IT Security Governance, Risk, and Assurance
Si los siguientes requisitos del puesto y la experiencia coinciden con sus habilidades, por favor, asegúrese de enviar su solicitud sin demora.
We are looking for a committed and engaged professional to work in a dynamic environment, collaborating with senior stakeholders to identify, assess, and mitigate risks related to cybersecurity, IT systems, and business processes.
What We Look For
An effective communicator, confident team player with genuine passion for making things happen in a dynamic organization. Ready to take on a wide range of responsibilities and committed to seeking new ways to make a difference.
The Role
Reporting to the Cyber & IT Risk Team Lead, the role focuses on identifying, assessing, and mitigating risks and supporting the implementation of our organization’s cybersecurity and IT controls strategy. The position works with internal stakeholders, analyzes key risks, establishes regular dialogue between risk and control owners, and develops strategies to enhance the security of IT and business processes.
Main Responsibilities
Build and maintain the Audit function within Information Security.
Manage and mature the Information Security & IT risk control framework to enable effective operation and monitoring of controls.
Document and report control failures and gaps to stakeholders;
provide remediation guidance and occasionally drive projects to ensure deployment of mitigation actions.
Develop security policies, standards, and procedures to drive standardization and centralization of control activities.
Perform risk assessment activities across the organization, identify potential risks within IT and business processes, and recommend risk mitigation strategies and controls.
Ensure risks and remediation plans are regularly addressed and implemented by risk and control owners.
Support activities to maintain compliance with relevant regulations and standards (e.G., ISO27001, NIST, GDPR).
Audit and document processes and prepare reports summarizing findings and insights for management and stakeholders.
Required Qualifications
Bachelor’s degree in a relevant field and at least 4 years of direct experience within Information Security & IT risk and compliance.
Experience working in GRC departments and in defining, creating, and executing an Information Security & IT risk control framework, including for third‑party partners.
Experience documenting security procedures, policies, and standards.
Performing information security & IT assessments and conducting compliance and maturity assessments using international standards and best practices.
Ensuring that all risks, vulnerabilities, and non‑conformities are actively managed, monitored, documented, and mitigated when possible.
Defining and tracking KPIs/KRIs and generating reporting adapted for different levels and stakeholders.
Performing Information Security & IT controls audits and executing remediation plans for internal and third‑party partners.
Preferred Qualifications
Relevant security certifications: CISSP, CRISC, CISM, CISA, Security+, ISO27001.
Proficiency with MS Office, project management, and at least one GRC tool (recommended).
Familiarity with auditing, monitoring, controlling, and process assessment.
Professional Experience
Demonstrated planning and problem‑solving skills and ability to analyze complex technical issues.
Thorough understanding of regulatory compliance requirements (SOC 2, NIST, GDPR, COBIT, ITIL, etc.).
Ability to build professional relationships and collaborate effectively with peers and stakeholders.
Experience organizing and carrying out risk assessments and compliance projects.
Fluent English written and verbal communication skills.
Availability to travel. xhfqzwm
Verisure Innovation is an equal‑opportunity employer and welcomes applicants from diverse backgrounds.
#J-18808-Ljbffr