Information Security Risk Officer

Greece
Engineering – Information Security /
Full-time /
Hybrid
Apply for this job
Information Security Risk Officer - Cyprus

The role:

Join our dynamic Information Security GRC team to play a crucial role in strengthening our business operations. As a key member, you'll enforce our Information Security Framework, conduct internal risk assessments, and collaborate with the CISO to define assessment scopes. Your responsibilities will include: review internal systems, processes, and procedures, record risks, and prepare insightful reports. Additionally, you'll contribute to Information Security projects, ensuring state-of-the-art solutions in line with regulatory requirements and best practices. This is an opportunity to make a significant impact in a forward-thinking environment, safeguarding our business while driving innovation in Information Security. Join us for a fulfilling journey!

The main responsibilities of the position include:

    • Plan and execute technical and targeted risk assessments in IT infrastructure, applications, technologies, and third parties
    • Assess internal controls, processes, and policies related to Information Technology and Security, identify deficiencies, and develop remediation strategies
    • Perform risk analysis on current risks and identify potential risks at operational, tactical, and strategic level
    • Perform risk evaluation on previously handled risks and compare mitigation approaches to potential risks
    • Maintain the risk register and the Information Security Risk Management Program
    • Identify information security risks and make recommendations that are appropriate, practical, and cost-effective
    • Manage and monitor the progress of remediation steps on risk assessment findings
    • Prepare comprehensive reports summarising the actions taken for to remediate identified risks
    • Provide regular reports and metrics on the security posture of the company to the CISO
    • Act as the escalation point of the information security department for any information security related risks

Main requirements:

    • BSc/MSc in Information Security or any other relevant degree
    • At least 3 years of work experience in information security risk management and information security risk assessment
    • Technical knowledge of operations, physical, network, host and application security, as well as security architecture, virtualisation, and cloud infrastructures
    • Good understanding of security regulations and frameworks, such as ISO 27001, NIST CSF and 800-53, GDPR, etc
    • Risk-related certifications, such as CRISC, CGRC, and CISSP, are a plus
    • Ability to work autonomously with minimum supervision and to integrate well within a team
    • Ability to articulate security risks and communicate effectively to various levels of management
    • Self-motivated, proactive, and efficient
    • Ability to work under pressure in a fast paced environment
    • Strong interpersonal, organisational, and project management skills
    • Excellent communication skills with the ability to explain technical concepts to a non-technical audience.
    • Excellent written and verbal skills in English

Benefit from:

    • Attractive remuneration package plus performance related reward
    • Private health insurance
    • Corporate pension fund
    • Intellectually stimulating work environment
    • Continuous personal development and international training opportunities


All applications will be treated with strict confidentiality!

Apply for this job

XM Careers Home Page

Jobs powered by Lever logo