GRC Security Expert

Your influential mission. You will... 

• Define, establish and implement organizational information security processes, to ensure business, regulatory, legislative and contractual requirements and obligations are met. 
• Manage the internal and external ISMS audit processes, monitor effectiveness of controls and corrective actions in cooperation with the stakeholders across the organization. 
• Manage gap analysis, compliance readiness, and compliance monitoring activities for ISO/IEC 27001, PCI DSS and other regulatory security audits.  
• Coordinate external security audits, assessments and testing as well as remediation plans development and implementation. 
• Identify, assess and monitor information security risks and recommend mitigation measures.  
• Develop content, coordinate and facilitate a comprehensive organizational information security awareness training program.  
• Manage security requirements with third parties, including due diligence of products and services providers and information security requirements clauses in service provision agreements and contracts.  
• Develop, coordinate and maintain information security policies, procedures and other security related documents. 
• Analyse, map and communicate information security requirements, that derive from legislative and regulatory obligations in various jurisdictions. 
• Serve as project manager/lead within security projects.  
• Continually improve and update knowledge to accommodate changes to the company’s regulatory environment and needs.