GRCAnalyst

**Do you have the drive and ambition to help shape a brighter future?** * Ensure effective implementation and continuous implementation of policies and procedures. * Maintain and improve Governance, Risk, and Compliance (GRC) programs to stay aligned with legal, regulatory and contractual requirements. * Conduct third party risk assessments. * Performs risk assessments and control testing for IT systems. * Lead ongoing information security training and awareness programs to strengthen organizational security culture. * Facilitate collaboration with IT and other departments to integrate security measures into all business processes. * Coordinate Business Impact Assessments and risk assessments to identify vulnerabilities and update mitigation strategies as necessary. * Provide up-to-date security reports to the CISO and other stakeholders. **What are we looking for?** * Bachelor’s degree or higher in Information Security, Computer Science, or a related field. * Minimum 5 years of experience in information security management, cybersecurity governance, or risk management. * Relevant certifications such as CISSP, CRISC, CISA, or similar are preferred. * Experience working with various security frameworks and standards like **ISO27001 & CIS18 and ITGC**. * Experience with regulatory areas likes NIS2, GDPR and AI Act is preferred * Hands-on experience with GRC platforms (e.g., Audit Board, ServiceNow GRC). * Strong understanding of IT risk, compliance processes, and audit readiness. * Project leadership and strong communication skills. * Strong proficiency in English, both written and verbal. * Experience in developing and conducting security training and awareness programs is an advantage. **Can you balance ambition with care for your colleagues?** * You’ll join our Digital Group Information Security global team. * You’ll enjoy professional development and progression in a growing global company where we inspire and collaborate to build a brighter future together. * You