GRC Security Expert

Playtech

Define, establish and implement organizational information security processes, to ensure business, regulatory, legislative and contractual requirements and obligations are met.
Manage the internal and external ISMS audit processes, monitor effectiveness of controls and corrective actions in cooperation with the stakeholders across the organization.
Manage gap analysis, compliance readiness, and compliance monitoring activities for ISO/IEC 27001, PCI DSS and other regulatory security audits.
Coordinate external security audits, assessments and testing as well as remediation plans development and implementation.
Identify, assess and monitor information security risks and recommend mitigation measures.
Develop content, coordinate and facilitate a comprehensive organizational information security awareness training program.
Manage security requirements with third parties, including due diligence of products and services providers and information security requirements clauses in service provision agreements and contracts.
Develop, coordinate and maintain information security policies, procedures and other security related documents.
Analyse, map and communicate information security requirements, that derive from legislative and regulatory obligations in various jurisdictions.
Serve as project manager/lead within security projects.
Continually improve and update knowledge to accommodate changes to the company’s regulatory environment and needs.

Proven experience (3+ years) across security governance, risk and compliance domain
Strong communication skills and ability to interact professionally with a diverse group including executive management, managers and subject matter experts
Have strong management skills, leading people, delegating tasks, setting goals and ensuring objectives are met in continuous and deadline-oriented activities
Experience in leading PCI DSS ISO 27001:2022 and SOC/ISAE402 certification and surveillance audits as well as leading and supporting information security risk assessments and management process
Bachelor’s Degree in Information Security, Information Assurance, Computer Science, Cybersecurity, Risk Management or equivalent work experience
Professional certification (CISSP/CISM and ISO 27001 Lead Implementer/Auditor or similar)
A pro-active, self-motivated approach and ability to work independently within a global security team.
Very good written and spoken English

Prior experience working within a SaaS/Online Gambling organization
Technical experience in IT infrastructure, networks, databases, or software development.

Don't forget to mention EuroTechJobs when applying.

Share this Job