Cybersecurity Risk & Compliance Specialist

Cybersecurity Risk & Compliance Specialist

We are looking for a dedicated Cybersecurity Risk & Compliance Specialist to join our IT Division and take ownership of managing security findings, driving remediation processes, and embedding cybersecurity practices across the organization. This is a highly impactful role, ensuring our systems remain resilient, compliant, and aligned with best practices and regulatory standards.

Key Responsibilities:

• Analyze, prioritize, and manage security findings, while driving risk management and remediation processes across the IT Division.
• Define and implement cross-organizational cybersecurity processes in alignment with corporate policies and regulatory requirements
• Draft and maintain cybersecurity procedures, policies, and work instructions for the IT Division
• Establish monitoring mechanisms, lead ongoing control activities, and drive work routines aimed at reducing exposures
• Initiate and lead preventive measures to strengthen the resilience of IT systems against cyber threats.
• Collaborate closely with Information Security, Infrastructure, Development, Risk Management, and Audit teams.
• Manage tasks in a matrix environment across diverse stakeholders and technical teams.
• Provide cybersecurity guidance and expertise in IT-related projects.
• Serve as a subject-matter expert and knowledge center for cybersecurity within the IT Division.
• Prepare and present progress reports, dashboards, and security status updates to senior management.

Requirements:

• Strong knowledge of Information Security principles, standards (ISO 27001, NIST), regulations (SOX, GDPR), and risk management methodologies - Must
• Proven experience in leading cross-organizational processes, managing multiple interfaces, and driving matrix collaboration - Must
• Advanced proficiency in Microsoft Office, especially Excel (formulas, Pivot Tables) and PowerPoint (professional presentation skills) - Must
• Excellent written and verbal communication skills, with the ability to draft clear documentation, procedures, and professional reports - Must
• Previous experience managing information security findings within a technological or financial organization – Must
• Experience in designing and implementing operational and technical controls – an advantage.
• Familiarity with GRC platforms or vulnerability management tools – an advantage.
• Relevant academic background (Computer Science, Information Systems, Risk Management, Industrial Engineering, or related fields) – an advantage.