Information Security GRC Specialist

Job Responsibilities

The candidate is responsible for executing day-to-day security and governance activities, including monitoring compliance with security policies, supporting vulnerability management efforts, and conducting IT security assessments.

Key Functions :

• Support the implementation and maintenance of governance frameworks to ensure best practices, following advice from IT Security and Governance Analysts.
• Assist in developing, implementing, and enforcing policies and procedures to ensure organizational compliance and security.
• Manage regular risk assessments to identify potential risks and vulnerabilities, supporting the development of mitigation strategies.
• Monitor compliance with internal policies and external regulations, assist in audits, and ensure legal and regulatory requirements are met.
• Ensure lifecycle management and capacity planning for security and corporate technology components.
• Identify, assess, and manage vulnerabilities in the infrastructure, working closely with IT Security Analysts and understanding CSIRT reports.
• Maintain detailed documentation of governance and security activities, and prepare reports on compliance, risk assessments, and security metrics.
• Collaborate with IT Security and Governance Analysts to align security and governance activities.
• Develop and deliver training programs to educate employees on governance and security best practices, emphasizing continuous self-improvement.
• Identify opportunities for process improvements and support their implementation to enhance efficiency and effectiveness.

Qualifications

Education : University degree in Computer Science, Information Security, Information Technology, or related fields. Certifications such as CompTIA Security+, CISA, CISM, CISSP, or ISO 27001 Lead Auditor / Implementer are advantageous.

Experience : 2-3 years in IT security, governance, risk, and compliance roles, with knowledge of security principles, compliance assurance, and risk management. Basic understanding of IT infrastructure, network security, incident response, and governance frameworks. Familiarity with standards like ISO 27001, NIST, and regulatory requirements.

Skills : Ability to maintain accurate records and documentation, identify security risks, analyze data, troubleshoot issues, and communicate effectively with both technical and non-technical stakeholders.

About Us

Join a leading European telecommunications infrastructure and technological innovation company committed to redefining the future of telecoms. We are dedicated to connecting people worldwide with passion, honesty, and integrity, fostering a diverse and inclusive environment that values each individual.

We offer professional growth opportunities within a multidisciplinary team focused on innovation, creating value for stakeholders and society. We promote equity, diversity, and inclusion through inclusive leadership, ensuring a respectful environment for all.

J-18808-Ljbffr