Our client is an international tech consulting company with +25 years of experience offering solutions to support companies' businesses and digital transformation.
Responsibilities :
- Support the Information Security Officer (ISO) in rolling out the companys cybersecurity strategy and program.
- Assist in the development and deployment of a risk management framework that aligns with corporate objectives and policies.
- Ensure cybersecurity risk practices are integrated with the organizations overall risk management structure.
- Offer expert guidance on risk identification, assessment, and mitigation within both IT and OT environments.
- Evaluate the effectiveness of existing security controls across technical infrastructures.
- Continuously monitor cyber risks by assessing controls, asset vulnerabilities, threat landscapes, and security incident data.
- Provide regular updates on emerging risks and trends to risk owners and relevant governance bodies.
- Create and maintain comprehensive security documentation, including policies, processes, guidelines, contractual clauses, and control libraries.
- Design and maintain a harmonized IT / OT security architecture aligned with long-term cybersecurity goals.
- Build a centralized repository of security architecture components such as principles, terminology, service models, frameworks, and reference standards.
- Assist operational teams in identifying cybersecurity needs and risks in new services, systems, and development initiatives.
- Lead awareness and training programs to build a security-first culture across all levels of the organization.
- Supply evidence of risk oversight and control implementation for audits and compliance reviews.
- Report on the status and development of security initiatives to key business stakeholders.
Ensure adherence to security architecture principles and standards.
Gather and analyze performance and effectiveness indicators to inform decision-making and improve security posture.Requirements :
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a closely related field.Minimum of 3 years of experience in Information Security Governance, Risk, and Compliance (GRC) roles.Solid knowledge of security frameworks such as ISO 27001, ISO 27005, NIST, and IEC 62443.Familiar with relevant regulatory standards, including GDPR, NIS2, etc.
Hands-on experience with risk management platforms, compliance tools, and security monitoring systems.Skilled in conducting audits, risk assessments, and control validations.
Strong understanding of IT security fundamentals, including cloud environments and network protection.Willingness to travel.