CrawlJobs Logo

Cyber Security Governance, Risk and Compliance Specialist

India, Pune · Job Posted July 13, 2026
Apply Position
Job Link Share

Job Description

We are seeking 7 to 10yrs a highly skilled professional to support Office IT Security and Compliance initiatives by ensuring adherence to global security standards and regulatory frameworks. The role focuses on enabling compliance across Office IT domains, facilitating audit readiness, closing compliance gaps, and supporting risk mitigation through structured governance and evidence-based controls.

Job Responsibility

  • Collaborate with global Office IT teams to identify and close security and compliance gaps
  • Enforce security controls aligned with standards such as ISO 27001, GDPR, and other regulatory requirements
  • Implement, manage, and monitor controls across platforms, applications, and data environments
  • Conduct proactive compliance monitoring and reporting on a defined cadence
  • Collect and manage objective evidence for compliance frameworks such as CHARM
  • Maintain structured repositories and version control for audit artefacts and control documentation
  • Perform periodic audits of operations teams and drive remediation of findings
  • Conduct risk assessments and support mitigation planning across IT services and infrastructure
  • Assess data security risks during solution design and build stages
  • Promote security awareness and compliance culture across Office IT

Requirements

  • 7 to 10 years experience
  • Experienced in IT audit (internal or external) and compliance frameworks
  • Knowledgeable in ISO 27001 implementation or auditing practices
  • Familiar with SOX testing and IT General Controls (ITGC)
  • Professionally certified (e.g. CISA, CISSP, ISO 27001 Lead Auditor/Implementer, or cloud security certifications)
  • Skilled in IT risk assessment and risk management practices
  • Understanding of data privacy and data security frameworks (e.g. encryption, GDPR, PKI)
  • Awareness of cyber security domains such as vulnerability management, patching, and endpoint protection
  • Strong analytical and problem-solving capabilities with sound methodological thinking
  • Effective stakeholder engagement and communication skills

What we offer

  • Exposure to global IT security and compliance frameworks
  • Opportunity to work with cross-functional and international stakeholders
  • Experience in audit, governance, and risk management environments
  • Participation in large-scale compliance transformation initiatives
  • Continuous learning within a rapidly evolving cyber security landscape

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cyber Security Governance, Risk and Compliance Specialist

8 matching positions

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work from home, the office or a mix of both
  • work from anywhere for up to 30 days a year
  • access to learning resources, mentorship and a growth plan tailored to you
  • private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Italy , Milan
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both
  • Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you
  • Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right

Cyber Security Compliance Specialist

We are seeking a Cyber Security Compliance Specialist to drive and sustain compl...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced in Information Security Governance, Risk, and Compliance within a large or multi-market environment
  • Knowledgeable in security governance frameworks and compliance lifecycle management
  • Skilled in supporting audits, assurance reviews, and regulatory compliance activities
  • Comfortable coordinating with diverse stakeholders across Technology, Architecture, and Operations
  • Familiar with IT service management concepts and frameworks such as ITIL
  • Possess working knowledge of infrastructure, operating systems (Windows, Unix/Linux), middleware, and cloud environments from a governance perspective
  • Able to translate high-level security requirements into practical compliance actions
  • Highly organised with strong attention to detail and the ability to manage multiple priorities
  • Confident communicator with strong written and verbal English skills
  • Professionally qualified with certifications such as CISM or equivalent, ISO27001 training, and proficiency in Microsoft Office (including advanced Excel) and Microsoft Power Platform tools
Job Responsibility
Job Responsibility
  • Ensure adherence to Vodafone’s Cyber Security Baseline requirements and CHARM control framework
  • Drive lifecycle compliance for security controls such as hardening, patching, and vulnerability management across IT, cloud, and network domains
  • Perform and support periodic control assessments, operational effectiveness reviews, and evidence validation activities
  • Contribute to internal and external audits (e.g. Internal Audit, Group Cyber Assurance), including evidence preparation and remediation tracking
  • Provide governance oversight and security input for systems under development or undergoing significant change
  • Maintain, analyse, and present compliance dashboards, metrics, and trends to enable risk-based decisions
  • Participate in cyber risk assessments, including identification, analysis, and mitigation tracking
  • Collaborate with stakeholders including Technology, Architecture, Service Owners, and Local Markets to address control gaps and risks
  • Support continuous improvement of compliance processes, including standardisation and automation initiatives
What we offer
What we offer
  • Opportunity to work within a global cyber security and compliance ecosystem
  • Exposure to large-scale, multi-market technology environments
  • Involvement in high-impact audit and assurance programmes
  • Collaborative working environment with cross-functional stakeholders
  • Continuous learning and professional development in cyber security governance and compliance practices
  • Fulltime
Read More
Arrow Right

