Information Security Governance, Risk, and Compliance (GRC) Expert (f / m / d)

For our European Headquarters in Frankfurt am Main area (Offenbach) we are looking for an IT professional as :

Information Security Governance, Risk, and Compliance (GRC) Expert (f / m / d)

As a GRC expert, you will become a member of the Security Technology Section. In the role of Governance, Risk, and Compliance (GRC) expert you are overseeing and ensuring that our organization adheres to legal and regulatory standards, manages risks effectively, and maintains ethical governance practices.

Key Responsibilities :

• Establishing and operating an information security management system (ISMS) in accordance with ISO 27001.
• Guiding the company through the certification process or maintaining existing certification.
• Ensuring compliance with internal and external information security requirements, especially in Germany, Automotive Sector, and / or the European Union.
• Developing and implementing effective GRC policies and procedures; Performing the internal audits to ensure the compliance with the applicable standards.
• Managing external audit requests efficiently, ensuring adherence to external standards and regulations.
• Leading and managing GRC-related projects, ensuring timely completion and adherence to company standards and goals.
• Recording and assessing risks and deriving the resulting information security measures and key performance indicators.
• Dealing with and responding to security incidents. Following up with the relevant stakeholders to ensure the timely escalation.
• Advising and supporting management and specialist departments on information security issues.
• Close cooperation with the firm’s security operations department internally and externally.
• Staying updated with the latest GRC practices, laws, and regulations.

Requirements :

• Bachelor’s or Master’s Degree in Computer Science or comparable qualification.
• At least 3-5 years of experience as GRC Analyst / Specialist or similar capabilities.
• Certification ISO 27001 Implementer or Auditor
• Knowledge of the European legal framework such as GDPR / NIS2 and NIST.
• Comprehensive knowledge of relevant IT service regulatory requirements and compliance standards, including GDPR, HIPAA, or other regional laws as applicable.
• Fluent in English (spoken & written).

Nice to have :

• CISA or CISM or CISSP

Offer & Benefits :

• Flexible working time and a hybrid working model.
• Work in an international team and versatile environment
• Varied tasks with exciting and challenging IT projects
• Function-specific, personal, and technology training
• Attractive salary and excellent compensation and benefits package, including free lunch (as lunch vouchers or in the canteen), a free monthly ticket for public transportation and Gympass to support your wellbeing.
• Relocation support

About us

Hyundai AutoEver Europe GmbH (HAEE) is a fully-owned subsidiary of the Hyundai & KIA Motor Group with its Headquarters in Seoul (South Korea). HAEE has its European Headquarters in Germany and affiliates in Slovakia and the Czech Republic.

We provide IT services that support the innovation and the IT competitiveness of the Hyundai and KIA Motors companies in various European countries, in areas like sales and manufacturing system development, implementation, and operation.

Follow us

https : / / www.linkedin.com / company / hyundai-autoever-europe-gmbh /

Are you IT-driven?

Embrace challenge and diversity and become part of our team!