Senior Information Security GRC Specialist - Remote

Overview

The Senior Information Security GRC Specialist will lead and mature Awin’s global Information Security Governance, Risk, and Compliance (GRC) function by driving effective risk management, ensuring alignment with international frameworks and local regulatory requirements, and embedding a strong security governance culture across the business.

In Short

• Own and evolve information security risk management frameworks.
• Lead enterprise-level security risk assessments.
• Manage Information Security Risk Registers.
• Act as a senior advisor on security risk posture.
• Provide strategic oversight of internal control frameworks.
• Lead security input to enterprise risk discussions.
• Influence integration of security-by-design principles.
• Oversee incident response frameworks.
• Stay updated on regulatory and threat landscapes.
• Mentor GRC team members.

Requirements

• 5+ years in Information Security or IT Risk/Compliance.
• 2+ years as a lead or senior GRC professional.
• Experience with ISO 27001.
• Strong experience in security risk assessments.
• Understanding of security frameworks: ISO 27001, NIST CSF, CIS, GDPR.
• Certifications such as CISSP, CISA, CISM.
• Excellent written communication skills.
• Strong attention to detail.
• Strong stakeholder management skills.
• Proactive and adaptable in a fast-paced environment.

Benefits

• Flexible four-day work week.
• Hybrid/remote work possibilities.
• Support for mental and physical well-being.
• Extensive training suite for professional development.
• Monthly remote working allowance.
• Peer-to-peer appreciation program.
• Diverse team culture and inclusivity.