Techtree
Techtree
New

Cybersecurity GRC Consultant

98k - 101.4k EUR/ rok.B2B
SeniorFull-time·B2B
#384647·Dodano wczoraj·0
Źródło: justjoin.it
Aplikuj teraz

Tech Stack / Keywords

cybersecurity GRC

Firma i stanowisko

This role is an on-site contract position at an EU agency headquarters in Warsaw, focusing on cybersecurity governance, risk, and compliance (GRC). The position involves working on GRC strategy, risk management frameworks, privacy impact assessments, and compliance programmes within a regulated public-sector environment.

Wymagania

  • Minimum Level 7 education (master's degree or equivalent in a relevant field)
  • English language proficiency at C1 (CEFR) or above
  • At least 9 years of ICT-relevant professional experience
  • At least 8 years of experience at a similar position
  • At least 4 certifications from the specified recognized list (e.g., CISA, CISM, CRISC, CISSP, CGRC, CSSLP, CCSP, CISSP-ISSMP, GSNA, GCCC, GIAC ISO-27000 Specialist, ISO 27001 Lead Implementer/Auditor, ISO 27005 Risk Manager)
  • Personal Security Clearance at RESTREINT UE/EU RESTRICTED level with security screening initiated within 45 days of assignment
  • 5+ years in cybersecurity GRC with focus on cybersecurity risk management
  • Experience designing or operationalising a cyber risk management framework
  • Hands-on experience with ServiceNow GRC (IRM / Risk / Policy and Compliance modules)
  • Experience maintaining and managing a cybersecurity risk register
  • Experience integrating risk management with vulnerability management, incident management, cloud risk, and third-party risk
  • Experience contributing to cybersecurity maturity improvement programmes
  • Knowledge of cybersecurity laws, regulations, standards, methodologies, and frameworks
  • Knowledge of cybersecurity and privacy policies and legal/regulatory compliance requirements
  • Knowledge of privacy impact assessment standards and frameworks
  • Ability to lead development of cybersecurity and privacy policies aligned to business and legal requirements
  • Ability to communicate data protection topics to diverse stakeholders

Obowiązki

  • Ensure compliance with and provide guidance on data privacy and data protection standards, laws, and regulations
  • Identify and document compliance gaps
  • Conduct privacy impact assessments; develop, maintain, communicate, and train upon privacy policies and procedures
  • Enforce and advocate the organisation's data privacy and protection programme
  • Ensure data owners, controllers, processors, and internal/external partners are informed of their data protection rights and obligations
  • Act as a key contact point for queries and complaints regarding data processing
  • Assist in designing, implementing, auditing, and compliance testing activities
  • Monitor audits and data protection training activities
  • Cooperate and share information with authorities and professional groups
  • Contribute to the development of the organisation's cybersecurity strategy, policy, and procedures
  • Develop staff awareness training to foster a culture of data protection
  • Manage legal aspects of information security and third-party relations

Inne informacje

This position requires a Personal Security Clearance at RESTREINT UE/EU RESTRICTED level, with security screening to be initiated within the first 45 days of assignment. The contract is for 12 months initially with up to three annual renewals (maximum 48 months total). The role demands on-site delivery approximately 30% intra-muros and 70% extra-muros, with no travel foreseen.

Techtree

Techtree

27 aktywnych ofert

Zobacz wszystkie oferty
Aplikuj teraz