Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Information Security GRC Specialist – Cybersecurity
📍 Location: Vienna, Austria or Warsaw, Poland
🕒 Duration: 12-Month Contract (with potential extension)
🏠 Work Mode: Hybrid (3 days onsite per week)
About the Role
Our client is seeking an experienced Information Security GRC Specialist to strengthen their cybersecurity, compliance, and risk management capabilities.
This is a hands-on position where you’ll design and implement governance frameworks, drive compliance with international standards, and ensure effective security controls across engineering and business operations. If you have a strong grasp of ISO 27001, SOC 2, and NIST frameworks — and enjoy working at the intersection of technology, compliance, and risk — this role offers the opportunity to make a real impact.
Key Responsibilities
- Lead and support enterprise-wide risk management and compliance programs, ensuring alignment with ISO 27001, SOC 2, and NIST frameworks.
- Conduct technical risk assessments, identify vulnerabilities, and drive the implementation of appropriate mitigation strategies.
- Present and report on risks to leadership teams using metrics and dashboards.
- Collaborate with internal stakeholders and external auditors to ensure audit readiness and continuous compliance.
- Implement and improve security awareness programs across the organization.
- Support the design and rollout of security controls across engineering, infrastructure, and business environments.
- Stay current with evolving cybersecurity threats, regulations, and best practices, continuously enhancing internal processes.
- Contribute to security-related projects and ensure that risk and compliance objectives are embedded into all initiatives.
What We’re Looking For
- Solid experience implementing and managing risk frameworks based on ISO 27001 and related standards.
- Strong background in cybersecurity, risk management, and compliance.
- Proven experience conducting technical risk assessments and applying security controls across enterprise systems.
- Experience developing or leading security awareness training initiatives.
- Familiarity with SOC 2, NIST, and other regulatory frameworks.
- Excellent stakeholder engagement and presentation skills — able to communicate complex risks clearly.
- Experience working as an Information Security Officer or internal security expert is highly desirable.
Why Join
- Work in a collaborative, cross-functional environment driving real cybersecurity transformation.
- Engage with high-impact compliance programs that shape enterprise-wide risk culture.
- Opportunity to extend or transition into a long-term engagement with a global cybersecurity function.
If you have the relevant experience, please apply with your CV and we will be in touch.
Key Skills
Ranked by relevanceReady to apply?
Join Queen Square Recruitment and take your career to the next level!
Application takes less than 5 minutes