Information Security GRC Specialist

Job Title: Information Security GRC Specialist

Location Poland -Hrubieszowska 2, 01-209 Warszawa, Poland

Job Type: 12 months B2B contract + possible extension

Travel: 3 days onsite. Per week

Key skill

• Solid experience with implementing risk framework based on iso27k
• presenting risk and collecting risks
• ⁠experience with security awareness training
• technical risk assessments and implementing security controls across engineering and business departments (previous experience as an internal Information Security Officer/expert in organization).

Job description

• Lead technology and security compliance programs that meet industry standards, regulatory requirements, and organizational objectives.
• Lead technical assessment activities to identify, evaluate, and prioritize information security risks across the organization, including threats, vulnerabilities, and potential impacts to information and technology assets.
• Develop and drive implementation of effective risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
• Develop comprehensive metrics and dashboards to communicate the status of information security risks to stakeholders and leadership.
• Analyze security data to identify trends, vulnerabilities, and areas for improvement.
• Collaborate with internal and external auditors to facilitate security audits and assessments.
• Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
• Stay current with industry trends, emerging threats, and best practices for information security and risk management.
• Provide expert technical guidance and support in developing and maintaining information security policies, standards, and procedures.
• Implement enterprise-wide risk management frameworks that aligns with industry standards (e.g. ISO27001, NIST, etc).