Cybersecurity and Management Systems Support Services Position

Welcome to Felps Group 👋A community of passionate experts, combining their skills to help your business reach new heights. 🔒 Our ExpertiseFelps Group is an alliance of Pure Players made up of four dedicated Squads: Telecom, IT, Cybersecurity, and Change Management. Each Squad is led by a Captain, an expert in their specific field. These Captains support consultants throughout their journey at Felps, guiding them in choosing the right assignments and training paths. Our ambition is to foster growth and professional development, enabling our consultants to continuously evolve their careers.🌐 Our ApproachAt Felps Group, the consultant is at the heart of our model and therefore at the centre of everything we do. The close partnership between the Squad Captain and the Associate Director ensures optimal follow-up and support. Thanks to this structure and our expertise, we provide personalised, in-depth, and high-impact guidance to every consultant.🤝 Diversity & InclusionAt Felps Group, we firmly believe in the power of diversity and inclusion. We are committed to creating an inclusive working environment where everyone feels respected, supported, and encouraged to contribute fully.As part of our team, you will join a culture that celebrates diversity in all its forms—age, gender, ethnic background, religion, sexual orientation, gender identity, skills, socio-economic background, or any other personal characteristic. We are proud of our commitment to equal opportunities and fairness.We strongly encourage all qualified candidates, including individuals with recognised disabilities (RQTH), to apply. We are committed to providing a supportive and inclusive work environment and to making reasonable adjustments throughout the recruitment process. If you have specific accessibility needs, please let us know—we will do our best to support you.We’re Hiring: Cybersecurity and Management Systems Support Services Hybrid model: 3 days onsite per week in PortoProject OverviewThe objective of this project is to ensure the continuous operation, monitoring, and improvement of the Integrated Management System (IMS) in compliance with ISO 27001, ISO 22301, and ISO 9001 standards.The role focuses on maintaining audit readiness, strengthening internal processes and controls, and driving continuous improvement across information security, business continuity, and quality management frameworks.Goals & Scope of ServicesFelps Group is engaging a qualified professional to deliver the following services:1.LOD 1.5 Execution & SupportValidate evidence submitted by Level 1 (LOD1) within the internal control tool.Assess the implementation, effectiveness, and maturity of LOD1 controls to ensure compliance with ISO and QNRCS standards and continuous improvement.Support and coordinate Information Security responses to Level 2 (LOD2) testing activities.Identify and propose control improvements in collaboration with control owners and stakeholders.Request, implement, and track control improvements within the internal control tool, ensuring full compliance with ISO 27001, ISO 22301, and ISO 9001.2.Certifications SupportSupport all phases of the certification lifecycle: preparation, operational support, follow-ups, and in-person participation in:ISO 27001ISO 22301ISO 9001Digital Seal (Gold Level)QNRCS High-Level certificationsManage and maintain the certification calendar, ensuring stakeholder alignment and audit preparedness.Prepare, collect, and validate audit documentation and evidence.Document, support, and follow up on audit and management review outputs, including:Non-Conformities (NCs)Opportunities for Improvement (OFIs)Define action plans with owners and ensure consistent follow-up until closure.Implement NCs and OFIs assigned to the ISMS team when required.Conduct two internal audits of the IMS:One focused on ISO 27001 for specific entities.One covering ISO 27001, ISO 22301, ISO 9001, and the Digital Seal (Gold Level).Deliver full audit lifecycle activities: planning, execution, reporting, corrective actions, and follow-up.3.Management Systems Monitoring & Continuous ImprovementSupport preparation and responses to information security questionnaires and assessments from clients, partners, and regulators.Monitor, maintain, and continuously improve management systems.Prepare and present IMS management reviews.Define, improve, and document KPIs; provide reporting and presentation support.Collect and report ISMS KPIs according to management-defined frequency.Maintain and enhance the control register aligned with:ISO 27001ISO 22301ISO 9001QNRCS High-LevelProduce or update IMS documentation within the documentation management system, ensuring annual reviews (approx. 150–200 documents).Identify improvements in information security documentation management.Provide ongoing consulting support to ensure regulatory compliance and alignment with industry best practices.Identify opportunities for process optimisation and risk mitigation across:Information SecurityBusiness ContinuityQuality ManagementEnsure regular alignment meetings with internal stakeholders and document outcomes.Expected Deliverables (Non-Exhaustive)LOD 1.5 ExecutionValidated LOD1 control evidence with maturity and effectiveness assessments.Documented control improvement proposals with defined owners.📑 Certifications SupportCertification preparation packs for all applicable standards.Updated certification calendar.Audit documentation and evidence packs.Documented NCs, OFIs, action plans, and follow-up reports.Internal audit plans and audit reports.Management Systems MonitoringCompleted security questionnaires with supporting evidence.IMS management review materials and presentations.ISMS KPI reports.Updated control register aligned with all applicable standards.Updated and newly created IMS documentation.Improvement and optimisation reports.Minutes and records from stakeholder alignment meetings.Required Skills LevelCertification lifecycle management — Confirmed⭐⭐⭐Information Security Management — Expert ⭐⭐⭐⭐Internal audit execution — Confirmed ⭐⭐⭐Control improvement — Confirmed ⭐⭐⭐ISO 27001 compliance — Expert ⭐⭐⭐⭐English — Advanced ⭐⭐⭐⭐