Senior Consultant – Information Security Management Systems (ISMS)

Job title: Senior Consultant – Information Security Management Systems (ISMS)

Company: Interval


Job description: This is a remote position.Job Title: Senior Consultant – Information Security Management Systems (ISMS)Location: Remote (occasional travel to the client office in Germany required)Start Date: 15/09/2025Contract Type: Freelance / Contract, Full-TimeOverviewWe are seeking a Senior Consultant with deep expertise in compliance, risk, and information security management to support the planning, implementation, and operationalisation of an Information Security Management System (ISMS) within a large-scale, multinational programme. The role involves working closely with a dedicated compliance, risk, and security (CRS) enablement team that ensures alignment between regulatory requirements, IT security standards, and the platform’s product architecture.About the RoleThe CRS Enablement team acts as the second line of defence for security governance, defining ISMS processes and policies, maintaining the Compliance Requirements Catalogue (CRS Rulebook), and ensuring automation of security posture management. This role will lead ISMS planning, implementation, audit preparation, certification readiness, and continuous improvement activities, engaging with stakeholders at both programme and group levels.ResponsibilitiesISMS PlanningDefine and document the ISMS scopeCoordinate with stakeholders to create and maintain ISMS policies aligned with architectural and process changesIntegrate ISMS into the programme’s target operating modelPlan the ISMS using an MVP-first approach with a prioritised roadmapDevelop detailed plans for policies, processes, procedures, awareness activities, and technology adoptionAlign the ISMS vision with the broader group context to enable economic consolidation and best practice integrationImprove information security governance and target operating modelsISMS Implementation & GRC IntegrationExecute ISMS and related GRC structures according to the defined planCoordinate with relevant stakeholders to align requirements across the groupIncrementally expand ISMS capabilities beyond the MVPMaintain clear stakeholder communication throughout the processPrioritise initiatives with immediate operational impact over academic exercisesAudit PreparationPrepare product lines and programme functions for real audit situations via dry runs and readiness assessmentsEnhance evidence provision processes for audit complianceChallenge existing processes to improve audit readinessCertification ReadinessIdentify and prioritise relevant certifications (e.g. ISO 27001)Develop a certification roadmap with detailed time and resource planningOversee workstreams to achieve certification maturityMeasurement & Continuous ImprovementEstablish methods to measure ISMS effectiveness and efficiencyDrive continuous improvement initiatives with the CRS team and group-wide stakeholdersRequirementsEligibilityResidency in the EU or UKMust-Have Experience5+ years in information security strategy, GRC, and ISMSProven experience in designing, implementing, integrating, and operating ISMSStrong understanding of KRITIS-related ISMS development (preferably in the energy sector)Experience in implementing and auditing ISMS and GRC processes, policies, and proceduresKnowledge of applicable regulations and regulatory bodies (e.g. BNetzA, BSI, NIS-2, CRA)Expertise in information security risk management methodsStrong project management skillsExperience developing security metrics and measurement methods (KPI, KRI, CSI)Understanding of GRC technology with an automation-first mindsetFamiliarity with cloud-native and hybrid environmentsKnowledge of OT environments and relevant security frameworks (e.g. CSA CCM, OSCAL, CIS)Experience in product-driven organisationsMust-Have Language SkillsFluent English (C1 level or above)Preferred ExperienceProfessional German language skills (IT context)Relevant certifications (e.g. CISM, CISA, ISO 27001 Lead Implementer/Lead Auditor)Experience in business continuity management, BCMS, and disaster recoveryExperience as an ISO 27001 auditorKnowledge of EU-based TSO standards (e.g. IEC 61850)Understanding of energy sector regulations (e.g. EnWG, BSI-KRITIS)BenefitsAs a freelancer / contractor with us, you will enjoy flexible working hours and the freedom to choose your own projects. Our platform gives you access to exciting projects in various industries and supports you in advancing your career. You’ll benefit from competitive pay and a dedicated team to help you with any questions you may have. Work independently and utilise our strong network to achieve your professional goals.

Expected salary:

Location: Berlin

Job date: Sat, 09 Aug 2025 22:41:00 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck