Professional Galaxy is an IT and technology consulting company that provides highly specialized expertise within IT, software development, SAP, purchasing, electronics and mechanical design. We collaborate with experienced senior experts and deliver strategic value-creating expertise to some of Sweden's most complex and analytically demanding projects. Our focus is always on high quality, professionalism and clear, measurable results.

We are now seeking a Project Manager, Information Security for one of our clients.

About the assignment:

ISO/IEC 27001 is the internationally recognized standard for establishing, implementing,

maintaining, and continually improving an Information Security Management System (ISMS). The

standard provides a systematic approach to managing information security risks, ensuring

confidentiality, integrity, and availability of information assets in line with business objectives,

regulatory requirements, and stakeholder expectations.

We are initiating an ISO/IEC 27001 implementation to strengthen its

information security governance, ensure compliance with applicable regulatory and customer

requirements, and establish a robust, auditable ISMS across the organization.

The assignment is to lead and drive the ISO/IEC 27001 implementation as a dedicated Project

Manager. The role is responsible for planning, coordinating, and executing the end-to-end

implementation, from initial gap analysis through readiness for certification audit.

Key responsibilities include:

• Establishing and managing the ISO/IEC 27001 project plan, milestones, and deliverables

• Coordinating internal stakeholders across IT, R&D, Legal, HR, and Management

• Leading gap analysis against ISO/IEC 27001 requirements and Annex A controls

• Supporting risk assessment, risk treatment planning, and documentation of controls

• Driving development and implementation of ISMS policies, processes, and procedures

• Managing dependencies with ongoing security, compliance, and IT initiatives

• Preparing the organization for internal audits, management review, and external

certification audit

• Reporting progress, risks, and decisions to steering group and senior management

The assignment starts as soon as possible and requires strong experience in ISO/IEC 27001

implementations, structured project management capabilities, and the ability to work

independently in a complex, multi-stakeholder international environment.

Qualifications and skills required for the role

• Proven experience as Project Manager leading ISO/IEC 27001 implementations,

preferably from gap analysis through certification readiness

• Solid understanding of information security management systems (ISMS), ISO/IEC 27001

requirements, and Annex A controls

• Experience coordinating risk assessments, risk treatment plans, and control

implementation

• Strong project management skills with ability to manage scope, timelines, dependencies,

and stakeholders

• Experience working in complex, multi-stakeholder organizations, preferably within

automotive, R&D, or regulated industries

• Ability to drive documentation of policies, procedures, and governance frameworks

• Experience supporting internal audits, management reviews, and external certification

audits

• Familiarity with related regulations and standards (e.g. GDPR, NIS2, ISO 22301) is

considered a strong advantage

• Excellent communication skills in English, both written and verbal; experience in

international environments is essential

• Relevant certifications such as ISO/IEC 27001 Lead Implementer, PMP, PRINCE2, or

equivalent are highly desirable.

Personal attributes

• Strong execution mindset with the ability to move from planning to delivery without losing

momentum

• Ability to handle ambiguity in early project phases and bring structure as the ISMS matures

• High level of resilience and perseverance to drive progress across busy stakeholder groups

• Confidence to challenge existing ways of working when required by ISO/IEC 27001 compliance

• Ability to balance audit requirements with pragmatic, business-oriented solutions

• Strong sense of ownership for outcomes, not just activities and deliverables

• Capability to prioritize effectively when multiple compliance, security, and IT initiatives compete

for attention

• Cultural awareness and sensitivity when working across countries, functions, and leadership

levels.

Uppdragsinformation
Uppdragslängd: 2026-05-08 to 2026-10-01

Placeringsort: Göteborg

Svar önskas snarast, dock senast 2026-05-01.

Are you the right person for the assignment, or do you want to recommend a strong candidate? Do not hesitate to contact us.

Please apply directly through our system with:

- Your updated CV in english

- Availability to start the assignment

In the motivation, describe why you are suitable for this assignment - refer to previous consulting assignments, employmxent, education and personal qualities.

Please note: We do not accept any applications through mail. All applications have to be sent through the portal to be valid.

Offer continuously: Please note that for this role we offer continuously. That means that we sometimes remove the assignments before the deadline. If you are interested, we recommend that you apply immediately.