GRC & CISO Tech Lead

Company Description

Peer Security is a leader in cybersecurity innovation, specializing in web application, mobile, thick client, and infrastructure penetration testing. Founded by renowned industry researchers, the company is dedicated to safeguarding businesses’ digital assets against evolving cyber threats. Using advanced methodologies and tools, Peer Security delivers tailored solutions designed to meet clients' unique security needs while ensuring resilience and protection. Known for its commitment to excellence, the organization provides end-to-end security services, from assessment to post-engagement support, with a collaborative and customer-focused approach. Peer Security strives to be a trusted global partner, driving advancements in cybersecurity to secure the digital landscape of the future.

Role Description

We are looking for a CISO & GRC Tech Lead to take ownership of the organization's security, risk, and compliance program while serving as a strategic security leader and trusted advisor across the business.

This role combines executive-level security thinking with hands-on leadership of Governance, Risk &

Compliance initiatives. The ideal candidate brings a strong technical background, understands modern cloud and engineering environments, and can effectively bridge business objectives, regulatory requirements, and practical security implementation.

The position requires a proactive leader with a CISO mindset, capable of driving security strategy, managing organizational risk, leading compliance efforts, and collaborating closely with engineering, product, operations, and executive leadership.

Qualifications

• Strong background in Information Security and Cybersecurity, including defining security roadmaps, risk management, and incident response.
• Experience in Information Security Management and governance, including policies, standards, frameworks (e.g., ISO 27001, SOC 2, NIST), and regulatory compliance.
• Knowledge of Business Continuity and Disaster Recovery planning, testing, and integration with overall risk and resilience strategies.
• Experience leading or significantly contributing to GRC programs in a technology or cybersecurity-focused organization.
• Ability to translate complex technical risks into clear business impact for senior stakeholders and clients.
• Proven experience working in or closely with penetration testing, security consulting, or product security teams is highly beneficial.
• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience; relevant certifications (e.g., CISSP, CISM, CISA, OSCP, CCSP) are an advantage.
• Strong communication, documentation, and stakeholder management skills, with the ability to work effectively in a collaborative, fast-paced environment.

Requirements

• 3+ years of experience in Cyber Security.
• Hands-on experience leading risk assessments and compliance processes end to end
• Experience working with frameworks and regulations (SOC2 / ISO 27001 / GDPR)
• Familiarity with penetration testing concepts and standards such as OWASP Top 10
• Proven experience leading cross-functional projects
• Strong stakeholder management skills, with the ability to communicate with both technical and non-technical audiences
• Fluent English (spoken and written) - MUST