Description of the assignment - Project Manager ISO/IEC 27001 Implementation

ISO/IEC 27001 is the internationally recognized standard for establishing, implementing,

maintaining, and continually improving an Information Security Management System (ISMS). The

standard provides a systematic approach to managing information security risks, ensuring

confidentiality, integrity, and availability of information assets in line with business objectives,

regulatory requirements, and stakeholder expectations.

Geely Technology Europe is initiating an ISO/IEC 27001 implementation to strengthen its

information security governance, ensure compliance with applicable regulatory and customer

requirements, and establish a robust, auditable ISMS across the organization.

The assignment is to lead and drive the ISO/IEC 27001 implementation as a dedicated Project

Manager. The role is responsible for planning, coordinating, and executing the end-to-end

implementation, from initial gap analysis through readiness for certification audit.

Key responsibilities include

• Establishing and managing the ISO/IEC 27001 project plan, milestones, and deliverables

• Coordinating internal stakeholders across IT, R&D, Legal, HR, and Management

• Leading gap analysis against ISO/IEC 27001 requirements and Annex A controls

• Supporting risk assessment, risk treatment planning, and documentation of controls

• Driving development and implementation of ISMS policies, processes, and procedures

• Managing dependencies with ongoing security, compliance, and IT initiatives

• Preparing the organization for internal audits, management review, and external

certification audit

• Reporting progress, risks, and decisions to steering group and senior management

The assignment starts as soon as possible and requires strong experience in ISO/IEC 27001

implementations, structured project management capabilities, and the ability to work

independently in a complex, multi-stakeholder international environment.

Qualifications and skills required for the role

• Proven experience as Project Manager leading ISO/IEC 27001 implementations,

preferably from gap analysis through certification readiness

• Solid understanding of information security management systems (ISMS), ISO/IEC 27001

requirements, and Annex A controls

• Experience coordinating risk assessments, risk treatment plans, and control

implementation

• Strong project management skills with ability to manage scope, timelines, dependencies,

and stakeholders

• Experience working in complex, multi-stakeholder organizations, preferably within

automotive, R&D, or regulated industries

• Ability to drive documentation of policies, procedures, and governance frameworks

• Experience supporting internal audits, management reviews, and external certification

audits

• Familiarity with related regulations and standards (e.g. GDPR, NIS2, ISO 22301) is

considered a strong advantage

• Excellent communication skills in English, both written and verbal; experience in

international environments is essential

• Relevant certifications such as ISO/IEC 27001 Lead Implementer, PMP, PRINCE2, or

equivalent are highly desirable

Personal attributes

• Strong execution mindset with the ability to move from planning to delivery without losing

momentum

• Ability to handle ambiguity in early project phases and bring structure as the ISMS matures

• High level of resilience and perseverance to drive progress across busy stakeholder groups

• Confidence to challenge existing ways of working when required by ISO/IEC 27001 compliance

• Ability to balance audit requirements with pragmatic, business-oriented solutions

• Strong sense of ownership for outcomes, not just activities and deliverables

• Capability to prioritize effectively when multiple compliance, security, and IT initiatives compete

for attention

• Cultural awareness and sensitivity when working across countries, functions, and leadership

levels

Start date: Asap

End date: 2026-10-01 Workload: 100%