Keyrus is an international consulting firm, specializing in the integration of data intelligence and Digital solutions. With over 3,500 employees spread across 27 countries, Keyrus continues to deliver on such projects to a wide range of clients from various industries including but not limited to Banking/Finance, Healthcare/pharmaceuticals, FMCG, Oil & Gas, and more.
As part of Keyrus solution delivery, we are also in a position to recruit and place technical consultants to complement on existing client projects with their expertise. As such, we seek innovative and agile people to support ambitious and forthcoming technological challenges.
About the Role
Our client seeks an ISO/IEC 27001 Lead Consultant to drive the ISMS program across IBMS and FMS in an airport environment. The role focuses on updating documentation to the latest ISO/IEC 27001:2022 standards, creating processes and artefacts for previously unaudited areas, coordinating with internal and external partners, and leading risk activities while planning certification through the full three-year ISO cycle, including initial certification and surveillance audits.
Key Responsibilities
- Review and streamline ISMS processes and documentation; align to ISO/IEC 27001:2022, ISO/IEC 27002:2022 and the Statement of Applicability for IBMS/FMS scope.
- Lead comprehensive risk assessment of airport assets and OT systems (IBMS/FMS), develop risk treatment plans, update SoA and control evidence.
- Develop missing policies, procedures, standards, data classification, supplier security, incident response, and OT/ICSspecific controls where gaps exist.
- Design and deliver ISMS awareness and rolebased training for Engineering, Facilities, OT and IT stakeholders.
- Plan and execute internal audits; track nonconformities and corrective actions to closure.
- Prepare and support management reviews (inputs, metrics, KPIs, effectiveness evaluation).
- Coordinate the certification body engagement: certification readiness, audit logistics, onsite support, responses to findings; build the surveillance audit calendar and handover plan.
- Orchestrate partners (systems integrators, OEMs, managed service providers) to deliver controls and evidence needed for certification.
- Establish interfaces with airport governance (safety, operations, physical security) and change management to ensure enduring compliance.
- Produce clear deliverables: currentstate gap report, risk register and RTP, updated ISMS library, audit pack, auditor playbook, training records, and a yearbyyear surveillance roadmap.
Requirements
1.Musthaves
- Industryrecognised ISO/IEC 27001 certifications (Lead Auditor and/or Lead Implementer) from IRCA, PECB or an equivalent body.
- 5+ years of proven ISO/IEC 27001 ISMS implementation and internal audit experience, including successful certification programs.
- Demonstrable experience across OT/industrial or campusscale environments; able to translate ISO controls for IBMS/FMS (e.g., BMS, access control, CCTV, fire, PA/VA, energy, elevators).
- Strong risk management, policy development, audit execution, supplier governance, and evidence management.
- Eligibility to work onsite in Singapore and to pass airport background/security clearance.
2.Nicetohaves
- Previous experience in airport or airline programs; exposure to aviation operational technology and critical infrastructure.
- Complementary certifications (e.g., ISO 22301, ISO 200001, CISSP/CISM/CISA) and familiarity with NIST CSF/80082.
- Experience engaging with accredited certification bodies operating in Singapore.
