Information Security Officer

About the role

We are looking for a Senior Information Security Officer (ISO) with a strong focus on Governance, Risk & Compliance (GRC) to further strengthen and mature our information security landscape. In this role, you will ensure that policies, controls, and processes align with recognized security frameworks while enabling the business to operate securely and efficiently.

Key responsibilities

• Own and continuously improve the information security and compliance framework
• Develop, implement, and monitor information security policies and controls
• Perform risk assessments and advise on mitigation strategies
• Support client security reviews, audits, and tender processes
• Organize and facilitate Business Continuity and tabletop exercises
• Conduct security assessments for new vendors, tools, and third parties
• Maintain and enhance the security awareness program
• Manage and review audit evidence for ISO 27001, ISAE 3402, and SOC 2
• Report on security posture, risks, and compliance status to stakeholders

Your profile

• 5+ years of experience as an Information Security Officer, GRC Consultant, or similar role
• Strong hands-on knowledge of ISO 27001 and risk management methodologies
• Familiar with compliance frameworks such as SOC 2 and ISAE 3402
• Excellent communication skills; able to explain security to technical and non-technical audiences