Information Security Management System Expert

If you want to shape information security governance in an ambitious organisation, this role will likely catch your interest. You will play a key role in driving Metro Service’s Information Security Management System including internal audits and planning external audits. 

About the job

As an ISMS Expert, you will be part of the CISO organisation and work closely with the IT department and the wider business. You will manage and continuously develop our ISO27001:2022-certified ISMS, covering both IT and OT assets. The role is highly active, with numerous ongoing projects and operational initiatives where you can make a real impact. You will collaborate with highly skilled colleagues specialising in risk, security, architecture, incident response, legal matters, and security operations. 

Your primary responsibilities will be:

• Driving our ISMS maturity journey forward, ensuring we maintain our ISO27001:2022 certificate
• Ensuring that policies, controls, and processes meet organisational and regulatory requirements i.e. NIS 2 and GDPR. Plan and conduct internal ISO27001 audits 
• Supporting risk assessments, control design, and effectiveness reviews
• Maintaining and write new ISMS policies, processes and instructions
• Being responsible for the ISMS Deviation Log including root cause analysis and mitigation actions planning
• Coordinating and training our ISMS ambassadors in each department together with our training department
• Advising and supporting our 1st and 2nd line IT and OT support and admin regarding ISMS

We imagine that you:

• Have proven experience running all aspects of an ISMS, including risk management, control implementation, and internal audits in alignment with ISO 27001
• Are self-driven finding it natural to take initiative, responsibility and drive initiatives
• Have strong communication and facilitation skills for effective collaboration at all levels of an organisation
• Have an analytical and structured approach with attention to detail 
• Are fluent in speaking and writing English and possibly in Danish 
• Hold a bachelor’s degree or higher in IT or similar
• Are being certified (ideally) as Lead Implementer and/or Lead Auditor (ISO 27001) 

You should apply for the position because:

• It is an exciting and challenging job on a new cyber information security journey 
• You will have the opportunity for professional development in an organisation full of passionate specialists
• We prioritise your well-being and arrange social activities across the company
• You will enjoy flexible working conditions, allowing you to work from home 1-2 days per week
• We focus on your health and offer a massage scheme along with subsidies for fitness and other health-related benefits
• Salary is determined individually and depends on your skills and experience

Questions about the position?

In this role, you will report to Martin Kræn Mølvig and be based at our location in København. If you have any questions, please feel free to contact Martin Kræn Mølvig at +45 3248 2800.

We value diversity and encourage all qualified candidates to apply, regardless of background.

We look forward to hearing from you! Please submit your CV via the link no later than 11. december 2025. Interviews will be held on an ongoing basis, and we reserve the right to close the posting once the right candidate has been found.

Please note: You will be asked to upload your criminal record to your career profile before the first interview. The criminal record and any other personal information will be handled confidentially and in accordance with GDPR.

Learn more about us on our website: Careers at Metro Service