CrawlJobs Logo
Awin Global Logo Awin Global · IT - Software Development

Information Security GRC Specialist

Germany; Spain; Poland; United Kingdom; Italy; Romania; Sweden; France, Berlin · Job Posted April 24, 2026
Apply Position
Job Link Share

Job Description

As Information Security GRC Specialist (f/m/d) you will own and drive Awin's global Information Security Risk Management capability end-to-end, ensuring the business not only understands its risks but takes measurable action to reduce them. You will be accountable for embedding a strong culture of risk ownership across the organisation, proactively identifying gaps, and driving remediation through to completion. This role requires structured risk identification, assessment, and reporting whilst acting as a advisor to senior leadership and the board. It ensures that risk appetite is clearly defined, actively used in decision-making, and consistently monitored.

Job Responsibility

  • Lead enterprise-wide risk identification and assessment across strategic initiatives, technology, and third parties
  • Drive risk remediation to closure, holding risk owners accountable for delivery
  • Own and maintain the Information Security Risk Register
  • Define, embed, and maintain the organisation's risk appetite
  • Provide clear, opinionated, and actionable risk insights to senior management and the board
  • Confidently challenge and influence stakeholders to ensure risks are neither understated nor inappropriately accepted
  • Own and continuously improve Awin's global information security risk management framework
  • Embed risk management into business processes
  • Mentor and develop GRC team members
  • Lead horizon scanning across emerging threats, regulatory changes, and industry developments

Requirements

  • Proven track record of owning and delivering risk management initiatives end-to-end
  • Experience driving risk remediation across teams without direct authority
  • Strong experience presenting and defending risk positions to senior leadership and boards
  • Hands-on experience within an ISO 27001-certified ISMS environment
  • Strong knowledge of frameworks such as ISO 27001
  • Experience designing, implementing, or improving control frameworks
  • Experience with GRC platforms (e.g. Hyperproof)
  • Confident communicator (with very good English skills) - able to build relationships and challenge/influence senior stakeholders

What we offer

  • Flexi-Week and Work-Life Balance: four-day Flexi-Week at full pay and with no reduction to annual holiday allowance
  • Remote Working Allowance
  • Flexi-Office and hybrid/remote work possibilities
  • Development: training suite Awin Academy
  • Appreciation: peer-to-peer voucher program
Awin Global - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security GRC Specialist

8 matching positions

Senior Information Security GRC Specialist

The Senior Information Security GRC Specialist is responsible for enhancing the ...
Location
Location
Saudi Arabia
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology or Computer Science
  • Certifications like CISA and CRISC
  • At least 5 years of experience in information security
  • Strong communication skills
Job Responsibility
Job Responsibility
  • Enhancing the organization's information security program through risk assessments, compliance management, and policy development
What we offer
What we offer
  • Access to various wellness initiatives and health benefits tailored to individual needs
  • Competitive leave policies for vacations, illness, recovery or significant life events
  • Competitive salary plus a bonus or commission plan
  • Access to unrestricted courses, learning programs and professional certifications
  • Active mentorship program
  • World-class career platform
  • Fulltime
Read More
Arrow Right

Senior Information Security GRC Specialist

Join a leading company as a Senior Information Security GRC Specialist, where yo...
Location
Location
Saudi Arabia
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge and experience with NCA regulations
  • Strong experience in Essential Cybersecurity Controls (ECC)
  • Advanced understanding of information security frameworks and standards
  • Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management
  • Excellent communication and interpersonal skills for collaborating with various stakeholders
  • Strong project management skills for handling security initiatives
  • Advanced familiarity with legal and compliance aspects related to information security
  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred
Job Responsibility
Job Responsibility
  • Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies
  • Develops and maintains security policies, standards, and procedures
  • Collaborates with legal and compliance teams to ensure adherence to regulatory requirements
  • Provides guidance and support to junior GRC team members
  • Assists in the creation and delivery of security awareness and training programs
  • Participates in security incident response activities as needed
  • Contributes to the continuous improvement of the information security program
  • Assists in policy management and refinement
  • Performs any other related task as required
  • Closing gabs on key findings during internal audits and evidence validation
What we offer
What we offer
  • Flexible, hybrid working model
  • Access to various wellness initiatives and health benefits tailored to individual needs
  • Competitive leave policies
  • Competitive salary plus a bonus or commission plan
  • Access to unrestricted courses, learning programs and professional certifications
  • Active mentorship program
  • World-class career platform
  • Fulltime
Read More
Arrow Right