Information Security Integration and Governance Specialist

Within Airbus Defence and Space SAU, Corporate Security operates under a holisti...
Location
Location
Spain , Getafe Area
Salary
Salary:
Not provided
airbus.com Logo
Airbus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • University degree in Computer Science, Engineering, Telecommunications, Information Systems, or a related field
  • Relevant industry certifications are highly valued (e.g. CISSP, CISM, CISA, ISO/IEC 27001 Lead Implementer/Auditor)
  • Deep understanding of risk analysis: proven experience leading and documenting comprehensive Information Security Risk Assessments (RAR) and defining effective mitigation strategies. Knowledge of MAGERIT and EBIOS methodologies and tools (Pilar / Fence)
  • Regulatory Compliance Mastery (ENS, CCN-STIC…)
  • Accreditation and Audit Management: extensive hands-on experience in managing security audits and supporting system accreditation/certification processes (eg. ISO 27001, ENS compliance)
  • Penetration Test Coordination: experience coordinating penetration testing (overseeing the scope, evaluating technical results, and tracking remediation plans)
  • Security Architecture/Controls: solid understanding of technical security controls across network, system, and application layers, and the ability to interface with IT/DevOps teams
  • Security Project Management: Demonstrated ability to manage and deliver security implementation projects on time and within budget, translating high-level policy into actionable tasks
  • Deviation Management: experience defining, managing, and tracking security exceptions or deviations, including risk acceptance and compensating control documentation
  • Stakeholder communication: excellent written and verbal communication skills to effectively bridge the gap between Corporate Security management and IT operation teams
Job Responsibility
Job Responsibility
  • Strategic Interconnection: Act as the interface and point of contact between the Corporate Security area and the Digital area, translating security requirements into applicable technical solutions
  • Risk Management and Analysis: Lead the analysis, assessment, and treatment of security risks, identifying vulnerabilities and proposing countermeasures to mitigate the potential impact on company assets
  • Regulatory and Legal Compliance: Ensure strict knowledge and compliance with Spanish and international applicable regulations (eg ENS, CCN-STIC, NIS2, CRA, ISO 27001, NATO, EU, PART-IS, CMMI, NIST), as well as actively participating in accreditation processes and system certification
  • Audit and Accreditation: Coordinate security audits (internal and external) and manage the necessary documentation and evidence for system accreditation processes
  • National networks: provide technical expertise and support to the Spanish NISO (National Information Security Officer) in evaluating and defining the security conditions required to answer the demands for different areas regarding interconnections and geographical extensions of our national network
  • Security Project Management: lead or participate in the management of key projects aimed at implementing, updating, or reinforcing security controls and tools
  • Deviation Management: administer and document the security deviation management process, evaluating its associated risk and establishing mitigation plans
  • Support the Spanish NISO in the implementation of the company digital security strategy within the framework of the national laws and regulations and in the implementation of technical and organization measures to identify, resort and manage cyber security risks
  • Fulltime
Read More
Arrow Right

