DRAG

ISO Officer

Location:
Subic Office

Position:
Full Time

Closing Date:
Friday, May 31, 2024

Are you a quality-focused professional with a passion for information security? Can you spearhead the implementation of ISO 27001 standards across our organization with full compliance and ease? Do you know the up-to-date ISO industry standards?

If your answer is yes, then WE WANT YOU! 

We are in need of a detail-oriented ISO Officer with a proactive approach. You will be responsible for leading a culture of security awareness and provide training in compliance with ISO requirements.

As an ISO Officer, your duties and responsibilities include:

  • Lead the implementation of ISO 27001 standards across the organization, including the development of policies, procedures, and controls to protect information assets and ensure confidentiality, integrity, and availability.
  • Conduct thorough risk assessments to identify, analyze, and prioritize information security threats, and develop risk mitigation strategies to safeguard critical assets and data.
  • Draft, review, and update information security policies, standards, and procedures, ensuring alignment with ISO 27001 requirements and industry best practices.
  • Promote a culture of security awareness by providing impactful training programs that educate employees on information security best practices, policies, and compliance.
  • Establish and maintain procedures for reporting, investigating, and effectively responding to information security incidents and breaches.
  • Coordinate incident response activities to minimize damage, contain threats, and prevent recurrence.
  • Plan and conduct regular internal audits of the ISMS to evaluate its compliance in meeting ISO 27001 standards, legal requirements, and organizational policies.
  • Facilitate coordination with external auditors from certification bodies and regulatory agencies.
  • Ensure comprehensive and accurate documentation for information security policies, procedures, controls, and records, which includes regularly reviewing, updating, and communicating these documents to relevant stakeholders.
  • Evaluate the security posture of vendors, suppliers, and third-party service providers to ensure that they meet information security requirements and contractual obligations.
  • Conduct security assessments and audits, as needed.
  • Develop and deliver security awareness programs and training sessions to educate employees on information security risks, best practices, and compliance requirements.
  • Other duties as assigned.

Qualifications:

  • Graduate of bachelor’s degree in Quality Management, Engineering or Business Administration, or other relevant field.
  • Certification in quality management systems/ISMS (e.g., Certified ISO 9001 Lead Auditor/ISO 27001/19011) is highly desirable.
  • Has 2-3 years of relevant experience implementing and maintaining ISO standards, preferably in a similar role, is an advantage.
  • Strong understanding of quality management principles, methodologies, and tools (e.g., Six Sigma, Lean).
  • Excellent analytical, problem-solving, and decision-making skills.
  • Effective communication and interpersonal skills, with the ability to influence and collaborate across all levels of the organization.
  • Attention to detail and a commitment to ensuring compliance with regulatory requirements and industry standards.
  • Flexible and able to adapt to a rapidly changing environment.
  • Positive, self-motivated individual who can complete tasks independently.
  • Willing to be assigned to Subic Bay Freeport Zone.

The future of professional services.

Copyright © 2024 | DBA Global Shared Services Inc.