Logo
 

Information Security Officer - ISO (m/f/d)

  • Bucharest (RO)
  • Fulltime
scheme imagescheme image
Want to work in a culture built on mutual trust and respect? How about having the freedom to make work fit into your life (and not the other way round)? A career with Thinkproject could be just the opportunity you're looking for.

What do we do?
Thinkproject is a European market-leader in digitalisation tools for construction companies. It sounds complex, but we'll explain further! Construction companies used to use manual administration and physical paperwork for projects (sometimes hundreds of thousands of bits of paperwork for one project!). Using our construction intelligence solutions, businesses can go digital, which benefits everyone from the construction companies to the wider public. 
Our mission is to deliver digitalisation to make a safer, healthier and more sustainable AECO (Architecture, Engineering, Construction, Operations) industry. This is a really exciting time to join our company, since our founding in 2000 we have gone from strength-to-strength and have lots of exciting developments coming up soon that you could be a part of.
 
As an Information Security Officer (ISO), you will be responsible for implementing Multi-Scope ISMS group requirements at your location. Your role involves maintaining, sustaining, and continuously improving the Information Security Management System (ISMS) in accordance with ISO 27001 standards. You will report directly to the Group ISO and the Managing Director/Local Manager, serving as the key contact person for the Data Protection Officer (DPO). This position is vital in ensuring the highest standards of information security and compliance within the organization.
 

What your day will look like

Security-Relevant Responsibilities
  • Contact person for employees for information security relevant questions and aspects
  • Introducing new employees to information security and data privacy.
  • Regular performance or update of the Risk Analysis. Mandatory at least once a year or when revising the risk assessment.
  • Identification of threats and vulnerabilities for identified corporate assets.
  • Performing supplier audits on a regular basis.
  • Provide and maintain an Emergency Plan and Disaster Recovery Plan (Business Continuity Management BCM)
  • If personal data is involved all activities must be agreed or coordinated with the Data Protection Officer DPO
Organizational Responsibilities
  • You implement all Multi-Scope ISMS requirements at the location and for the products
    • Ensure awareness and understanding of ISMS requirements, with regular reviews and documentation of Group requirements for feasibility
    • Provision and maintenance of all required ISMS documentation
    • Delivery of subject-specific and department-specific training and education for employees
  • Management of incidents and risks in accordance with Thinkproject's ISMS
  • You organize internal ISMS audits in line with the Group-wide ISMS audit plan
  • You participate in internal ISMS audits, including sampling and reviewing to ensure compliance with information security requirements across all departments
  • You ensure ISMS awareness activities, such as tpAcademy trainings and policy confirmations, are completed before each external audit
  • You regularly review all organizational and technical measures for effectiveness and legal compliance, considering Group requirements where necessary
  • You address audit non-conformities, risks, and incidents promptly and effectively, ensuring corresponding records are maintained
  • You ensure proper documentation and record-keeping using systems provided and approved by the company
Product/Project specific Responsibilities
  • You are involved in product-related processes, especially in Software Development, Software Operation, Product Management, and Project Management, driving and coordinating information security tasks at your location
  • You escalate open issues as needed and coordinate cross-location aspects with the Group ISO
  • You participate in negotiating Supplier Agreements, Data Processing Agreements (DPA), and finalize Non-Disclosure Agreements (NDA)

What you need to fulfill the role

  • 1-2 years of experience in Information Security (ISO) and/or GDPR compliance
  • Previous work experience in international companies, with an understanding of global practices and regulations
  • Certification in ISO standards (e.g., ISO 27001 or similar) is a plus
  • Strong collaboration skills and the ability to work effectively with the Romanian team in establishing this new location
  • Proficiency in English, both written and spoken, German language skills are a plus

What we offer

Health Days I Lunch 'n' Learn Sessions I Women's Network I LGBTQIA+ Network I Demo Days I Coffee Chat Roulette I Ideas Portal I Free English Lessons I Thinkproject Academy I Social Events I Volunteering Activities I Open Forum with Leadership Team (Tp Café) I Hybrid working I Unlimited learning

We are a passionate bunch here. To join Thinkproject is to shape what our company becomes. We take feedback from our staff very seriously and give them the tools they need to help us create our fantastic culture of mutual respect. We believe that investing in our staff is crucial to the success of our business.

Your contact:

Ulrike Ecke | T +49 89 930 839-419

Please submit your application, including salary expectations and potential date of entry, by submitting the form on the next page.


Working at thinkproject.com - Make your intelligence our asset.