Information Security Specialist

🛡️ Information Security Specialist | GBL Tech

At GBL Tech, we drive high-impact technology careers through specialization and scale. We operate across critical digital ecosystems—from Fintech to Smart Industry—connecting talent with technically challenging projects and modern stacks.

The Project

You will join a strategic Governance, Risk, and Compliance (GRC) initiative focused on strengthening our Information Security Management System (ISMS). In an increasingly regulated landscape, you will be the bridge between technical excellence and regulatory requirements, ensuring our operations are resilient and aligned with the latest European standards like DORA and NIS2.

What You’ll Be Doing

• Architecting Governance: Lead the evolution of our ISMS by designing and fine-tuning security policies that balance robust protection with business agility.
• Risk Orchestration: Conduct deep-dive risk assessments, acting as a strategic advisor to stakeholders to turn vulnerabilities into mitigated, manageable assets.
• Regulatory Navigation: Ensure our ecosystem stays ahead of the curve, mastering compliance for ISO 27001, GDPR, and the complex requirements of DORA and NIS2.
• Security Evangelism: Empower our teams by developing high-impact awareness programs, shifting security from a requirement to a core company value.
• Vetting & Innovation: Assess the security posture of new software and third-party services (TPRM), ensuring that every new tool integrates safely into our stack.
• Executive Insights: Translate complex security metrics into clear, actionable intelligence for board-level reporting and strategic decision-making.

What We Are Looking For

• At least 5 years of experience (ideally from a consulting background) navigating the intersection of security, risk, and business growth.
• Deep expertise in the ISO 27000 family and a proactive grasp of the evolving European regulatory landscape (DORA/NIS2).
• A solid understanding of cybersecurity fundamentals, including hands-on familiarity with SIEM workflows and GRC platforms.
• Good knowledge of English.

Interested? If this project — or similar opportunities with similar technology environments — sounds interesting to you, feel free to apply or reach out.