At iU Talent, we believe that true success comes from the perfect combination of happy people, genuine talent, unwavering commitment and the power of technology. We are currently looking for a Information Security GRC Lead (m/f) to join the internal structure of a prestigious company in the insdustrial sector, located in Lisbon.
- Lead the design, implementation and growth of the information security GRC capability in alignment with Group’s business objectives, regulatory requirements, and the overall information security strategy;
- Lead enterprise information security risk assessments, including information security related operational, and regulatory risks;
- Oversee internal and external audits, ensuring compliance with standards such as ISO 27001, GDPR, NIS2, and others;
- Foster and promote a culture of information security compliance and risk awareness across the organization;
- Collaborate with stakeholders, including but not limited to security, IT, legal, human resources, and operational teams to ensure their understanding of the GRC framework;
- Coordinate and oversee the information security awareness program, including development of training content and collaterals;
- Monitor and report on the effective adoption and implementation of the various security controls across the organisation;
- Monitor regulatory changes and ensure timely adaptation of internal policies, processes, and procedures;
- Provide regular reporting on risk and compliance metrics to execute leadership and the board.
- Proven experience in small team leadership and management in information security GRC roles in a global enterprise environment;
- Willingness to operate and advise at strategic and operational levels;
- Ability to plan and prioritize to manage multiple workstreams simultaneously;
- 5+ years in information security GRC roles;
- Solid knowledge of international information security normative and regulatory landscape;
- Solid knowledge of information security frameworks, standards and best practices;
- Solid experience in information security Risk Management frameworks;
- High availability for travelling and working abroad for periods up to 3 weeks;
- Excellent English in both oral and written communication skills is mandatory;
- Excellent communication and interpersonal skills, including the ability to communicate information security concepts to non-technical audiences;
- Mature analytical, decision-making and problem-solving skills;
- Strong continuous improvement mindset.