Security Specialist
Posted 1 day ago
Security Specialist
Job description
Overview:
We are looking for a proactive and process-oriented Security GRC Specialist to join our Security Governance, Risk, and Compliance team. In this role, you will help strengthen the organization's security governance framework by supporting security reviews, risk assessments, policy development, and security initiatives across the company.
Purpose of the role:
You will work closely with Engineering, IT, Legal, HR, and business stakeholders to ensure security requirements are embedded into business processes and projects. A key part of the role includes driving Security Awareness initiatives to foster a strong security culture, alongside broader Governance, Risk, and Compliance activities.
As the Security GRC function continues to evolve, you will have the opportunity to contribute to Security by Design, third-party security assessments, process automation, and continuous improvement of the company's security governance.
This position is ideal for someone who enjoys combining governance, process improvement, stakeholder collaboration, and practical information security.
Key responsibilities:
- Perform Security Reviews for internal projects, business initiatives, and technology changes.
- Conduct Vendor Security Assessments and support third-party risk management activities.
- Participate in Security by Design reviews by identifying security risks and defining security requirements early in the project lifecycle.
- Develop, review, and maintain security policies, standards, guidelines, and governance documentation.
- Support Governance, Risk, and Compliance initiatives, including risk assessments, control implementation, and security process improvements.
- Plan, coordinate, and continuously improve Security Awareness initiatives, including employee training and phishing simulation campaigns.
- Measure the effectiveness of security awareness activities through reporting, metrics, and recommendations for improvement.
- Support the Security Disciplinary Framework and other governance-related processes.
- Identify opportunities to automate and optimize Security GRC processes, reporting, and operational workflows.
- Collaborate with cross-functional stakeholders to improve the organization's overall security posture and security maturity.
We are looking for someone who:
- Has a genuine interest in Information Security and Security Governance.
- Enjoys improving and optimizing business processes.
- Demonstrates strong analytical and problem-solving skills.
- Communicates effectively with both technical and non-technical stakeholders.
- Is detail-oriented, proactive, and well-organized.
- Enjoys driving initiatives and collaborating across teams.
- Is interested in automation and continuous process improvement.
Required experience:
- 1–3 years of experience in Information Security, Security GRC, IT Governance, Risk Management, Compliance, Security Operations, or a related field.
- Experience conducting security assessments, security reviews, or vendor security assessments.
- Experience developing security policies, standards, procedures, or governance documentation.
- Experience planning or supporting Security Awareness programs, phishing simulations, or security training initiatives.
- Experience with reporting and analytics tools.
- Basic scripting or workflow automation skills.
- Experience with Jira, Confluence, Google Workspace, or similar collaboration platforms.
- Familiarity with AI tools (ChatGPT, Gemini, Claude, etc.) to improve documentation, research, and operational efficiency.
Our Benefits:
- Private health insurance
- Sports benefits
- Comprehensive Mental Health Program
- Free English lessons (online)
- Local language courses
- Paid time off
- Maternity leave support
- Referral program rewards
- Upskilling, internal workshops, and participation in professional conferences and corporate events