Cyber Security Consultant - GRC Tools

As an Information Security Risk Manager in our organization, your role involves conducting regular internal assessments and risk evaluations to identify, evaluate, and mitigate risks related to information security and business operations. You will recommend actions and improvements to enhance IT governance maturity using frameworks like ISO 27001, NIST, and TISAX. Ensuring compliance with information security policies, procedures, and standards across the organization is a key responsibility. Your responsibilities will also include performing ongoing checks and Key Risk Indicator (KRI) monitoring on security tools and systems, monitoring and managing security-related nonconformities, conducting risk assessments, and preparing documentation to support external audits. Collaborating with IT, legal, and other business stakeholders to integrate information security risk management into business processes is essential. Additionally, you will contribute to the creation and refinement of information security policies, procedures, and guidelines, deliver training programs to raise awareness of security best practices, and maintain comprehensive documentation of risk assessments and compliance activities. Qualifications required for this role include a Bachelor's degree in Information Security, Cybersecurity, IT, or a related field. Professional certifications such as CISSP, CISM, CISA, ISO 27001, or NIST are preferred. Proven experience with risk assessments, internal audits, and IT governance frameworks (ISO 27001, NIST, TISAX) is necessary. A strong understanding of information security principles, experience with security tools and technologies, excellent communication skills, and the ability to work collaboratively with various teams and stakeholders are also essential. Strong attention to detail and organizational skills will be beneficial in this role. As an Information Security Risk Manager in our organization, your role involves conducting regular internal assessments and risk evaluations to identify, evaluate, and mitigate risks related to information security and business operations. You will recommend actions and improvements to enhance IT governance maturity using frameworks like ISO 27001, NIST, and TISAX. Ensuring compliance with information security policies, procedures, and standards across the organization is a key responsibility. Your responsibilities will also include performing ongoing checks and Key Risk Indicator (KRI) monitoring on security tools and systems, monitoring and managing security-related nonconformities, conducting risk assessments, and preparing documentation to support external audits. Collaborating with IT, legal, and other business stakeholders to integrate information security risk management into business processes is essential. Additionally, you will contribute to the creation and refinement of information security policies, procedures, and guidelines, deliver training programs to raise awareness of security best practices, and maintain comprehensive documentation of risk assessments and compliance activities. Qualifications required for this role include a Bachelor's degree in Information Security, Cybersecurity, IT, or a related field. Professional certifications such as CISSP, CISM, CISA, ISO 27001, or NIST are preferred. Proven experience with risk assessments, internal audits, and IT governance frameworks (ISO 27001, NIST, TISAX) is necessary. A strong understanding of information security principles, experience with security tools and technologies, excellent communication skills, and the ability to work collaboratively with various teams and stakeholders are also essential. Strong attention to detail and organizational skills will be beneficial in this role.