IT Security Officer - Governance Risk and Compliance (GRC) professional
The position requires good knowledge and expertise within governance risk and compliance with a focus on Information security, audit readiness, security controls, and risk management.
You must help with audits, risk assessments, participate in various security projects, and onboarding of new customers to Aeven, ensuring the agreed compliance and controls are followed. You must guide project management and service lines on how to understand and implement security controls. Establish security operational manuals.
It requires that you maintain the role as a trusted IT Security Officer and the ability to identify, understand and transform customer requirements into high-quality security solutions and/or advice.
You can communicate complex security issues on CISO-level with a risk-based approach.
As a Customer Security Officer, with the specialty in Governance Risk and Compliance, you can be responsible for:
Your Responsibilities
* The CSO ensures to collect relevant input from contracted Aeven security deliverables, packages the information to a single security report, and presents this for the customer at security board meetings.
* Conducting Security Risk Assessments and GAP analyses.
* Conducting Business Impact Assessments (BIA) and Threats, Vulnerabilities & Controls assessments (TVCA).
* Advising on effective security policies and controls, and be able to monitor and enforce these in Aeven.
* Conducting various security assessments and creating a security roadmap in corporation with the Customer.
* Act as a SPOC and work closely with different stakeholders in the line of business, both internal and external, to ensure the delivered advice/solutions fit the overall goals and strategy of the customer organization.
* Assist in security projects, with onboarding of new customers and additional security services. Help in understanding the customer's security requirements and developing security control descriptions, risk assessments, business continuity plans, and Security operational manuals.
* Assist in audit of the customer's infrastructure and services.
* The CSO oversees, validates, and quality ensures the security services on an ongoing basis.
* The CSO can facilitate meetings with Aeven security-SMEs in relation to customer requests for new security technologies, etc.
* The CSO ensures to manage actions and related questions to the security services.
Your Knowledge and Experience
* Long Higher Education (Master) with supplementary education and min. 5 years of work or experience equivalent.
* It is preferred that you have one or more of the following certifications: CISA and ISO IEC 27001 Lead Implementer, CRISC.
* General knowledge of legal frameworks like: EU-GDPR, NIS2, DORA, and international security frameworks like: NIST and CIS18, PCI, SWIFT.
* Experience developing ISMS with control descriptions and reporting.
* Experience developing Business Continuity plans, conducting risk assessments, DPRA, DPIA, and likewise.
At Aeven, we’re on a mission to keep digital infrastructure critical to the lives of millions, safe, secure, and productive. And to do this, we need sharp minds, capable hands, and most importantly, positive personalities that are eager to collaborate, contribute, develop their skills, and make a difference.
When you join Aeven, you join a culture of expertise, inclusion, and growth where people matter. Your professional growth is valuable to us, and we will support you all the way – whether you’re interested in developing greater depth within your area of expertise, want to broaden your scope of skills, or wish to pursue new roles in our organization.
#J-18808-Ljbffr