Job Description
We are seeking a highly skilled GRC Officer to join our CISO team. This role will be responsible for managing and improving the Governance, Risk and Compliance processes of our organization.
Main Responsibilities
* Ensure compliance with relevant laws and regulations, including NIS2 and GDPR.
* Develop and maintain an effective Information Security Management System (ISMS) and risk management program.
* Collaborate with internal and external stakeholders to integrate risk management and compliance across all layers of the organization.
Key Skills
* Compliance with applicable policies and legislation.
* Information Security Management.
* Information Risk Management.
* CISO Security Solutions & Services.
* Governance, Policies & Awareness on information security and data protection.
* Project coordination and management within the CISO department.
* Reporting on CISO domains and security findings.
* IT Compliance follow-up.
* Knowledge updates and expansion.
* Data processing and quality assurance.
* CISO domain support for colleagues.
Required Knowledge
* Masters degree or equivalent through experience.
* ISO 27001-27005 and NIST Cybersecurity Frameworks.
* In-depth knowledge of NIS2, GDPR, and other relevant laws and regulations.
* Information Security Management Systems.
* Information Security Principles and Standards.
* Cybersecurity and privacy standards, frameworks, policies, regulations, legislation, certifications, and best practices.
* Risk Management Frameworks.
* GRC-Tooling.
Experience
* 5-10 years of relevant work experience, with at least 5 years in a similar position within Governance, Risk & Compliance.
* Experience in risk assessment, vulnerability management, and security incident response.
* Proven project management experience, including budgeting and presentation for senior management.
* Security experience, risk management experience, and delivery of ISMS audit evidence.
Practical Requirements
* English proficiency.
* Ability to work 2 days in the office.