Information Security Manager

Job Description

The position

The role of the Information Security Manager is to operate the information security management system of Sympower as per ISO 27001. It’s an inherently cross-departmental role, as the ISMS has policies and procedures that affect the entire company. The system ensures the security of Sympower’s data and systems, which includes data protection, integrity and continued availability and business continuity. The person will also be responsible for external communication with customers and partners about security related issues, answering questionnaires and handling any incoming requests or incidents via the security email inbox. The person will also oversee audits, contact with certification bodies and security budgets.

What Is In It For You

We are committed to creating an inclusive and values based culture where everyone feels that they belong, and where everyone has the opportunity to do meaningful work.

We offer a market competitive compensation package, including but not limited to:

• 30 Days Paid Holiday Leave
• 1 Day Paid Wellness Leave
• 1 Day Paid Birthday Leave
• Paid Maternity and Partner Leave
• Pawternity Leave
• Mental Health and Wellbeing Support
• Remote Office Budget
• Internet Allowance
• Development Plan & Budget
• Stock Appreciation Rights
• 2 Days Paid Volunteer Leave
  
  

Learn about all of our benefits on our careers page.

What You Will Do

This is your opportunity to shape Sympower’s cybersecurity position and influence company-wide processes.

ISMS Management

• Oversee the ISMS based on our chosen standard ISO 27001, including policy and procedure updates, document reviews, and audits.
• Organize and lead internal audits, management reviews, and external ISO 27001 audits.
• Conduct regular ISMS Governance Council updates to inform leadership of the cybersecurity landscape and ISMS performance.
• Ensure that the ISMS complies with NIS2.
  
  

Risk And Compliance

• Perform risk analyses and coordinate risk mitigation strategies.
• Handle non-conformities, implement corrective actions, and maintain compliance documentation.
• Manage vendor security, ensuring third-party compliance with Sympower’s security standards.
• Take part in incident retrospectives.
  
  

Training And Awareness

• Plan and conduct security awareness training for employees.
• Foster a company-wide understanding of security policies and their impact on day-to-day operations.
  
  

Collaboration And Leadership

• Facilitate cross-departmental collaboration to implement security measures effectively.
• Be available to support and take part in customer facing interactions that require explanation of our ISMS.
• Lead the security team without direct managerial authority, driving results through influence and coordination.
  
  

Job requirements

What You Will Need

Project Management and Organizational Skills:

• Proven ability to coordinate complex, cross-departmental projects with precision and efficiency.
• Experience managing systems and processes with multiple interdependencies.
  
  

Systematic Thinking

• Deep understanding of structured systems like ISO 27001 ISMS, with the ability to navigate interlinked documents and processes effectively.
  
  

Security Knowledge

• Solid understanding of IT security fundamentals, risk management, and data protection. In-depth cryptography knowledge is not required, but a foundational understanding is essential.
  
  

Organizational Awareness

• Experience in developing and implementing policies with a keen awareness of their practical implications on teams and workflows.
  
  

Communication And Presentation

• Ability to present information clearly and actionably to diverse stakeholders, including senior leadership and external auditors.
• Skilled at translating complex security concepts into accessible language.
  
  

Leadership Without Authority

• Track record of influencing teams and driving outcomes in environments without direct reporting lines.
  
  

Who We Are

Sympower is accelerating the global transition towards ‘net-zero’ by helping to build smarter, cleaner renewable energy systems. Using our proprietary software platform, we help balance the supply and demand of electricity across international energy networks.

We help businesses, grid operators, asset owners and other energy stakeholders around the world reduce their carbon emissions, integrate more distributed renewable energy resources, and generate new revenue streams by participating in demand-side response services.

Learn more about us in this video.

In 2022, Sympower became a certified B Corp, which shows the company is meeting high standards of verified performance, accountability, and transparency across 5 impact areas: governance, workers, community, environment, and customers.

Sympower is an equal opportunity employer. We encourage a diverse workforce and are committed to creating an inclusive environment for all team members.

Your personal data will be processed in accordance with our Privacy Policy.

MESSAGE TO RECRUITMENT AGENCIES: support for filling this position is not required, so proposals for recruitment services will not be reviewed or responded to.