Plan, design and implement Information Security Management System (ISMS) applicable to Meralco organization and to the scope of implementation as agreed with Meralco on timelines and methodologies.
Run his own tools (e.g. surveys, risk assessments, interviews, applications) as necessary as part of the project
Prepare Meralco relevant parties prior internal and external audit activities
Monitor progress of the ISMS implementation, measure and report to interested parties the status, and communicate current challenges and risks to be encountered
Conduct knowledge transfer to parties that are affected by the implementation of Information Security Management System
Graduate of BS Information Technology, BS Accountancy, BS Engineering
The consultant must possess certifications such as ISMS Lead Implementer and / or ISMS Lead Auditor or higher
The consultant should have an experience in establishing, implementing, operating, monitoring, and reviewing Information Security Management System to at least 3 organizations (can be private and public).
Preferably with experience in a utility industry
Preferably, the consultant is also knowledgeable in other management systems such as ISO 9001, ISO 22301, etc.
Preferably, the consultant possesses certifications such as CISSP, CISA, CISM
The consultant should have good oral and written communication skills
The consultant should have background on ITIL and Project Management standards and practices