Assistant Manager – IT Compliance, ISMS & AI Management Systems

Job Description

Title: Assistant Manager – IT Compliance, ISMS & AI Management Systems

Company Name: Akij Resources

Vacancy: 1

Age: Na

Job Location: Dhaka

Salary: Negotiable

Experience:

• 3 to 6 years
• The applicants should have experience in the following business area(s): Manufacturing (FMCG), IT Enabled Service, Shipping, Food (Packaged)/Beverage, Agro based firms (incl. Agro Processing/Seed/GM), Group of Companies, Packaging Industry, Cement Industry, Steel

Bachelor’s / Master’s degree in Computer Science, Information Technology, Information Security, or related field.
Preferred Certifications

• ISO 27001 Lead Implementer and/or Lead Auditor

• ISO 42001 Implementer / Auditor (strong advantage)

• ISO 9001 / 14001 / 45001 Auditor or Implementer (added advantage)

• 3 to 6 years
• The applicants should have experience in the following business area(s): Manufacturing (FMCG), IT Enabled Service, Shipping, Food (Packaged)/Beverage, Agro based firms (incl. Agro Processing/Seed/GM), Group of Companies, Packaging Industry, Cement Industry, Steel

• 3 – 6 years of experience in:

o IT Compliance

o Information Security

o ISO Implementation / Audit Roles

o Management System Auditing / Implementation

• Knowledge or implementation exposure to ISO 27001, ISO 42001 (AIMS), ISO 9001, ISO 14001, and ISO 45001 will be considered an added advantage.

• Experience handling external certification and internal audits.

Role Purpose

The organization is seeking a skilled compliance professional to implement and sustain ISO-based management systems across the company. This role will be responsible for establishing a strong ISO audit culture, ensuring effective implementation, maintenance, and continuous improvement of ISO 27001 (ISMS) and ISO 42001 (AI Management System) as mandatory frameworks, along with ISO 9001, ISO 14001, and ISO 45001.

Ensure protection of information assets, digital platforms, IT systems, and data while aligning with business growth, ESG commitments, regulatory compliance, and international security standards.

The position will act as the primary accountable for ensuring compliance, driving audit readiness, internal audits, external certification engagements, and organization-wide awareness.

Key Responsibilities

• Lead the end-to-end implementation, integration, and maintenance of ISO 27001, ISO 42001, ISO 9001, ISO 14001, ISO 45001, with working knowledge of ISO 22301, ensuring all processes, controls, documentation, and SoA remain effective and updated.

• Ensure the establishment, compliance, and continual improvement of all ISMS, AIMS, QMS, EMS, OHSMS, and ICT-related regulatory requirements.

• Maintain, review, and update all policies, procedures, risk registers, audit evidence, ISMS documents, and data-management records.

• Oversee document control, change management, access management, and alignment of operational practices with approved documentation.

• Conduct and maintain risk assessments, asset classification, threat/vulnerability analysis, VAPT, and risk treatment planning.

• Ensure operational security management, ICT control self-assessment, secure system configuration, encryption, key management, and data-protection controls.

• Plan, execute, and document internal audits, gap assessments, mock audits, and drive corrective/preventive actions until closure.

• Act as SPOC for internal, external, and surveillance audits, coordinating evidence and auditor interaction.

• Monitor, measure, and report on information-security performance to top management; ensure management reviews are conducted.

• Lead CIRT, manage cyber-incident response, root-cause analysis, crisis management, and regulatory reporting.

• Oversee business continuity, DR planning, data backup, and ensure continuity of information-processing facilities.

• Conduct security, ISO, cybersecurity, and AI governance awareness programs, including employee education and phishing simulations.

• Support operational teams through training, coaching, and enforcing ISO audit culture.

• Monitor and evaluate vendor/third-party compliance with security and ISO requirements.

• Ensure repair, service, and technical operations follow approved controls (CIA), retain objective evidence (DIA, DR, QC, RMA), and meet defined objectives.

• Perform continual improvement of all security and ISO processes.

• Perform any management-assigned responsibilities that do not conflict with ISMS or independence requirements.

• Provident fund,Medical allowance,Mobile bill,Over time allowance,Gratuity
• Festival Bonus: 2