Information Security GRC Specialist

We’re the world’s leading sports technology company, at the intersection between sports, media, and betting. More than 1,700 sports federations, media outlets, betting operators, and consumer platforms across 120 countries rely on our know-how and technology to boost their business.

Sport connects us. It brings people together from around the world to share in unforgettable moments. At Sportradar, we harness this power to shape the future of sports technology. Our Information Security GRC team plays a critical role in protecting the trust and integrity that underpins our services.

We are seeking a skilled and dedicated Information Security GRC Specialist to help drive the maturity of our Information Security Management System (ISMS), lead initiatives across risk and compliance domains, and strengthen third-party risk and business continuity capabilities.

Sportradar is a global company. The role is hybrid with three office days per week and can be based in the following locations: Trondheim, London or Warsaw.

THE CHALLENGE:

As an Information Security GRC Specialist, you will:

• Collaborate in a dynamic, fast-paced environment, contributing across all key GRC domains.
• Maintain and enhance the ISMS aligned with ISO/IEC 27001 and related standards.
• Develop, implement, and manage information security policies, standards, and procedures.
• Support the organization-wide adoption of security risk management frameworks (e.g., ISO 27001, NIST CSF).
• Lead or support third-party risk assessments and help evolve our third-party risk management practices.
• Partner with business units and technical teams to embed risk and compliance into everyday operations and projects.
• Facilitate security awareness and training initiatives to foster a strong security culture.
• Optionally contribute to the development and maintenance of our Business Continuity Management (BCM) framework

YOUR PROFILE:

• Hands-on experience in information security governance, risk, and compliance.
• In-depth knowledge of information security frameworks and standards such as ISO/IEC 27001 and SOC 2.
• Practical experience in managing and maintaining an ISMS, including audits and evidence collection.
• Demonstrated ability to conduct or coordinate third-party risk assessments.
• Familiarity with GRC tools and methodologies.
• Strong written and verbal communication skills, capable of working cross-functionally with technical and non-technical teams.
• Preferred: Experience or understanding of Business Continuity Management (BCM).
• Professional certifications such as CISSP, CISA, CRISC, or similar are highly desirable.