Specialist Information Security

• Support the Information Security & Risk Manager in developing, maintaining, and operating both the AIMS and ISMS , including AI governance implementation by ISO/IEC 42001, and ISO/IEC 27001 continuous improvement activities
• Coordinate internal and external audits by preparing, maintaining, and reviewing ISMS- and AIMS‑related controls, evidence, and remediation actions
• Perform initial security and AI risk /impact assessments and contribute to enhancing SIG’s IT Risk Management processes within the Risk Management Portal
• Conduct supplier security assessments and support the procurement process for supplier qualification, including AI‑related vendor and tool risk evaluations
• Perform initial security assessments for critical IT and AI‑related projects, providing security requirements, risk mitigation guidance, and alignment with SIG’s ISMS and AIMS controls
• Evaluate AI use cases, integrations, and tools under AIMS and ensure regulatory compliance, including alignment with the EU AI Act, NIS2, data protection requirements, and other applicable security and AI‑related regulations. This includes conducting AI impact assessments, verifying data classification, and ensuring responsible and secure AI usage
• Support SIG’s Security Governance Framework by maintaining policies, procedures, and technical standards across ISMS and AIMS, ensuring documentation is up-to-date, aligned with global governance requirements, and consistently implemented across regions

• Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
• 3+ years of hands-on experience in the Information Security or IT governance domain
• Foundational understanding of ISO 27001, ISO 42001, AI governance frameworks, and emerging regulatory requirements (e.g., EU AI Act, NIS2, GDPR)
• Knowledge of ISMS (ISO 27001) requirements, control frameworks, and audit processes
• Knowledge of AIMS (Artificial Intelligence Management System) concepts such as AI lifecycle governance, data classification, AI risk assessment, and responsible AI principles
• Familiarity with legal and regulatory requirements, including GDPR, EU AI Act, NIS2, and other security or AI‑related compliance standards
• Knowledge of risk management methods, including risk identification, assessment, and mitigation techniques
• Awareness of the operational impacts and business risks caused by cybersecurity or AI‑related incidents
• Understanding of how ISMS and AIMS controls integrate with IT and business processes, including policy management, governance workflows, and audit readiness
• Experience supporting compliance initiatives or regulatory readiness activities (e.g., audit preparation, evidence collection, control documentation)
• Results-driven, self‑motivated, and able to work independently with minimal supervision

Professional certifications such as ISO/IEC 42001 Lead Implementer, ISO 27001 Lead Implementer, ISO/IEC 42001 Lead Auditor, CISA, CISM, CompTIA Security+, Certified AI Governance Professional (CAIGP), or equivalent are preffered but not mandatory

• Competitive compensation
• Opportunity to partially work from home
• Part of a globally successful international company
• Personal development opportunities
• Trainings and coaching opportunities from senior team members