Enterprise Information Security Specialist

We are seeking an experienced Information Security Specialist with a deep understanding of the ISO2700 series standards, knowledge of DORA and NIS2 regulatory frameworks, and a proven track record of building and sustaining a strong risk management culture.

The Enterprise Information Security Specialist is placed in the Enterprise Security team, headed by the CISO.

As our Enterprise Information Security Specialist you will be responsible for designing, implementing, and maintaining comprehensive security strategies that safeguard our information assets and ensure compliance with evolving regulatory requirements.

Your responsibilities:

• Security Framework Management:
• Continuous development, implementation, and maintenance of an information security management system based on ISO2700 best practices.
• Ensure continuous alignment with DORA and NIS2 directives, monitoring for updates and adjusting policies, as necessary.
• Risk Management & Compliance:
• Develop and enforce a risk management framework that promotes a strong security culture across the organization.
• Perform regular risk assessments, identify vulnerabilities, and design mitigation strategies.
• Collaborate with cross-functional teams to ensure that security measures are integrated into business operations and projects.
• Policy & Procedure Development:
• Create, update, and disseminate security policies, procedures, and guidelines to ensure compliance with internal standards and external regulatory requirements.
• Provide training to enhance awareness of information security best practices within the organization.
• Stakeholder Collaboration:
• Work closely with Line of Business, legal, risk management, and executive leadership to integrate security practices across all areas of the business.
• Serve as point of contact for internal and external audits related to information security.

Your qualifications and experience:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• Extensive hands-on experience with ISO2700 standards and proven expertise in applying these frameworks within an enterprise environment.
• Solid understanding of DORA and NIS2 regulations.
• Demonstrated experience in establishing and nurturing a proactive risk management culture.
• Professional certifications such as CISSP, CCSP, CISM, or equivalent are highly desirable.
• Strong analytical and problem-solving abilities.
• Strong project management skills.
• Excellent communication skills, with the ability to translate complex technical concepts into business insights.
• Proven ability to work collaboratively in a fast-paced, dynamic environment.
• Detail-oriented with a commitment to continuous improvement and staying updated on the latest industry trends and regulatory changes.
  

If you are passionate about creating a secure environment and thrive on building robust risk management practices in a dynamic, regulatory-driven landscape, we encourage you to apply.