Meet the Team - Know the Project

Visma is undergoing a strategic transformation to empower its Business and Legal Units with autonomous management systems. As an Information Security Program Lead, you will play a key role in leading the implementation and continuous improvement of our Integrated Management System (IMS) Program and system library. Your expertise will guide Visma companies in establishing and operating their certified management systems, with a strong focus on Information Security (ISO 27001). This role empowers self-service, ensures high standards, and drives efficiency across the Visma Group.

Let’s Talk About Our People

Join our dynamic 6-person Quality and Project Control team! We blend 3 Project Management and 3 IMS/Quality experts, supporting Visma and its companies with high standards. Based in the Netherlands, Norway, and Romania, we work closely with security, legal, and IMS functions, expanding our influence throughout Visma's autonomous companies. We thrive on innovation, autonomy, teamwork, and learning—and we celebrate what makes each of us unique.

Key Responsibilities

• IMS Program Leadership: Develop, implement, and continuously improve the Visma IMS framework (ISO 9001, 27001, 14001) with a focus on Information Security Management Systems.
• Unit Empowerment & Support: Help Visma companies implement and operate their IMS through training, community building, templates, tools, and audit guidance.
• Stakeholder Engagement: Offer guidance and support to all IMS users and stakeholders (Legal, CTO, Security/CISOs, Environmental, Compliance, local coordinators).
• Process Optimization: Continuously improve the IMS library, enhancing self-service and adapting to regulations (e.g., DORA, NIS2), especially in security.
• Operational Oversight & Audit Readiness: Define KPIs/SLAs, manage service backlogs, support internal audits, and ensure readiness for external certifications.

Qualifications & Personal Qualities

• Education: Bachelor's or Master's in Computer Science, IT, Cybersecurity, or related field.
• Certifications: Required certifications include ISO 27001 Lead Implementer and/or Lead Auditor. ISO 9001/14001 are a plus.
• Experience:
  • Proven track record in implementing and maintaining ISMS/ISO 27001 systems.
  • Experience managing Integrated Program Frameworks and leading continuous improvements.
  • Strong project/program management skills in organizing and executing improvements.
  • Solid background in conducting internal ISMS audits.
  • Familiarity with risk assessment tools and methodologies.
• Skills & Abilities:
  • Analytical thinking and risk assessment skills, especially in information security.
  • Knowledge of compliance requirements (e.g., GDPR, DORA, NIS2).
  • Excellent communication and teaching skills to explain complex security concepts clearly.
  • Collaboration experience with external auditors and cross-functional teams.
  • Adaptability in a fast-evolving regulatory and organizational landscape.
  • Understanding of AI technologies in relation to security and compliance.

Authority

• General authority to execute outlined tasks and responsibilities.
• Can initiate and implement improvements for EMS, ISMS, and QMS goals.
• Authorized to escalate improvement opportunities across units.
• Acts as a direct contact for Business/Legal Units regarding ISO certifications and Management System implementations.

Measurement Criteria

• Fulfillment of role description and process adherence.
• Quality of work based on stakeholder feedback and goal achievement.
• Business/Legal Unit satisfaction (NPS scores).
• Effectiveness of implemented improvements.
• Growth and maturity of IMS framework, especially in ISMS and ISO 27001 certifications.

What We Offer

We provide a comprehensive benefits package that supports your career development, work-life balance, and overall well-being.

Ready to dive deeper into our benefits? Click the video below to learn more!

Want to get to know us better? Follow us on LinkedIn, Facebook, and more!