As a Senior Security and Risk Management Professional, you will be responsible for leading internal and external information security audits.
Key Responsibilities
* Develop and implement audit plans to ensure compliance with relevant frameworks and standards.
* Oversee the audit process, review findings, and provide practical recommendations to stakeholders.
* Collaborate with cross-functional teams to drive remediation and evidence collection.
Conduct control testing and risk assessments across critical systems and processes. Partner with control owners to drive remediation and compliance-by-design.
Contribute to policy development, procedure implementation, and compliance reporting to leadership. Collaborate with cross-functional teams to deliver scalable governance, risk, and compliance solutions.
Requirements
* Proven track record in IT audit, information security, and risk management.
* Strong knowledge of frameworks such as ISO 27001, NIST 800-53, SOC 2, COSO, or HITRUST.
* Experience with regulatory requirements (e.g. GDPR).
Proficiency in GRC tools and control testing. Strong analytical, organisational, and communication skills. Relevant certifications (CISA, CISM, CRISC, CISSP) are desirable.
A degree in Computer Science, Engineering, or a related field is required (or equivalent experience).