Governance, Risk & Compliance Expert

📣 Would you like to join a company that puts people at the heart of its concerns? We are waiting for you! Since 2007, Extia, an engineering consulting company, has been offering a unique approach in its field by combining well-being at work and performance. At Extia, we bet on a very simple and successful principle which is “First who, then what", so let's go for it! 🚀

🌟 Join Our Team as a Governance, Risk & Compliance Expert 🌟

🌐 Ensuring information technology (IT) systems and/or solutions meet cybersecurity and risk requirements.

🚀First who?

• Excellent relational skills, able to function in an independent as well as ability to work well independently in a team environment.
• Manage/ organize and complete assigned projects by given deadline.
• Good knowledge of English - both written and spoken

🚀Then what?

• Ensuring information technology (IT) systems and/or solutions meet cybersecurity and risk requirements.
• Identify and assess cyber risks within an organization's IT infrastructure.
• Develop and implement strategies to mitigate and manage cyber risks
• Provide recommendations for improving cybersecurity controls and procedures to enhance overall cyber risk management.
• Develops, implements, and manages an effective compliance program.
• Conducts comprehensive assessments of the management, operational and technical security controls employed by an information technology (IT) system to determine their overall effectiveness.
• Conducts assessments of threats and vulnerabilities, and assesses the level of risk.
• Ensures the mitigation plan is properly deployed and implemented.
• Communicates updates on cyber risk activities to the stakeholders.
• Analyze the security risks associated with the introduction of new technologies or information systems.
• Regularly audit systems to verify compliance with Global Security Policies.
• Manage and maintain a GRC platform to track and report compliance activities (GRC platform/tools).
• Ensure all processes stay up to date on the latest regulations, standards and trends in risk and compliance
• Ensure all processes are complying with Security regulations

🎓 Qualifications:

• Knowledge of cybersecurity and privacy principles, standards and methods,
• Knowledge of cyber threats and vulnerabilities, as well as defense and vulnerability assessment tools,
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk),
• Knowledge of compliance with standards: PCI, GSMA, etc.
• Must have excellent written and verbal communication skills, requiring working knowledge of Microsoft Word, Excel, PowerPoint and Visio
• Focus on certain regulatory standards (e.g., GDPR, ISO 27001, NIST)
• Vulnerability management, all tools are appreciated
• GRC tools highly appreciated, GRC experience particular to risk management

🚗 Work Arrangements:

• 3 days/ week at the office

🚀Ready to join the "Who" and become the driving force behind the "What"? Apply now, and let's embark on this exciting journey together! 🌟

*please note that only suitable candidates will be contacted.