Nis2 Cybersecurity Specialist | Governance & Compliance

Location
Location
Czech Republic , Prague
Salary
Salary:
Not provided
sportvision.cz Logo
Sport Vision Czechia s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of experience in cybersecurity, information security, risk management, or compliance
  • Hands-on experience with implementing cybersecurity frameworks or regulatory requirements
  • Strong knowledge of standards such as ISO 27001, TISAX, IEC 62443, NIST CSF or similar
  • Experience with security audits and remediation activities
  • Strong understanding of cybersecurity governance and risk management
  • Knowledge of incident response, vulnerability management, and security operations
  • Good understanding of enterprise IT infrastructure, cloud environments, and industrial systems
  • Ability to translate regulatory requirements into practical business solutions
  • Strong communication and stakeholder management skills
  • Fluent English (mandatory), Czech language skills
Job Responsibility
Job Responsibility
  • Lead and coordinate NIS2 readiness assessment and implementation activities across the organization
  • Perform cybersecurity risk assessments and define mitigation and remediation plans
  • Develop and maintain cybersecurity policies, standards, procedures, and governance frameworks
  • Coordinate incident management and reporting processes, ensuring alignment with regulatory requirements
  • Support compliance with NIS2, ISO 27001, TISAX, and related standards
  • Collaborate with cross-functional teams including IT, OT, engineering, quality, and management
  • Drive cybersecurity awareness and training initiatives across the organization
  • Coordinate internal and external cybersecurity audits
  • Act as the main point of contact for cybersecurity compliance topics
  • Monitor regulatory developments and emerging cyber threats and translate them into actionable measures
What we offer
What we offer
  • Opportunity to lead a high-impact NIS2 implementation project
  • Work in an international environment with strong cross-functional collaboration
  • Long-term cooperation with career growth potential
  • Exposure to modern cybersecurity frameworks and best practices
  • Competitive compensation and benefits package
  • Flexible working conditions
  • On-site collaboration with the client in Prague – Hostivař (minimum 3 days per week required)
  • Interest-free employee loans
  • Cafeteria - individual benefit system
  • Financial reward for employee referral or extra time off
  • Fulltime
Read More
Arrow Right

Specialist – Governance, Risk & Control

To manage and lead the Technology Security Governance, Risk, Compliance and Assu...
Location
Location
Lesotho
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree or equivalent in IT/Engineering or relevant tertiary qualification
  • Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII), GDPR, etc.
  • Proven experience managing and operating multiple security programs, projects, and initiatives
  • Ability to write reports for different security stakeholders
  • Proficient in preparation of reports, dashboards and documentation
  • Knowledge of and experience with GDPR
  • Web Application security and best practises
  • Business Analysis skills
  • High competence in Programming skills
  • Risk assessment skills
Job Responsibility
Job Responsibility
  • Direct, develop, implement and maintain a comprehensive Vodacom-wide information security governance, risk and compliance strategy
  • Ensure security is embedded in IT System and Network Infrastructure (Mobile, IS and Enterprise) across the Vodacom
  • Ensure timely delivery of technology security assurance and support for projects
  • Provide accurate and timely reporting of technology security risks identified during project engagement and propose remediation and mitigation options
  • Monitor information security governance, risk, and compliance by Vodacom BIT, Mobile and Enterprise Business domains
  • Ensure alignment of information security governance with the Vodacom’s business objectives, the information security strategy, plans and controls
  • Ensure compliance with the applicable legislative and regulatory interpretation and corporate risk appetite
  • With the assistance of Head: Technology Governance, Lead, develop, manage and maintain the Vodacom-wide information security governance deliverables lifecycle including compliance measurement, deviations and exemptions
  • Engage with the stakeholders on compliance to control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement
  • Develop, manage and implement the Vodacom information security audit and assurance plans and schedules, including any specific business needs and requirements (including PCI, ISO27001, GDPR, Data Protection Act of Lesotho, Cyber Crime Bill)
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right

Cyber Compliance Specialist

We are seeking a Security Compliance Specialist who will ensure full compliance ...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong technical understanding across IT domains with emphasis on cyber security
  • Quality-driven mindset with experience in frameworks such as ITIL
  • Background in project or programme coordination
  • Working knowledge of ITIL service management processes
  • Capability to build KPIs and analytical reports, ideally with BI tools
  • Experience in IT governance across datacentre or cloud environments
  • Highly organised with strong communication and interpersonal skills
  • Fluent in English
  • Knowledge of Wintel, UNIX/Linux, middleware technologies
  • Familiarity with on‑premise and cloud environments
Job Responsibility
Job Responsibility
  • Identify vulnerabilities and hardening gaps for new and existing systems
  • Report deviations to IT operations teams and maintain oversight of remediation progress
  • Drive and sustain compliance against lifecycle security controls across the organisation
  • Agree corrective actions with stakeholders and track them through closure
  • Maintain structured compliance reports and dashboards
  • Continuously improve process maturity and compliance performance
  • Conduct periodic reviews to validate compliance levels
  • Perform risk assessments and highlight significant security risks
  • Fulltime
Read More
Arrow Right