Security Governance Risk Compliance Officer

Sei unter den ersten Bewerbenden.
Nur für registrierte Mitglieder
Lugano
CHF 90’000 - 120’000
Sei unter den ersten Bewerbenden.
Vor 2 Tagen
Jobbeschreibung

For a first-class company, we are looking for a Security GRC Officer:

Requirements / Skills

The SGRC Officer is part of the team responsible for delivering governance, risk management, and compliance elements of the information security strategy. This includes creating information security policies, managing information security risks, providing training, and reviewing information security procedures.

Typical Duties and Responsibilities

Implement security controls, risk assessment frameworks, and programs that align with regulatory requirements, ensuring documented and sustainable compliance that supports the company's business objectives.

The Security GRC Officer will develop, implement, and maintain security governance, risk management, and compliance strategies to protect the organization's information assets. This role requires expertise in regulatory frameworks, risk assessments, and policy enforcement to ensure compliance with industry standards and cybersecurity best practices.

Key Responsibilities :

  1. Governance :
  2. Develop and maintain security policies, standards, and frameworks in line with industry best practices (e.g., ISO 27001, NIST, PCI-DSS).
  3. Ensure alignment of security governance with regulatory and business objectives.
  4. Work closely with internal and external auditors to support compliance audits and assessments.
  5. Identify, assess, and mitigate security risks across IT and business functions.
  6. Conduct risk assessments and implement control measures to protect critical assets.
  7. Develop and maintain the organization's risk register, ensuring timely reporting and risk mitigation.
  8. Collaborate with stakeholders to improve the organization's security risk posture.
  9. Compliance :
  10. Ensure compliance with local and international banking regulations (e.g., GDPR, PSD2, SWIFT CSP).
  11. Monitor changes in security regulations and update policies accordingly.
  12. Conduct security awareness programs and training for employees.
  13. Manage security incidents, investigations, and reporting in line with regulatory requirements.

This position is typically office-based with options for remote work (homeworking). It may require on-call availability for incident response.

Qualifications & Experience :

Bachelor's or Master's degree in Cybersecurity, Information Security, Risk Management, or a related field.

Professional certifications such as CISSP, CISM, CRISC, CISA, or ISO 27001 Lead Auditor / Implementer are highly preferred.

Strong knowledge of regulatory requirements, risk frameworks, and control methodologies.

Experience with third-party/vendor risk assessments and audit processes.

Excellent analytical, communication, and problem-solving skills.

Languages : Italian, English (German is a plus).

Folge uns
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Unternehmen
Services
Kostenlose Ressourcen
Support

© JobLeads 2007 - 2025 | Alle Rechte vorbehalten