Information Security Officer - Governance, Risk And Compliance

What you can expect Our client  is a prominent financial marketplace operating across multiple countries in Europe. It facilitates the trading of various financial instruments such as stocks, derivatives, commodities, and exchange-traded funds. What you will be doing Assist in implementing and maintaining the Information Security Programme. Assist efforts to align internal security practices with industry best practices and security frameworks. Stay updated on the threat landscape and adjust/draft solution designs accordingly. Provide timely and accurate reporting on the current state of all assigned projects/initiatives. Track policy and standards exceptions along with associated risks. Stay informed about new risks and trends in the threat landscape to address them within information security policies, procedures, and standards. Demonstrate broad knowledge of security compliance and auditing frameworks and apply them to formulate policies, procedures, and standards. Deliver ongoing security awareness and training through various tools and workshops. Own and oversee all controls owned by InfoSec, including being the approval point for all change efforts impacting such controls. What you will bring 5+ years of experience in a specific Information security role (e.g., related ISO 27001 consultant/projects). Experience within the financial sector will be advantageous. Proven experience working in a team environment. Established background in Information Security Risks processes and IT/Information Security Audit. Strong background and knowledge of implementing international security standards and frameworks such as ISO27001, ISO27002, ISO27005, NIST, Cobit 5, etc. Ability to deliver security education and awareness training sessions and materials. Excellent written/verbal communication skills and organizational skills. Capability to work well under pressure, prioritize workload appropriately, and work independently or as part of a team. Ability to adapt to changing priorities while multitasking effectively and to articulate complex security and privacy concepts to business users. Professional communication skills with clients. Working/technical knowledge of IT infrastructure and security-specific controls. Security industry certifications are a plus, such as CISA, CISM, CRISC, CGEIT, Cobit 5, ISO 27001, or other security/ISO-related certifications.