Senior Business Information Security Specialist

The InfoSec team at JET is scaling its security partnership and vendor assurance...
Location
Location
United Kingdom
Salary
Salary:
Not provided
justeattakeaway.com Logo
Just Eat Takeaway.com
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated ability to execute security risk assessments and vendor reviews end-to-end, including evidence collection, gap analysis, and documented findings
  • Working knowledge of security frameworks such as NIST CSF, ISO 27001, or CIS Controls applied in a product or engineering context
  • Ability to communicate security risk clearly to both technical and non-technical audiences, without defaulting to jargon or compliance-speak
  • Familiarity with GRC concepts including risk management, controls design, and third-party assurance, gained through hands-on practice rather than solely policy work
  • Comfort working across multiple teams and geographies in a fast-moving environment, managing competing priorities without losing accuracy or rigour
Job Responsibility
Job Responsibility
  • Execute vendor security assessments by collecting, analysing, and documenting supplier control evidence, audit reports, and risk findings against defined frameworks including ISO 27001 and NIST CSF
  • Identify and document third-party security risks, recommending proportionate risk treatment options aligned to JET's risk appetite
  • Support threat modelling, secure design reviews, risk remediation recommendations and early-stage risk assessments alongside engineering teams as part of the secure development lifecycle
  • Translate security findings into clear, business-aligned risk language for product and stakeholders, reducing reliance on technical jargon
  • Maintain accurate risk registers, vendor assessment records, and reporting inputs that feed into executive-level risk dashboards
  • Build working relationships with business and technology teams across multiple markets, acting as a visible and trusted point of contact for security guidance
  • Fulltime
Read More
Arrow Right

Senior Information Security Specialist

SmartRecruiters is looking for a Senior Information Security Specialist to join ...
Location
Location
Poland
Salary
Salary:
Not provided
smartrecruiters.com Logo
SmartRecruiters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Hands-on experience with incident response - including participation in security incident investigations, containment, and post-mortem processes
  • Solid understanding of controls auditing principles and evidence management
  • Technical understanding of cloud infrastructure (AWS preferred), networking fundamentals, identity management, and SaaS security architectures
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
Job Responsibility
Job Responsibility
  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right

Cloud Security GRC Specialist

Meta's Security Governance, Risk and Compliance function (Security GRC) serves a...
Location
Location
United States , Bellevue
Salary
Salary:
153000.00 - 209000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years experience in information security and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management)
  • Demonstrable familiarity with key Cloud Security, Risk Management and Compliance concepts
  • 4+ years of experience in hands on security, with at least one of the major CSPs (AWS, GCP, Azure)
  • Experience in a GRC function overseeing Cloud implementations at scale
  • Experience in designing and implementing control frameworks
  • Experience in assessing security deficiencies in information systems and recommending mitigating controls in a corporate environment
  • Familiarity with compliance frameworks and regulatory requirements such as NIST, CSA CCM, ISO-27001, ISO27018, SOC2, GDPR, EECC, eDP, NIS2, and other relevant structures
  • Bachelor's Degree in Computer Science, Information Systems, Engineering, Cybersecurity or related field or equivalent experience
Job Responsibility
Job Responsibility
  • Lead significant programs of work across various levels of cross-functional (XFN) teams in Cloud Security and Cloud GRC areas
  • Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact
  • Design, implement, and/or assess security controls and frameworks
  • Implement maturity frameworks across multiple programs factoring in emerging regulations and proactive detection of risks
  • Assess and document emerging regulatory impact on established policy and control frameworks
  • Identify, communicate, and collaborate with relevant stakeholders within one or more teams to drive impact and work toward mutual goals
  • Establish learnings, best practices, standardized frameworks and tools across GRC and related teams
  • Develop detailed program/project plans in partnership with cross-functional teams
  • Identify opportunities for information sharing, process improvement and automation
  • Support business travel on an as needed basis (up to 10%)
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Information Security Governance, Risk and Compliance Specialist

The Information Security Governance, Risk and Compliance (GRC) Specialist is a s...
Location
Location
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP desirable
  • Seasoned experience in information security or related roles
  • Seasoned exposure to risk assessment, compliance, security awareness, or policy development is beneficial
  • Seasoned familiarity with information security frameworks and standards
  • Seasoned understanding of risk assessment methodologies, compliance, and policy development
  • Strong communication and interpersonal skills for effective collaboration
  • Strong attention to detail and ability to follow established processes
  • Seasoned project management skills for coordinating security initiatives
Job Responsibility
Job Responsibility
  • Assists in conducting risk assessments and vulnerability assessments
  • Contributes to the development and maintenance of security policies and procedures
  • Collaborates with internal stakeholders to ensure compliance with industry standards and regulations
  • Participates in security awareness and training initiatives
  • Supports incident response activities and investigations as required
  • Monitors and reports on security compliance metrics
  • Assists in the implementation of security controls and best practices
  • Stays updated with emerging security threats and trends
  • Performs any other related task as required
  • Fulltime
Read More
Arrow Right

Senior Information Security Governance, Risk and Compliance Specialist

The Senior Information Security Governance, Risk and Compliance (GRC) Specialist...
Location
Location
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field
  • Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred
  • Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred
  • Advanced experience in information security, including GRC-related roles
  • Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management
  • Advanced understanding of information security frameworks and standards
  • Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management
  • Excellent communication and interpersonal skills for collaborating with various stakeholders
  • Strong project management skills for handling security initiatives
  • Advanced familiarity with legal and compliance aspects related to information security
Job Responsibility
Job Responsibility
  • Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies
  • Develops and maintains security policies, standards, and procedures
  • Collaborates with legal and compliance teams to ensure adherence to regulatory requirements
  • Provides guidance and support to junior GRC team members
  • Assists in the creation and delivery of security awareness and training programs
  • Participates in security incident response activities as needed
  • Contributes to the continuous improvement of the information security program
  • Assists in policy management and refinement
  • Performs any other related task as required
  • Fulltime
Read More
Arrow Right