Cybersecurity – Governance, Risk & Compliance (GRC) Expert

Cybersecurity – Governance, Risk & Compliance (GRC) Expert

Posted Today by K2 Partnering

Apply
Negotiable
Undetermined
Remote
Remote in the European Union
Apply
Business Process Control Framework Cyber Risk Cyber Security Digital Technology Enterprise Risk Management (ERM) External Auditing Governance Risk Management And Compliance Internal Auditing Internal Controls Management Management Process Milestones (Project Management) Risk Management

Summary: The role of Cybersecurity – Governance, Risk & Compliance (GRC) Expert involves supporting an organization through a significant increase in cybersecurity activities by taking ownership of key milestones. The position requires an experienced contractor to manage complex initiatives, including the design of an internal control framework and compliance with regulatory expectations. The expert will ensure continuity and maintain the quality of risk management processes. This is a full-time, remote position based in Europe for a duration of 6 months, starting as soon as possible.

Key Responsibilities:

  • Lead cyber risk assessments and control reviews, identifying gaps and driving remediation through to closure.
  • Act as a bridge between GRC and technical teams, confidently challenging and validating control design and implementation.
  • Own and maintain the Internal Control Framework, ensuring it remains relevant and up to date, and act as the focal point for internal controls within Digital Technologies, including coordination with external auditors.
  • Drive the implementation of new controls to ensure compliance with regulations the company is subject to Contribute to enhancing security policies and standards aligned to ISO 27001 and NIST.
  • Partner with Digital Technology, Enterprise Risk Management, Legal & Compliance, and Internal Audit to embed security into business processes and decision-making.

Key Skills:

  • Knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIS2, ISO 27001, GDPR). Professional certifications is a plus.
  • Proven experience in cybersecurity GRC, risk management, compliance, ISO implementation and audits;
  • Ability to work collaboratively and lead initiatives related to cybersecurity governance, risk management, compliance, and ISO standards;
  • Strong analytical and problem-solving skills;
  • Excellent communication and interpersonal skills;
  • Strong problem-solving and analytical skills;
  • Experience in consulting industry and professional certifications are a plus

Salary (Rate): undetermined

City: undetermined

Country: undetermined

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Location

Remote from Europe

Timeline & Workload Duration

6 months starting asap

Workload

Full time

To support the organisation through a significant spike in cybersecurity activities, we require a dedicated specialist who can immediately take ownership of key milestones. The volume and complexity of ongoing initiatives — including the design of the extended internal control framework, implementation of streamline SIP process and the preparation for upcoming regulatory and audit expectations — exceed the capacity of the current team. Bringing in an experienced contractor will ensure continuity, maintain momentum, and allow us to deliver these critical deliverables on time while safeguarding the quality and consistency of our risk management processes.

Responsibilities:

  • Lead cyber risk assessments and control reviews, identifying gaps and driving remediation through to closure.
  • Act as a bridge between GRC and technical teams, confidently challenging and validating control design and implementation.
  • Own and maintain the Internal Control Framework, ensuring it remains relevant and up to date, and act as the focal point for internal controls within Digital Technologies, including coordination with external auditors.
  • Drive the implementation of new controls to ensure compliance with regulations the company is subject to Contribute to enhancing security policies and standards aligned to ISO 27001 and NIST.
  • Partner with Digital Technology, Enterprise Risk Management, Legal & Compliance, and Internal Audit to embed security into business processes and decision-making.

Required Skills and Experience:

  • Knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIS2, ISO 27001, GDPR). Professional certifications is a plus.
  • Proven experience in cybersecurity GRC, risk management, compliance, ISO implementation and audits;
  • Ability to work collaboratively and lead initiatives related to cybersecurity governance, risk management, compliance, and ISO standards;
  • Strong analytical and problem-solving skills;
  • Excellent communication and interpersonal skills;
  • Strong problem-solving and analytical skills;
  • Experience in consulting industry and professional certifications are a plus

Skills

  • Proven experience in cybersecurity GRC, risk management, compliance, ISO implementation and audits
  • Security risk asessment
  • Knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIS2, ISO 27001, GDPR). Professional certifications is a plus.
  • Proven experience in cybersecurity GRC, risk management, compliance, ISO implementation
  • Internal Controls Expert

Apply
Similar Jobs
Loading data...