Information Security Risk Manager (f/m/d)

Awin Global · WorkFromHome, Lombardia, Italia · · 90€ - 110€

Descrizione dell'offerta

Overview

Senior Information Security GRC Specialist (f/m/d) at Awin Global . The role leads and matures Awin’s global Information Security Governance, Risk, and Compliance (GRC) function by driving effective risk management, ensuring alignment with international frameworks and local regulatory requirements, and embedding a strong security governance culture across the business. This position acts as a senior advisor on security risks, supports strategic decision-making through risk insights, and ensures that internal control frameworks are robust and business-enabling.

Responsibilities

  • Own and evolve Awin’s global information security risk management frameworks, ensuring alignment with international frameworks and relevant regulations.
  • Lead enterprise-level security risk assessments for strategic projects, transformation initiatives, and third-party engagements, providing executive-ready recommendations.
  • Manage the Information Security Risk Registers within the Hyperproof GRC platform.
  • Act as a senior advisor to the business on security risk posture, facilitating regular risk assessments, defining risk treatment plans, and maintaining the enterprise and tactical risk registers.
  • Act as a key point of contact for internal and external stakeholders on security matters.
  • Provide strategic oversight of the internal control framework rollout, partnering with senior stakeholders and regional teams to embed governance principles and ensure consistent risk mitigation across business units.
  • Lead the security input to enterprise risk discussions, participating in governance forums and presenting key risks and mitigations to senior management and the board.
  • Influence and support the integration of security-by-design principles into Product and Technology teams.
  • Oversee the development and maintenance of incident response frameworks, including tabletop exercises and post-incident reviews, ensuring lessons learned are institutionalised.
  • Stay abreast of evolving regulatory and threat landscapes, translating external developments into actionable internal strategy and control adjustments.
  • Mentor and guide GRC team members, fostering professional development, high performance, and a collaborative culture.
  • Set KPIs and lead reporting of security governance and risk metrics to demonstrate programme effectiveness and drive continuous improvement.
  • Represent GRC interests in cross-functional initiatives, ensuring security is embedded early and appropriately throughout the business lifecycle.

Qualifications

  • 5+ years of experience in an Information Security or IT Risk/Compliance role within a GRC function.
  • 2+ years of experience as a lead or senior GRC professional.
  • Proven experience working within an ISMS environment certified to ISO 27001.
  • Strong experience conducting and presenting security risk assessments to senior leadership and boards.
  • Solid understanding of security frameworks and standards: ISO 27001, NIST CSF, CIS, GDPR.
  • Demonstrated success in designing or overseeing internal control frameworks (e.g. ISO 27001, NIST CSF).
  • Certifications such as CISSP, CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer.
  • Excellent written communication and documentation skills.
  • Strong attention to detail with a methodical and analytical mindset.
  • Strong stakeholder management skills with the ability to engage and influence at senior levels (up to board/C-level).
  • Ability to collaborate across departments and build stakeholder trust.
  • Proactive and adaptable; comfortable working in a fast-paced, changing environment.
  • Demonstrates a project-oriented mindset with the ability to prioritise and manage competing tasks.

Our Offer

  • Flexi-Week and Work-Life Balance: a four-day Flexi-Week at full pay with no reduction to annual holiday allowance, plus various paid special leaves.
  • Flexi-Office: international culture and flexibility through Flexi-Office and hybrid/remote work.
  • Health & Well Being: access to initiatives and sports offers to support mental and physical well-being.
  • Development: Awin Academy with trainings to support professional and personal development.
  • Remote Working Allowance: monthly allowance for running costs and support for setting up a remote workspace.
  • Appreciation: peer-to-peer voucher program to recognise colleagues.
  • Additional benefits available in multiple countries; discussed with talent team at initial interview.

Established in 2000, Awin is proud of a dynamic, social, and inclusive culture. We encourage diversity and inclusion and welcome all backgrounds, identities, and experiences. If you need support during the application or interview process, please let us know.

Job Details

  • Seniority level: Mid-Senior level
  • Employment type: Full-time
  • Job function: Information Technology
  • Industries: Advertising Services

#J-18808-Ljbffr
Candidati ora Torna all'elenco

Candidati o Torna Indietro

Candidati ora Torna all'elenco