Information Security Risk Officer
This job post is expired. You can search for other jobs here at www.carierista.com.
#XM64102 Type: Full time
Information Security Risk Officer - Cyprus
The role:
Join our dynamic Information Security GRC team to play a crucial role in strengthening our business operations. As a key member, you'll enforce our Information Security Framework, conduct internal risk assessments, and collaborate with the CISO to define assessment scopes. Your responsibilities will include: review internal systems, processes, and procedures, record risks, and prepare insightful reports. Additionally, you'll contribute to Information Security projects, ensuring state-of-the-art solutions in line with regulatory requirements and best practices. This is an opportunity to make a significant impact in a forward-thinking environment, safeguarding our business while driving innovation in Information Security. Join us for a fulfilling journey!
Main responsibilities:
- Plan and execute technical and targeted risk assessments in IT infrastructure, applications, technologies, and third parties
- Assess internal controls, processes, and policies related to Information Technology and Security, identify deficiencies, and develop remediation strategies
- Perform risk analysis on current risks and identify potential risks at operational, tactical, and strategic level
- Perform risk evaluation on previously handled risks and compare mitigation approaches to potential risks
- Maintain the risk register and the Information Security Risk Management Program
- Identify information security risks and make recommendations that are appropriate, practical, and cost-effective
- Manage and monitor the progress of remediation steps on risk assessment findings
- Prepare comprehensive reports summarising the actions taken for to remediate identified risks
- Provide regular reports and metrics on the security posture of the company to the CISO
- Act as the escalation point of the information security department for any information security related risks
Main requirements:
- BSc/MSc in Information Security or any other relevant degree
- At least 3 years of work experience in information security risk management and information security risk assessment
- Technical knowledge of operations, physical, network, host and application security, as well as security architecture, virtualisation, and cloud infrastructures
- Good understanding of security regulations and frameworks, such as ISO 27001, NIST CSF and 800-53, GDPR, etc
- Audit-related certifications, such as CRISC, CGRC, and CISSP, are a plus
- Ability to work autonomously with minimum supervision and to integrate well within a team
- Ability to articulate security risks and communicate effectively to various levels of management
- Self-motivated, proactive, and efficient
- Ability to work under pressure in a fast paced environment
- Strong interpersonal, organisational, and project management skills.
- Excellent communication skills with the ability to explain technical concepts to a non-technical audience.
- Excellent written and verbal skills in English.
Benefits:
- An attractive remuneration package, plus performance-related reward.
- Private health insurance.
- Corporate pension fund.
- An intellectually stimulating work environment.
- Continuous personal development and international training opportunities.
Type of employment: Full-time
Location: Limassol or Nicosia
Please visit our website https://bit.ly/42BfCPy to submit your online application for this position.
All applications will be treated with strict confidentiality!