribute to Proman's information security communication strategy by providing updates and announcements of new developments through established communication channels (e.g. intranet, newsletters).
Support the design, implementation, operation, and maintenance of the Information Security Management System (ISMS).
Support stakeholders with identifying, understanding and addressing regulatory requirements and obligations (e.g. Privacy – GDPR, Resilience – NIS2, Data Protection).
Contribute to the design and implementation of the Information security business continuity plan.
Risk Management
Contribute with improvements to the Risk Management Process.
Maintain the risk register/evaluation and deliver regular risk assessment sessions.
Support the design and the implementation of operational and administrative security controls.
Perform security and risk assessments for new projects and support business teams in applying treatment measures.
Assist and support stakeholders on risk-related topics and queries.
Compliance
Support the management of information security requirements for existing security/IT solutions.
Support internal and external audit processes for ISO 27001, including interactions with auditors and certifying entities, scheduling audits, and maintaining related ISMS records.
Plan and organize internal policy compliance audits and technical compliance audits according to the organisation's information security framework.
Support coordination and follow-up on execution of risk treatment plans.
Required Skills and Experience:
Degree in Computer Science or a technology-related field or a minimum 3-5 years of experience in an information security position.
Solid knowledge of various information security frameworks (e.g., ISO/IEC 2700x, NIST CSF).
Very strong interpersonal and analytical skills, ability to influence others in an advisory role.
Ability to educate and engage non-technical audiences on information security matters.
Strong knowledge about current data protection, privacy, and other information security regulations (e.g., GDPR, NIS2, DORA).
Excellent English oral and written communication skills.
Optional:
Information Security Certifications are a plus (e.g., ISO 27001 Lead Implementer, CRISC, CISA, CISSP).
Working experience in unrelated areas to information security (e.g., Finance, Human Resources, Marketing) will also be considered.
What they offer:
Meaningful Work
Competitive remuneration
Continuous training
Opportunity to integrate a multicultural and dynamic team, based on strong values and principles
Overall conditions of an international successful group
Additional benefits
Want to know more? Get in touch with us.
#J-18808-Ljbffr